Diaspora & GDPR

Diaspora pods have members within the EU. Indeed, many Diaspora pods are in the EU themselves. What, if anything, is Diaspora doing to ensure compliance with GDPR, or is it even a concern for podmins and the community at large?

Before I fire up a pod, I’d like to be assured that I won’t be subject to a €20M fine because I was unable to respond to a “right to erasure” request from a Disaporan on my pod in a timely manner (or some such).

If you are hosting a pod without a legal structure (so as an individual), you should not be concerned about it. But you’re right, for organization, there is a topic which needs to be discussed.

1 Like

Thanks. That sounds like a right reasonable reading of the law (OK, maybe an interpretation of the law). I haven’t read all ~256 pages, but it’s come up at my place of work, so I thought I’d ask here. I suppose an institution, such as a university or library that hosts a pod would be required to adhere to the law for their EU members.

Exactly, and at least we (framasoft) will need to comply for the framasphere pod. If some things need to be done in the code, we will backport it upstream of course. I can’t tell if that will happen before the 25th of may though.

1 Like