This shouldn’t come as a huge surprise. Meta is moving forward with their plans for Theads and the Fediverse, and their adjusted terms reflect a new impending reality for Fediverse users.

  • maynarkh@feddit.nl
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Stupid question, couldn’t instances just say they don’t allow scraping specifically from Facebook in their ToS and then report them for GDPR violations if they do?

    As in say that have the ToS says that “we’ll give your data to other instances because that’s how the Fediverse works, we won’t give your data to Facebook” and also “Facebook is not allowed to federate, and is not allowed to pull data”.

    Then just say that your data subjects don’t consent to any data pulling by Facebook, and Facebook scraping your system even through ActivityPub is a violation of GDPR.

    • Razp@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      But GDPR is the European thing, and Threads isn’t even available in Europe.

      • Ctri@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        GDPR is a protection that applies to European citizens, regardless of where they’re situated. companies don’t get a pass because they blocked IP addresses coming from Europe.

        now, enforcement outside the EU is a challenge, but the law is written in such a way that it covers the personal info of every EU citizen regardless of location.

      • Squizzy@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        If there service is affecting a service in the EU then they will have to abide by Gdpr. Fact is if your server is in the EU and they scrape it they are active in the EU.

    • pjhenry1216@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      This wouldn’t matter. Defederating means you don’t pull their data, not the other way around.

      The article is just describing how ActivityPub works. What would be more important is how they claim to use that data. But that they collect that data is inherent to how the protocol works. They’d have to mention they collect it legally.

      • Hazelnoot [she/her]@beehaw.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        Defederation actually does work both ways if the instance enables AUTHORIZED_FETCH. That setting requires 3rd party systems to prove their identity before they can retrieve any data, which allows an instance to block defederated domains. I don’t know if Lemmy or Kbin supports that, but practically all of the microblogging fedi software does (that being Mastodon / GlitchSoc, Pleroma / Akkoma, Misskey / FoundKey / FireFish, and GoToSocial).

        • pjhenry1216@kbin.social
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          Except that means you defederate from everyone but whitelisted instances in that scenario. If I recall, it doesn’t work as a blacklist, but as a whitelist.

            • pjhenry1216@kbin.social
              link
              fedilink
              arrow-up
              0
              ·
              1 year ago

              Looking into it, aren’t both of these only Mastodon and not part of ActivityPub itself? I can’t find details on them outside of Mastodon.

              And what prevents the post from getting published to other instances from different sources?

              • Hazelnoot [she/her]@beehaw.org
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                They are mastodon-specific, but most fedi software has a similar feature. Or at least, all of the mainstream microblogging software does, as well as some of the image / video sharing platforms. I’m unsure about Lemmy and Kbin. Here are the equivalent settings for FireFish: