this post was submitted on 22 Jun 2023
10 points (100.0% liked)

Lemmy Administration

64 readers
2 users here now

Anything about running your own Lemmy instance. Including how to install it, maintain and customise it.

Be sure to check out the docs: https://join-lemmy.org/docs/en/administration/administration.html

If you have any problems, describe them here and we will try to help you fixing them.

founded 4 years ago
MODERATORS
10
Privacy Policy (lemmy.ca)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

cross-posted from: https://lemmy.ca/post/821266

So it seems that no instance has published a privacy policy, many users are asking about such a thing (as they should), and much confusion on how federation happens among users AND some admins. I feel this is pretty important to the survival of Lemmy to work out a privacy policy framework.

Yes, the argument that "everything on the internet stays forever" is true, but there is a big distinction between captured copies, and some of the unique data distribution / management issues that come up with a federated service. It is important to inform the user of this distinction. It is also important to inform them how early the development is.

It is going to scare the pants off some users. I'd argue an educated user on an totally public platform is far more safe than an uneducated one on a closed platform, but let the user decide that for themselves. I'd much rather scare the pants off them then have them coming for me once they get caught with their pants down and feel I didn't do enough to warn them. Can you imagine hundreds of thousands of pantless lemmings with pitchforks coming for you? Not a pretty image.

I AM NOT A LAWYER, but I have created a template based on the Mastodon privacy policy if anyone wants a basic framework to start from:

https://github.com/BanzooIO/federated_policies_and_tos/blob/main/lemmy-privacy-policy.md

I am not overly experienced with instance management yet, but I have done my best to cover all aspects of how data is federated. Please contribute in correcting any errors.

I also feel it is important for admins to disclose the current lack of SSL support in connecting to PostgreSQL and what the local admin has done to mitigate the risk.

Issues on open on the topic of privacy policies here: https://github.com/LemmyNet/lemmy/issues/721 and https://github.com/LemmyNet/lemmy-ui/issues/1347

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 1 year ago (1 children)

This is a valid point. Instances could well face legal backlash from countries that require privacy policies.

The policy itself will also probably sound pretty onerous. The nature if federation means content posted can and will be copied everywhere.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

I have an optional introduction statement I am going to add which might temper it a bit. People are blissfully unaware of how bad current closed platforms are for privacy, the data sharing between them, and what that means for them and society.

Despite some of the open and entirely public aspects of federated services, with some education it is far more private; you are not tracked right from the gateway through all your online (and offline) travels. How you carry yourself during those travels is what gives you control of your privacy.

[–] [email protected] 1 points 1 year ago

Maybe some in admin here can give me some clarity on the subscription privacy. I haven't had time to set up a second dev instance to fully explore yet.

Who potentially sees a users' subscriptions outside their local? Does the remote hosting a community get informed of a user's sub or does it just get informed of a user on instance X is subbed?

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Due to the nature of such an open policy in sharing information (how open federation actually functions) could be frightening for someone uneducated on what privacy totally means, I have created this optional privacy policy introduction that will prime the user for what they are engaging in.

Personally I think everyone should be walking around with no pants, but I’d rather we talk each other’s pants off than scare off, or find our pants removed by surprise.

https://github.com/BanzooIO/federated_policies_and_tos/blob/main/optional-privacy-policy-intro.md

load more comments
view more: next ›