• @[email protected]
    link
    fedilink
    16
    edit-2
    6 months ago

    This is a violation of GDPR, no?

    EDIT: user created content is not directly protected under GDPR, only personally identifiable data is pertected under GDPR.

    • lemmyreaderOP
      link
      fedilink
      English
      156 months ago

      Dunno. GDPR is a Europe only thing, and isn’t it only related to how your private data (like name, IP address, phone number) is cared about ?

      • @[email protected]
        link
        fedilink
        76 months ago

        Right, I think it only covers personal information: companies can only collect what they need to run their service, users can request to see their data etc. I don’t think it applies to comments and posts.

      • Captain Beyond
        link
        fedilink
        36 months ago

        I would certainly hope so. Stack Overflow content is Creative Commons licensed, so the argument is basically that the GDPR would take precedence over the CC license grant. It’d be scary if GDPR could be weaponized against forks of free software projects in this manner.

        • @[email protected]
          link
          fedilink
          46 months ago

          Would that kind of provision allow me to have my code removed from a git repository history, if that git repository is hosted by a company?

          • @[email protected]
            link
            fedilink
            26 months ago

            As long as you didn’t give those rights by signing a CLA or a copyleft license. Never sign a CLA unless you’re fully compensated.

          • @[email protected]
            link
            fedilink
            1
            edit-2
            6 months ago

            I am not a lawyer, but I believe in general, yes.

            Git is not even that convoluted, as all the history is stored in the .git folder within the repo. Unless there is some convoluted structure built on top, they would only need to move the repo folder to a trash disk, waiting to be formated.

            That being said, GDPR is somewhat poorly enforced at the moment, unfortunately. I don’t know if you can sue the company and expect some result within couple of years.

          • @[email protected]
            link
            fedilink
            36 months ago

            I am not a expert or a lawyer, but I believe user actually hold the right to completely erase personal data:

            The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay

            https://gdpr.eu/right-to-be-forgotten/

            Note the word “erasure” as opposed to “anonymize”

            • @[email protected]
              link
              fedilink
              56 months ago

              I don’t think that addresses my point. Is my opinion on the new Star Wars movies that I post online or some lines of code I suggest “personal data”? I thought personal data had a specific definition under GDPR

              • @nefonous
                link
                56 months ago

                You’re totally right, the content of your posts is not considered personal data (because it isn’t) It’s more about profiling data that can be connected back to your actual person

              • @[email protected]
                link
                fedilink
                36 months ago

                I think you are right, user generated content doesn’t seem to be protected. This is surprising to me, as user should hold the right to their content, which in my mind should enjoy stronger protection than personal data.

              • Spaenny
                link
                fedilink
                26 months ago

                Technically, they could retain posts from users if they are irreversibly anonymized. However, ensuring with 100% certainty that none of your posts ever contained any personal data that could lead to the identification of you as an individual is challenging. The safest option is therefore to also delete your posts.

    • @[email protected]
      link
      fedilink
      16 months ago

      How does GDPR get away with not defining what a website is when referring to them directly in the law? Like what counts, only html? http? ftp? gopher?