On 23-04-18 18:37, Luis Villa wrote:
Hi,
I'd been under the impression Discourse was also doing something along these lines, though I'm not finding any evidence in a quick search.https://meta.discourse.org/tags/gdpr is their discussion on the subject, FWIW.
The GDPR is written with the objective to regulate big monolithic companies. So for small initiatives, volunteer organisations and distributed systems it feels like having to wear a coat of the wrong size.
But having done GDPR compliance projects for several small volunteer organisations (some sitting on serious sensitive data), it surprises me how easy it is for them to adapt to the GDPR. And small open source / distributed projects have one big advantage over the big tech companies when implementing GDPR compliency: their business model flourishes with transparency, while the big tech companies fear it.
And for XMPP: though at first sight the impact of the GDPR looked quite dramatic, now we are in the process of carefully analysing it, things become more and more trivial. See also https://wiki.xmpp.org/web/GDPR . I estimate we will have to write one extension to the protocol, patch 2-3 other extentions and write one EULA template to get all server operators in save water. The open character of XMPP makes it relatively easy to comply with the GDPR.
Winfried