Da ist nichts, was man einem Erwachsenen, der einen IT-Job hat, erklären müsste. Die Behauptung, dass personenbezogene Daten nach DSGVO und PII im US-Recht dasselbe sein, ist so fundamental unsinnig, dass ich sie nur als Witz verstehen kann. Klar, normalerweise würde ich das erklären, aber wenn einer so rumtextet von wegen Profi, dann muss das ein Witz sein.
In case there’s really anyone lurking here. Maybe you could explain to them what you think happens when one agrees to be tracked for ads. That ought to be funny. Do they send a drone swarm with 4K-cameras to your location? What’s a TC-string? Something that goes up your butt?
Changing the subject. I take that as a sign that you understand how absurd your pontifications about the GDPR were. That’s great. I was able to help you. You’re welcome. However, it’s problematic that you chose to leave up incorrect info.
Now, you are not being truthful about what I wrote, so I do not think that it’s a good use of my time to lay out the issues here. If, at some point in the future, you are genuinely interested and able to behave like a responsible adult, we can talk about this.
this is from a comment you made in this very comment chain:
Anything connected to your username is personal data. Your votes, posts, comments, settings subscriptions, and so on, but only as long as they are or can be actually connected to that username.
this is so incomplete it can be regarded as false.
“anything connected to you username is personal data” is a false statement.
it’s only personal data in combination with a whole lot of other data. then it can potentially be considered personal data, if it can be reasonably used to identify someone. reasonably.
your votes cannot reasonably be used to identify you, even in combination with other data. they are irrelevant. same goes for all other data, except user names, in that quote.
here is a further clarification from the GDPR website:
The qualifier “reasonably” is an important one. Methods of identification that are not present today could be developed in the future, which means that data stored for long durations must be continuously reviewed to make sure it cannot be combined with new technology that would allow for indirect identification.
so, for now, your votes, comments, etc., are not covered. maybe they will be in the future, but probably not.
Arguably, the posts and comments that you reply to also become part of your personal data in that they are necessary context.
because the GDPR provides a “right to deletion” this would mean that someone else could have data you own deleted against your will.
which means if a politician posts something on bluesky, and some random asshole replies to that post, that asshole could then have the politicians post deleted.
that’s obviously insanity.
Any data that can be connected to an email address, or an IP address, is also personal data. When you log IPs for spam protection, you’re collecting personal data.
while it is true that IP addresses can potentially be considered personal data, none of the listed data types by themselves are necessarily personal data.
your statement makes it sound as if they always are, which is wrong.
it is not reasonably possible to conclude who exactly posted something just from an IP or email address, for example. not without a whole lot more data. (since anyone can easily spoof an address, it’s not difficult)
which is why it is potentially personal data, but not definitely. that’s an important difference.
this discussion is entirely pointless anyway, since you already agreed to the terms outlined in your home instance as to how your data is processed.
it outlines exactly how data is processed, in accordance with the GDPR.
and yeah, the instance has to consider the GDPRs processing guidelines, because they posses aggregate data.
but that’s also where you were wrong when you said that processing this data is in any way illegal.
doing so without informing the user, that is illegal.
processing it in ways other than the one’s outlined in the privacy statement , that is illegal.
but it’s not inherently illegal, as you said it is.
and before you (again) refuse to acknowledge that you DID say it’s illegal, here’s you saying exactly that:
The reasoning seems to confirm the view that the Fediverse is legally very problematic.
the Fediverse is in no way “legally problematic”, because everything the protocol does is something you agreed to, when you signed up.
there is no violation of your rights, because the GDPR cannot protect you from not reading what you are agreeing to.
i do concede that one point i did get wrong was this:
it’s not personally identifying data in the first place
i have posted a clarification that IPs and usernames specifically can be considered personal data, when combined with other personal data.
important to note is, that the other Fediverse related features like up/dpwnvotes, comments, etc. are still not personal data.
i wasn’t clear enough on that point, and that’s a fair criticism.
i would have noticed that ages ago, if you could be bothered to actually back anything you say up with a quote or any kind of specific pointer instead of vague and nonsensical accusations how “everything is wrong”.
it was a single, small detail in the original reply i wrote.
everything else, as far as i can tell, is accurate.
unless you can, specifically and with a quote point out any other issues.
i will simply ignore any further accusations without a corresponding quote of both the offending comment and a citation of the corresponding law (article and paragraph is fine, doesn’t need to be a direct quote, it just needs to be clear what exactly the issue(s) is (are)).
and please, for the love of god, stop spreading the misinformation that the Fediverse is somehow illegal, just because you didn’t read the privacy statement.
that privacy statement is all that a digital service provide is required to present to the user, if they don’t use your data in any other way than “legitimate interest”. which is specifically excluded from GDPR protections. and this exception is also mentioned in the privacy statement you did not read.
it. is. not. illegal. to. processes. your. Fediverse. data.
and it’s also not illegal to send that data to other instances, because you agreed to that being a possibility when you made your account.
not knowing about that, because you didn’t read how your data will be processed, doesn’t make it illegal.
you were informed about the ways your data will be processed, which satisfies the GDPR just fine.
Ok. So you are trolling. Haha. The vote manipulation isn’t cool, though.
what manipulation?
junge, du:
…und dann hast du noch die Dreistigkeit zu behaupten hier wird irgendetwas manipuliert???
nein junge!
die leute durchschauen einfach nur, dass du offensichtlich keine Ahnung hast!
deswegen kommen downvotes: du erzählst blödsinn!
