I’m pretty sure we’re all across the recent decision to restrict social media to people aged 16+, but has any thought been put into how we’ll respond to this?
I know we have about a year to figure it all out, but I am worried about the future of aussie.zone. @[email protected] @[email protected] do you have the time to implement something? Do you feel comfortable collecting the required information and managing age verification? Are donations sufficient to allow you to pay some other company to do it for you?
Another option is that we may be able to apply for an exemption from the eSafety Commissioner - but is that an actual option? Do either of you have the ability and time to procure the required documentation and write letters to the commissioner, or whatever else is needed?
Perhaps more importantly; what modifications could even be put in place that would be compatible with Lemmy? Will the instance just shut down?
If worse comes to worst, could another option be disabling signups and banning/removing all users, but keeping the instance open as a remote instance accessible solely through other instances?
Forgive me if I am being cynical and jumping the gun, but I am genuinely concerned that a solution won’t be found, or neither of you will have the time/ability to implement one, forcing aussie.zone to come to a close. I really love our little instance, and it would be a major shame to see it go.
Whatever happens, please don’t just leave us in the dark before eventually pulling the plug on AZ with a couple of days notice (or worse: no notice)
I don’t know the specifics of gpdr, but every site updated their privacy policies when it came in to say they’d change the way they collect data and would provide what they have on users or delete at request.
If that’s all there is to it, then yes. We don’t collect anything on users that isn’t in their profe or settings pages. And yes - you have the power to delete all that yourself.
Yeah, not having ads or selling user information makes it a lot easier to comply with gdpr. Its been a while since I read through it, but from memory, it’s largely around how you have to store user info, deleting PII within a certain timeframe of account deletion, managing inactivity, and providing a way to delete information
The only thing I can think of is that Lemmy does log IPs in a log thing somewhere in the docker files, but they’re not attached to an account that I recall, so I don’t think that poses a GDPR problem