Changing the subject. I take that as a sign that you understand how absurd your pontifications about the GDPR were. That’s great. I was able to help you. You’re welcome. However, it’s problematic that you chose to leave up incorrect info.
Now, you are not being truthful about what I wrote, so I do not think that it’s a good use of my time to lay out the issues here. If, at some point in the future, you are genuinely interested and able to behave like a responsible adult, we can talk about this.
this is from a comment you made in this very comment chain:
Anything connected to your username is personal data. Your votes, posts, comments, settings subscriptions, and so on, but only as long as they are or can be actually connected to that username.
this is so incomplete it can be regarded as false.
“anything connected to you username is personal data” is a false statement.
it’s only personal data in combination with a whole lot of other data. then it can potentially be considered personal data, if it can be reasonably used to identify someone. reasonably.
your votes cannot reasonably be used to identify you, even in combination with other data. they are irrelevant. same goes for all other data, except user names, in that quote.
here is a further clarification from the GDPR website:
The qualifier “reasonably” is an important one. Methods of identification that are not present today could be developed in the future, which means that data stored for long durations must be continuously reviewed to make sure it cannot be combined with new technology that would allow for indirect identification.
so, for now, your votes, comments, etc., are not covered. maybe they will be in the future, but probably not.
Arguably, the posts and comments that you reply to also become part of your personal data in that they are necessary context.
because the GDPR provides a “right to deletion” this would mean that someone else could have data you own deleted against your will.
which means if a politician posts something on bluesky, and some random asshole replies to that post, that asshole could then have the politicians post deleted.
that’s obviously insanity.
Any data that can be connected to an email address, or an IP address, is also personal data. When you log IPs for spam protection, you’re collecting personal data.
while it is true that IP addresses can potentially be considered personal data, none of the listed data types by themselves are necessarily personal data.
your statement makes it sound as if they always are, which is wrong.
it is not reasonably possible to conclude who exactly posted something just from an IP or email address, for example. not without a whole lot more data. (since anyone can easily spoof an address, it’s not difficult)
which is why it is potentially personal data, but not definitely. that’s an important difference.
this discussion is entirely pointless anyway, since you already agreed to the terms outlined in your home instance as to how your data is processed.
it outlines exactly how data is processed, in accordance with the GDPR.
and yeah, the instance has to consider the GDPRs processing guidelines, because they posses aggregate data.
but that’s also where you were wrong when you said that processing this data is in any way illegal.
doing so without informing the user, that is illegal.
processing it in ways other than the one’s outlined in the privacy statement , that is illegal.
but it’s not inherently illegal, as you said it is.
and before you (again) refuse to acknowledge that you DID say it’s illegal, here’s you saying exactly that:
The reasoning seems to confirm the view that the Fediverse is legally very problematic.
the Fediverse is in no way “legally problematic”, because everything the protocol does is something you agreed to, when you signed up.
there is no violation of your rights, because the GDPR cannot protect you from not reading what you are agreeing to.
i do concede that one point i did get wrong was this:
it’s not personally identifying data in the first place
i have posted a clarification that IPs and usernames specifically can be considered personal data, when combined with other personal data.
important to note is, that the other Fediverse related features like up/dpwnvotes, comments, etc. are still not personal data.
i wasn’t clear enough on that point, and that’s a fair criticism.
i would have noticed that ages ago, if you could be bothered to actually back anything you say up with a quote or any kind of specific pointer instead of vague and nonsensical accusations how “everything is wrong”.
it was a single, small detail in the original reply i wrote.
everything else, as far as i can tell, is accurate.
unless you can, specifically and with a quote point out any other issues.
i will simply ignore any further accusations without a corresponding quote of both the offending comment and a citation of the corresponding law (article and paragraph is fine, doesn’t need to be a direct quote, it just needs to be clear what exactly the issue(s) is (are)).
and please, for the love of god, stop spreading the misinformation that the Fediverse is somehow illegal, just because you didn’t read the privacy statement.
that privacy statement is all that a digital service provide is required to present to the user, if they don’t use your data in any other way than “legitimate interest”. which is specifically excluded from GDPR protections. and this exception is also mentioned in the privacy statement you did not read.
it. is. not. illegal. to. processes. your. Fediverse. data.
and it’s also not illegal to send that data to other instances, because you agreed to that being a possibility when you made your account.
not knowing about that, because you didn’t read how your data will be processed, doesn’t make it illegal.
you were informed about the ways your data will be processed, which satisfies the GDPR just fine.
A user is typically a natural person. A username identifies that person. Any information that is directly or indirectly linked to that username is thus personal data of that person. The GDPR explicitly gives “online identifier” as an example of an identifier. I did link to the official repository, which hosts translation in all European languages. Each translation can be reached with 1 click. It cannot be a language issue. I do not understand what the problem could be.