Da ist nichts, was man einem Erwachsenen, der einen IT-Job hat, erklären müsste. Die Behauptung, dass personenbezogene Daten nach DSGVO und PII im US-Recht dasselbe sein, ist so fundamental unsinnig, dass ich sie nur als Witz verstehen kann. Klar, normalerweise würde ich das erklären, aber wenn einer so rumtextet von wegen Profi, dann muss das ein Witz sein.
In case there’s really anyone lurking here. Maybe you could explain to them what you think happens when one agrees to be tracked for ads. That ought to be funny. Do they send a drone swarm with 4K-cameras to your location? What’s a TC-string? Something that goes up your butt?
alles vollkommen irrelevant im sinne der ursprünglichen aussage:
dass das Fediverse iwie gegen die dsgvo verstößt.
kein einziges argument deinerseits wie genau hier ein Verstoß vorliergen soll.
immer noch nichts an greifbarer kritik.
nur vollkommen wertlose behauptungen über die richtigkeit, aber absolut keine konkrete aussage.
woe GENAU verletzt dad Fediverse in irgendeiner weise die dsgvo?
welche daten sind konkret problematisch?
die ursprünglich genannten Beispiele sind laut deinem eigenen Zitat vom Gesetzestext Blödsinn.
also was sonst soll hier problematisch sein?
ad tracking is COMPLETELY irrelevant to the original argument of the Fediverse being in violation of EU regulations.
it’s just another deflection to distract from the complete and utter lack of concrete evidence of any foul play on the Fediverse protocols’ side.
Changing the subject. I take that as a sign that you understand how absurd your pontifications about the GDPR were. That’s great. I was able to help you. You’re welcome. However, it’s problematic that you chose to leave up incorrect info.
Now, you are not being truthful about what I wrote, so I do not think that it’s a good use of my time to lay out the issues here. If, at some point in the future, you are genuinely interested and able to behave like a responsible adult, we can talk about this.
this is from a comment you made in this very comment chain:
this is so incomplete it can be regarded as false.
“anything connected to you username is personal data” is a false statement.
it’s only personal data in combination with a whole lot of other data. then it can potentially be considered personal data, if it can be reasonably used to identify someone. reasonably.
your votes cannot reasonably be used to identify you, even in combination with other data. they are irrelevant. same goes for all other data, except user names, in that quote.
here is a further clarification from the GDPR website:
so, for now, your votes, comments, etc., are not covered. maybe they will be in the future, but probably not.
because the GDPR provides a “right to deletion” this would mean that someone else could have data you own deleted against your will.
which means if a politician posts something on bluesky, and some random asshole replies to that post, that asshole could then have the politicians post deleted.
that’s obviously insanity.
while it is true that IP addresses can potentially be considered personal data, none of the listed data types by themselves are necessarily personal data.
your statement makes it sound as if they always are, which is wrong.
it is not reasonably possible to conclude who exactly posted something just from an IP or email address, for example. not without a whole lot more data. (since anyone can easily spoof an address, it’s not difficult)
which is why it is potentially personal data, but not definitely. that’s an important difference.
this discussion is entirely pointless anyway, since you already agreed to the terms outlined in your home instance as to how your data is processed.
for reference, here is the site for the feddit.org instances’ privacy declaration.
it outlines exactly how data is processed, in accordance with the GDPR.
and yeah, the instance has to consider the GDPRs processing guidelines, because they posses aggregate data.
but that’s also where you were wrong when you said that processing this data is in any way illegal.
doing so without informing the user, that is illegal.
processing it in ways other than the one’s outlined in the privacy statement , that is illegal.
but it’s not inherently illegal, as you said it is.
and before you (again) refuse to acknowledge that you DID say it’s illegal, here’s you saying exactly that:
the Fediverse is in no way “legally problematic”, because everything the protocol does is something you agreed to, when you signed up.
there is no violation of your rights, because the GDPR cannot protect you from not reading what you are agreeing to.
i do concede that one point i did get wrong was this:
i have posted a clarification that IPs and usernames specifically can be considered personal data, when combined with other personal data.
important to note is, that the other Fediverse related features like up/dpwnvotes, comments, etc. are still not personal data.
i wasn’t clear enough on that point, and that’s a fair criticism.
i would have noticed that ages ago, if you could be bothered to actually back anything you say up with a quote or any kind of specific pointer instead of vague and nonsensical accusations how “everything is wrong”.
it was a single, small detail in the original reply i wrote.
everything else, as far as i can tell, is accurate.
unless you can, specifically and with a quote point out any other issues.
i will simply ignore any further accusations without a corresponding quote of both the offending comment and a citation of the corresponding law (article and paragraph is fine, doesn’t need to be a direct quote, it just needs to be clear what exactly the issue(s) is (are)).
and please, for the love of god, stop spreading the misinformation that the Fediverse is somehow illegal, just because you didn’t read the privacy statement.
that privacy statement is all that a digital service provide is required to present to the user, if they don’t use your data in any other way than “legitimate interest”. which is specifically excluded from GDPR protections. and this exception is also mentioned in the privacy statement you did not read.
it. is. not. illegal. to. processes. your. Fediverse. data.
and it’s also not illegal to send that data to other instances, because you agreed to that being a possibility when you made your account.
not knowing about that, because you didn’t read how your data will be processed, doesn’t make it illegal.
you were informed about the ways your data will be processed, which satisfies the GDPR just fine.