• baseless_discourse@mander.xyz
    link
    fedilink
    arrow-up
    18
    arrow-down
    1
    ·
    edit-2
    6 months ago

    This is a violation of GDPR, no?

    EDIT: user created content is not directly protected under GDPR, only personally identifiable data is pertected under GDPR.

    • lemmyreader@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      16
      ·
      6 months ago

      Dunno. GDPR is a Europe only thing, and isn’t it only related to how your private data (like name, IP address, phone number) is cared about ?

      • AccountMaker@slrpnk.net
        link
        fedilink
        arrow-up
        7
        ·
        6 months ago

        Right, I think it only covers personal information: companies can only collect what they need to run their service, users can request to see their data etc. I don’t think it applies to comments and posts.

      • Captain Beyond@linkage.ds8.zone
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        I would certainly hope so. Stack Overflow content is Creative Commons licensed, so the argument is basically that the GDPR would take precedence over the CC license grant. It’d be scary if GDPR could be weaponized against forks of free software projects in this manner.

        • flux@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          6 months ago

          Would that kind of provision allow me to have my code removed from a git repository history, if that git repository is hosted by a company?

          • interdimensionalmeme@lemmy.ml
            cake
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            As long as you didn’t give those rights by signing a CLA or a copyleft license. Never sign a CLA unless you’re fully compensated.

          • baseless_discourse@mander.xyz
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            6 months ago

            I am not a lawyer, but I believe in general, yes.

            Git is not even that convoluted, as all the history is stored in the .git folder within the repo. Unless there is some convoluted structure built on top, they would only need to move the repo folder to a trash disk, waiting to be formated.

            That being said, GDPR is somewhat poorly enforced at the moment, unfortunately. I don’t know if you can sue the company and expect some result within couple of years.

        • WldFyre@lemm.ee
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          6 months ago

          Doesn’t that just mean the data would have to be anonymized ?

          • baseless_discourse@mander.xyz
            link
            fedilink
            arrow-up
            3
            ·
            6 months ago

            I am not a expert or a lawyer, but I believe user actually hold the right to completely erase personal data:

            The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay

            https://gdpr.eu/right-to-be-forgotten/

            Note the word “erasure” as opposed to “anonymize”

            • WldFyre@lemm.ee
              link
              fedilink
              arrow-up
              5
              ·
              6 months ago

              I don’t think that addresses my point. Is my opinion on the new Star Wars movies that I post online or some lines of code I suggest “personal data”? I thought personal data had a specific definition under GDPR

              • nefonous@lemmy.world
                link
                fedilink
                arrow-up
                5
                ·
                6 months ago

                You’re totally right, the content of your posts is not considered personal data (because it isn’t) It’s more about profiling data that can be connected back to your actual person

              • baseless_discourse@mander.xyz
                link
                fedilink
                arrow-up
                3
                ·
                6 months ago

                I think you are right, user generated content doesn’t seem to be protected. This is surprising to me, as user should hold the right to their content, which in my mind should enjoy stronger protection than personal data.

              • Spaenny@discuss.tchncs.de
                link
                fedilink
                arrow-up
                2
                ·
                6 months ago

                Technically, they could retain posts from users if they are irreversibly anonymized. However, ensuring with 100% certainty that none of your posts ever contained any personal data that could lead to the identification of you as an individual is challenging. The safest option is therefore to also delete your posts.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      How does GDPR get away with not defining what a website is when referring to them directly in the law? Like what counts, only html? http? ftp? gopher?