morras

joined 1 year ago
[–] [email protected] 7 points 7 months ago

It's rather the other way around, Word is not 1 to 1 compatible with LibreOffice Writer when it comes to document editing. Writer is far better on that aspect.

[–] [email protected] -3 points 7 months ago

"There also is vestigial cynicism in Paris about public housing after a series of scandals in the 1990s, when some conservative politicians were revealed to be paying cheap rents for luxury city-owned apartments. Today, the city awards public housing through a system that strips the names of applicants and prioritizes them through a points system that factors income and family circumstances."

Purposedly misleading... Cheap-rent luxury appartments for politicians still exist, they just moved from the "public" social housing company to more discret one.

And about the baseline of the article, the famous "mixité sociale", do you know what happens when you mix together people of various social conditions, backgrounds, and education? Troubles.

Been there, done that, never again. This policy is slowly building a time-bomb in french major cities.

[–] [email protected] 2 points 7 months ago

Providing the service is selling groceries, that doesn't require a birth date.

So it's not possible to sneak it under performance of contract. Only Legitimate Interest or Consent could be valid, and you can oppose/retract.

But good readng, please provide our findings, that will save me a reading 😅

[–] [email protected] 3 points 7 months ago (3 children)

What data controller is that?

Very few of them have a valid ground to process your birh date. Do they need it to provide you the service? No? Then they fail the data minimization requirement.

and refusing access right on the ground of the birth day, which they should not have in the first place, is the cherry on the cake.

Send them a letter to tell thel that you are ready to submit a complaint to your regulator (or the lead regulatior), but that you are ready to compromize to save hassle to everybody. A few thousands are always welcome.

But again, this is valid only if the controller have no ground to process birth date. If it provide adult stuff, or legal benefits, etc. it's a different story.

[–] [email protected] 7 points 7 months ago (1 children)

Probable course of action is MSFT implementing a hotfix in the next 3-6 months, that will be nowhere near to address the topic.

Another 2 years of EDPS investigation.

Then MSFT will release another patch 3-6 months after that actually solves the issue.

But in the meantime, they would have implemented another mechanism to spy on users.

Rince and repeat.

[–] [email protected] 2 points 8 months ago (1 children)

Article 3 GDPR is straightforward, gdpr will apply.

The real question is how any kind of authority could enforce it ? Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr...

[–] [email protected] 9 points 8 months ago (3 children)

I’m not so sure about the GDPR status for the Fediverse, I don’t think there’s the law is prepared for “Jerry runs this for people, just for fun”. It’s very much “official organisation” or “money grabbing business” oriented. Someone should fund an actual lawyer to look into this and lay down the real requirements.

I'm working in the gdpr compiance field ;) Using a personnal device to monitor public space doesn't fall under the household exception, this solution even pre-dates the GDPR (https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-12/cp140175en.pdf).

(the case-law is about camera fixed on a private house, but the logic easily translates in a private server grabbing public data).

but when legal compliance comes up, everybody just sticks their fingers in their ears and pretends not to hear you.

Just as you did ^^

[–] [email protected] 12 points 8 months ago (5 children)

No, Lemmy servers are not exempt from GDPR compliance. The household exemption (you are not subject to gdpr for private activities) only applies for purely personnal activities. As soon as a service is offered to someone else, the exemption is no more applicable.

That's one of the drawback about open-source projects, they are designed to fulfill a need (persistent storage & decentralised communication for Lemmy), and no one give a f*ck about legalities.

[–] [email protected] 1 points 8 months ago

Damn... I'm a Linux user that basically hates the MS way of life, but I must admit that they are taking AI seriously AND share their tools. So kudos, please continue !

I shamelessly reused the AI assesment template at work and this RIT will be pushed to some colleagues.

[–] [email protected] 3 points 8 months ago (1 children)

Just to clarify, I'm self-hosting. I'm using neither Proton nor Dropbox.

However, I'm a privacy pro, and I read Privacy Policies on a daily basis (ok.. weekly basis).

The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service). For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.

On this specific aspect, the USA are ahead of EU.

That's all I meant.

If you want to read it as "give your data to the USA", feel free, but that's not what I said.

[–] [email protected] -2 points 8 months ago (3 children)

I was not saying "Dropbox good" or "Proton bad", just correcting a few things about the privacy policy in itself and what it means.

 

Un grand classique, mais que l'on peut placer au bureau.

 

Following the adoption of the Data Privacy Framework, US authorities provide a list of self-certified US companies.

This means a list of companies that are not UP the GDPR standard, and use this framework as a workaround.

view more: next ›