The question is, though: what if you’re delivering services to other users? A one-person server on the Fediverse can be GDPR free, but surely lemmy.world can ignore privacy laws like that.
Article 3 GDPR is straightforward, gdpr will apply.
The real question is how any kind of authority could enforce it ?
Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr…
The same authority that would fine any company or organisation. There may not be much profit involved, but these medium sized Lemmy servers will be processing as much personal information as any medium sized forum or website, so a valid complaint may very well lead to action. At first, I would suspect that “action” here would mean “getting a warning and a set date to get the server’s shit together” before any kind of fine would be applied, but I do wonder how practically possible it is to do so.
Lemmy has millions of users, smaller companies and organisations have been fined before.
The question is, though: what if you’re delivering services to other users? A one-person server on the Fediverse can be GDPR free, but surely lemmy.world can ignore privacy laws like that.
Article 3 GDPR is straightforward, gdpr will apply.
The real question is how any kind of authority could enforce it ? Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr…
The same authority that would fine any company or organisation. There may not be much profit involved, but these medium sized Lemmy servers will be processing as much personal information as any medium sized forum or website, so a valid complaint may very well lead to action. At first, I would suspect that “action” here would mean “getting a warning and a set date to get the server’s shit together” before any kind of fine would be applied, but I do wonder how practically possible it is to do so.
Lemmy has millions of users, smaller companies and organisations have been fined before.