Removed by mod

It’s rather the other way around, Word is not 1 to 1 compatible with LibreOffice Writer when it comes to document editing. Writer is far better on that aspect.

Providing the service is selling groceries, that doesn’t require a birth date.

So it’s not possible to sneak it under performance of contract. Only Legitimate Interest or Consent could be valid, and you can oppose/retract.

But good readng, please provide our findings, that will save me a reading 😅

What data controller is that?

Very few of them have a valid ground to process your birh date. Do they need it to provide you the service? No? Then they fail the data minimization requirement.

and refusing access right on the ground of the birth day, which they should not have in the first place, is the cherry on the cake.

Send them a letter to tell thel that you are ready to submit a complaint to your regulator (or the lead regulatior), but that you are ready to compromize to save hassle to everybody. A few thousands are always welcome.

But again, this is valid only if the controller have no ground to process birth date. If it provide adult stuff, or legal benefits, etc. it’s a different story.

Probable course of action is MSFT implementing a hotfix in the next 3-6 months, that will be nowhere near to address the topic.

Another 2 years of EDPS investigation.

Then MSFT will release another patch 3-6 months after that actually solves the issue.

But in the meantime, they would have implemented another mechanism to spy on users.

Rince and repeat.

Article 3 GDPR is straightforward, gdpr will apply.

The real question is how any kind of authority could enforce it ? Almost no chance that any law enforcement/regulator will bother a single-user instance purely on the ground of gdpr…

I’m not so sure about the GDPR status for the Fediverse, I don’t think there’s the law is prepared for “Jerry runs this for people, just for fun”. It’s very much “official organisation” or “money grabbing business” oriented. Someone should fund an actual lawyer to look into this and lay down the real requirements.

I’m working in the gdpr compiance field ;) Using a personnal device to monitor public space doesn’t fall under the household exception, this solution even pre-dates the GDPR (https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-12/cp140175en.pdf).

(the case-law is about camera fixed on a private house, but the logic easily translates in a private server grabbing public data).

but when legal compliance comes up, everybody just sticks their fingers in their ears and pretends not to hear you.

Just as you did ^^

No, Lemmy servers are not exempt from GDPR compliance. The household exemption (you are not subject to gdpr for private activities) only applies for purely personnal activities. As soon as a service is offered to someone else, the exemption is no more applicable.

That’s one of the drawback about open-source projects, they are designed to fulfill a need (persistent storage & decentralised communication for Lemmy), and no one give a f*ck about legalities.

Le puritanisme…

Boire au boulot est autorisé en France (article R4228-20 du code du travail) si c’est du vin, bière, cidre ou poiré.

Bien sur, si ça représente un risque, la consommation peut être interdite (coucou les grutiers). Mais tant que les salariés sont en mesure de faire leur boulot normalement, il n’y a pas de raison de casser les pieds.

Just to clarify, I’m self-hosting. I’m using neither Proton nor Dropbox.

However, I’m a privacy pro, and I read Privacy Policies on a daily basis (ok… weekly basis).

The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service). For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.

On this specific aspect, the USA are ahead of EU.

That’s all I meant.

If you want to read it as “give your data to the USA”, feel free, but that’s not what I said.

I was not saying “Dropbox good” or “Proton bad”, just correcting a few things about the privacy policy in itself and what it means.

Encryption will not protect your privacy in the specific case of Dropbox.

They look into your activity, not files.

And that’s pretty much standard for any kind of commercial SaaS, just because of security concerns.

Also, they are quite transparent about the provider they are using for internal activities (Stripe, etc.). Companies in EU will typically not disclose such information. For example, Dropbox disclose the use of AWS (for hosting the infra & code, I guess), whereas Proton does not disclose any hosting company.

