fsebugoutzone.org:9999

       Post APrJfkWFfMyZVKUcXw by xanny@codeine.world
 (DIR) More posts by xanny@codeine.world
 (DIR) Post #APrJfiHI01oqYLTdwm by anseljh@law.builders
       2022-11-22T09:10:53Z
       
       0 likes, 0 repeats
       
       Here&#39;s an interesting California #Privacy law data point from my little hobby Mastodon instance with ~70 users. There are already 97,531 rows in the &quot;accounts&quot; table in the database. One of the big criteria for being in-scope for #CCPA is if you &quot;receive[]...the personal information of 50,000 or more [California] consumers&quot;. You still need to otherwise qualify as a for-profit business (simplifying!) but yikes.Criteria summarized by California Privacy Protection Agency:https://cppa.ca.gov/faq.html
       
 (DIR) Post #APrJfinC5PL89IP7g0 by mikarv@someone.elses.computer
       2022-11-22T09:25:00Z
       
       0 likes, 0 repeats
       
       @anseljh mastodon instances in europe of any size that aren’t used solely for family and friends are governed by the GDPR, but it’s not a difficult set of obligations to meet (almost all are met by default and technical design), because unlike most companies mastodon admins are not trying to do shady data tracking or profiling.
       
 (DIR) Post #APrJfjLw0F83t2erpI by mikarv@someone.elses.computer
       2022-11-22T09:26:49Z
       
       0 likes, 0 repeats
       
       @anseljh most of the difficult parts of meeting the gdpr with a mastodon instance concern just taking a tiny bit of care with the use of other services (email, translation, hosting), and perhaps biggest, thinking about what the legal person is behind your instance (also more of an issue for content liability)
       
 (DIR) Post #APrJfjTNYZ5GG88oQi by anseljh@law.builders
       2022-11-22T09:14:40Z
       
       0 likes, 0 repeats
       
       Here&#39;s the structure of the &quot;accounts&quot; table. I think &quot;display_name&quot; is where most people put their real names, so that&#39;s usually going to qualify as personal information.
       
 (DIR) Post #APrJfjpMEqfHMIQMgi by anseljh@law.builders
       2022-11-22T09:35:41Z
       
       0 likes, 0 repeats
       
       @mikarv Certainly Mastodon&#39;s design is very smart, but a shady admin could do non-compliant shady things with all this data. There are not going to be technical or design solutions to all of this. It&#39;s a world-wide people machine, after all.
       
 (DIR) Post #APrJfkWFfMyZVKUcXw by xanny@codeine.world
       2022-11-22T09:44:19.035840Z
       
       1 likes, 0 repeats
       
       Self-host your own instance. It’s easy.
       
 (DIR) Post #APrJfkfT76Lfxunyue by anseljh@law.builders
       2022-11-22T09:16:02Z
       
       0 likes, 0 repeats
       
       Why are there almost 100K rows in this table if I only have 70 users? I assume this is all the users from other instances that this instance has become aware of through federation. Pretty cool. But that&#39;s a lot of data.
       
 (DIR) Post #APrJfl6PUvtpJTPUuG by anseljh@law.builders
       2022-11-22T09:37:42Z
       
       0 likes, 0 repeats
       
       @mikarv Will also be interesting to see how hobby instances manage to comply with DSARs—equally relevant to #GDPR and #CCPA. Your software and policies can be great, but it&#39;s really easy to slip up operationally if you don&#39;t have an ops team. 😬