This shouldn’t come as a huge surprise. Meta is moving forward with their plans for Theads and the Fediverse, and their adjusted terms reflect a new impending reality for Fediverse users.
Stupid question, couldn’t instances just say they don’t allow scraping specifically from Facebook in their ToS and then report them for GDPR violations if they do?
As in say that have the ToS says that “we’ll give your data to other instances because that’s how the Fediverse works, we won’t give your data to Facebook” and also “Facebook is not allowed to federate, and is not allowed to pull data”.
Then just say that your data subjects don’t consent to any data pulling by Facebook, and Facebook scraping your system even through ActivityPub is a violation of GDPR.
But GDPR is the European thing, and Threads isn’t even available in Europe.
GDPR is a protection that applies to European citizens, regardless of where they’re situated. companies don’t get a pass because they blocked IP addresses coming from Europe.
now, enforcement outside the EU is a challenge, but the law is written in such a way that it covers the personal info of every EU citizen regardless of location.
Wouldnt it count for lemmy.world and other European instances because they are from Europe?
If there service is affecting a service in the EU then they will have to abide by Gdpr. Fact is if your server is in the EU and they scrape it they are active in the EU.
deleted by creator
deleted by creator
deleted by creator
deleted by creator
Petition your instance admin to defederate from Threads!
This wouldn’t matter. Defederating means you don’t pull their data, not the other way around.
The article is just describing how ActivityPub works. What would be more important is how they claim to use that data. But that they collect that data is inherent to how the protocol works. They’d have to mention they collect it legally.
Defederation actually does work both ways if the instance enables
AUTHORIZED_FETCH
. That setting requires 3rd party systems to prove their identity before they can retrieve any data, which allows an instance to block defederated domains. I don’t know if Lemmy or Kbin supports that, but practically all of the microblogging fedi software does (that being Mastodon / GlitchSoc, Pleroma / Akkoma, Misskey / FoundKey / FireFish, and GoToSocial).Except that means you defederate from everyone but whitelisted instances in that scenario. If I recall, it doesn’t work as a blacklist, but as a whitelist.
You’re thinking of LIMITED_FEDERATION_MODE, which is different from AUTHORIZED_FETCH.
Looking into it, aren’t both of these only Mastodon and not part of ActivityPub itself? I can’t find details on them outside of Mastodon.
And what prevents the post from getting published to other instances from different sources?
They are mastodon-specific, but most fedi software has a similar feature. Or at least, all of the mainstream microblogging software does, as well as some of the image / video sharing platforms. I’m unsure about Lemmy and Kbin. Here are the equivalent settings for FireFish:
deleted by creator