The personal data in the OP (consent options) are linked to a person via a cookie stored in their browser. I do not understand how one could make sense of the case without understanding what personal data is.
There also appears to be some confusion between GDPR and copyright. I do not know where these strange ideas come from.
Changing the subject. I take that as a sign that you understand how absurd your pontifications about the GDPR were. That’s great. I was able to help you. You’re welcome. However, it’s problematic that you chose to leave up incorrect info.
Now, you are not being truthful about what I wrote, so I do not think that it’s a good use of my time to lay out the issues here. If, at some point in the future, you are genuinely interested and able to behave like a responsible adult, we can talk about this.
this is from a comment you made in this very comment chain:
this is so incomplete it can be regarded as false.
“anything connected to you username is personal data” is a false statement.
it’s only personal data in combination with a whole lot of other data. then it can potentially be considered personal data, if it can be reasonably used to identify someone. reasonably.
your votes cannot reasonably be used to identify you, even in combination with other data. they are irrelevant. same goes for all other data, except user names, in that quote.
here is a further clarification from the GDPR website:
so, for now, your votes, comments, etc., are not covered. maybe they will be in the future, but probably not.
because the GDPR provides a “right to deletion” this would mean that someone else could have data you own deleted against your will.
which means if a politician posts something on bluesky, and some random asshole replies to that post, that asshole could then have the politicians post deleted.
that’s obviously insanity.
while it is true that IP addresses can potentially be considered personal data, none of the listed data types by themselves are necessarily personal data.
your statement makes it sound as if they always are, which is wrong.
it is not reasonably possible to conclude who exactly posted something just from an IP or email address, for example. not without a whole lot more data. (since anyone can easily spoof an address, it’s not difficult)
which is why it is potentially personal data, but not definitely. that’s an important difference.
this discussion is entirely pointless anyway, since you already agreed to the terms outlined in your home instance as to how your data is processed.
for reference, here is the site for the feddit.org instances’ privacy declaration.
it outlines exactly how data is processed, in accordance with the GDPR.
and yeah, the instance has to consider the GDPRs processing guidelines, because they posses aggregate data.
but that’s also where you were wrong when you said that processing this data is in any way illegal.
doing so without informing the user, that is illegal.
processing it in ways other than the one’s outlined in the privacy statement , that is illegal.
but it’s not inherently illegal, as you said it is.
and before you (again) refuse to acknowledge that you DID say it’s illegal, here’s you saying exactly that:
the Fediverse is in no way “legally problematic”, because everything the protocol does is something you agreed to, when you signed up.
there is no violation of your rights, because the GDPR cannot protect you from not reading what you are agreeing to.
i do concede that one point i did get wrong was this:
i have posted a clarification that IPs and usernames specifically can be considered personal data, when combined with other personal data.
important to note is, that the other Fediverse related features like up/dpwnvotes, comments, etc. are still not personal data.
i wasn’t clear enough on that point, and that’s a fair criticism.
i would have noticed that ages ago, if you could be bothered to actually back anything you say up with a quote or any kind of specific pointer instead of vague and nonsensical accusations how “everything is wrong”.
it was a single, small detail in the original reply i wrote.
everything else, as far as i can tell, is accurate.
unless you can, specifically and with a quote point out any other issues.
i will simply ignore any further accusations without a corresponding quote of both the offending comment and a citation of the corresponding law (article and paragraph is fine, doesn’t need to be a direct quote, it just needs to be clear what exactly the issue(s) is (are)).
and please, for the love of god, stop spreading the misinformation that the Fediverse is somehow illegal, just because you didn’t read the privacy statement.
that privacy statement is all that a digital service provide is required to present to the user, if they don’t use your data in any other way than “legitimate interest”. which is specifically excluded from GDPR protections. and this exception is also mentioned in the privacy statement you did not read.
it. is. not. illegal. to. processes. your. Fediverse. data.
and it’s also not illegal to send that data to other instances, because you agreed to that being a possibility when you made your account.
not knowing about that, because you didn’t read how your data will be processed, doesn’t make it illegal.
you were informed about the ways your data will be processed, which satisfies the GDPR just fine.
A user is typically a natural person. A username identifies that person. Any information that is directly or indirectly linked to that username is thus personal data of that person. The GDPR explicitly gives “online identifier” as an example of an identifier. I did link to the official repository, which hosts translation in all European languages. Each translation can be reached with 1 click. It cannot be a language issue. I do not understand what the problem could be.
The personal data in the OP (consent options) are linked to a person via a cookie stored in their browser. I do not understand how one could make sense of the case without understanding what personal data is.
There also appears to be some confusion between GDPR and copyright. I do not know where these strange ideas come from.