2 main reasons in my view:

• windows is the de facto standard for desktop ans users management. So each corp has at least one guy used to the interface to dofirst-level debug
• windows comes with support, not linux. So corps don’t want to employe one Linux admin “just in case”. That’s the main reason I keep hearing from sysadmins I know

45€/month for 250 Mbits/sec in ADSL. 85€ for 1Gbps in optic fiber (250Mbps upload)

I have the ADSL connection, and sometimes in hot summer it disconnects. Same in case of thunderstorm.

Back in France, I had 1Gbps (up and down) optic fiber for 40€, and not a single interruption in 4 years.

Germany is shit for Internet connections…

Expensive and slow…

It’s possible, I’ve been tricked last year by a similar attack (the sneakiest attack possible to target privacy people, imho).

I praise IT Security for putting so many safeguards, sandboxes and verifications!

J’ai déménagé en Allemagne, et la DB a établi un nouveau standard de médiocrité, pour moi (oui, pire que la sncf).

Exemple 1: j’achète un billet pour aller à Bruxelles depuis Stuttgart. Une semaine avant le départ, la DB me dit que le train est annulé, et que je peux prendre n’importe quel autre train opéré par la DB en remplacement. Je regarde, entre les TGV et les Thalys, ma seule solution est de prendre un train à 10h00 (au lieu de 17h00). Au lieu d’etre 100% en ICE, je dois maintenant faire un crochet en TER pour attraper un autre ICE. Bref, au lieu de 4h30, le trajet va durer 7h. Ok, tant pis, je prend. Le trajet se passe bien, sauf que le TER s’arrête en gare parce qu’un arbre est tombé sur les voies. Bled paumé (Mönchengladbach, pour ceux qui connaissent), une seule ligne y passe, la seule solution est d’attendre. 2h passent, et le train redémarre. J’arrive à ma connection ICE, je rate mon ICE pour 5 minutes. L’ICE suivant est … celui que je devais prendre initialement … wtf ?! Il roule !? Il n’était pas annulé !?

Exemple 2: Je suis dans un bled au fin fond de la campagne, pour rentrer je dois prendre bus, S-Bahn (équivalent RER), ICE 1 puis ICE 2. J’arrive à la gare de S-Bahn avec 2 heures d’avance. Je vois le train arriver au loin, et s’arrêter en pleine voie. Tout le monde regarde le train, en se demandant ce qui se passe. L’affichage en gare indique un retard de 5 minutes. Puis précise que le train est en panne. Evidemment, je suis sur une ligne de campagne, pas d’autres alternatives que ce s-bahn. Les 5 minutes se transforment en 10, puis 20, puis 30, puis le train suivant (1h après) est annulé. Avec d’autres personnes on essaie de choper un taxi, mais pas moyen. On doit encore essayer 45min avant d’en choper un. Le taxi nous dépose à une gare DB, j’attrape un TER pour rejoindre ma gare de départ de l’ICE, je suis en retard mais lui aussi. J’arrive donc à l’attraper et à rentrer chez moi.

En résumé, mes expériences désagréables avec la DB sont la norme. Que ce soit pour aller au boulot (environ 30% de trajets avec problème), ou longue distance (100% de soucis pour le moment).

Entre l’app DB qui te sélectionne par défaut le trajet le plus rapide (y compris en prenant les trains locaux) et au moindre soucis tu es coincé dans une gare de campagne, ou l’état des voies, la légende du train allemand toujours à l’heure est définitivement surfaite.

Price is a thing, but having the option to chose is definitely good.

Now comes the real question: do you really trust the Zuck to implement a “do not share/sell anything” policy ? 'Cause yeah, if I’m paying, I’m expecting that none of my data is being sold/processed/transmitted to another company. Paying to just remove ads is … pointless.

By definition, Jedis are doing the Good.

But be it in movies, books or comics, I never came accross any mention of working hours or PTO.

They have unionize.

It misses the most important information: why.

The CNIL (French privacy regulator) slapped Discord in October last year because they never deleted accounts (hi GDPR).

Since then, all tech companies are hurriedly designing a plan to mass delete inactive accounts.