What’s stopping me from doing this? Here we go:
I’m going to start an instance and federate with everyone who will allow it, which is most instances including this one, I believe.
Then I’m going to feed all that data into my new website, called Open Lemmy Stats, where anyone can query the user data ive accumulated. The homepage will be ripe with insights, leaderboards and all kinds of data on prolific users.
Additionally, I’ll display a snapshot/profile of a random user by feeding that users data to GPT4 to make inferences about the user’s political affiliations and display the results.
Worst of all, I’m not going to out my instance for everyone to know it as the one to defederate. In fact, I’m spinning up a few instances that will host innocuous communities that I plan to mod and support to give my instances cover for their true purpose: redundant fediverse datastreams for my site, Open Lemmy Stats.
I’ll also have a store where anyone can buy my collected fediverse data for a handsome sum.
Just kidding I’m not doing any of this. But someone absolutely will or already is working on it. They’ll make a good bit of money too, I’d bet.
This is inspired by a recent post on youshouldknow@lemmy.world where someone highlighted what kind of data instance admins have access to, even for users not on their instance.
I wanted to share this to start a discussion that I find interesting. I’m interested in your thoughts, or to hear more on why this may or may not be possible and if it is, maybe some ideas how to fix that? because obviously such a site would be problematic, but no doubt popular for oh so many reasons.
Edit: typo, I called admins adminis. Corrected.
Edit 2: wanted to credit the post I was referencing from YSK, here it is - https://lemmy.world/post/1033769
And any EU citizen could proceed to sue the shit out of you and anyone who uses that data, based on GDPR. Especially, once you not only collect it, but also run any kind of inference on it.
Would be interesting to see where that ends. Once you start selling it, you act as some kind of company/have commercial interest and thereby clearly fall under GDPR. If they’ve never given their consent to your data processing, it would be best if your servers stand on some offshore oil rig and your bank account is somewhere on the Bahamas I guess…
There are handsome penalties for violating copyright but torrent trackers are still thriving, I expect similar legal evasion tactics from sites like OpenLemmyStats
Hmm I’m not sure it’s as simple as that. The things stopping me from hosting my own Lemmy instance is that I don’t see notices about data processing/administrating entity/right to be forgotten/data dump about yourself anywhere on public instances. I don’t intend to implement these myself or share with whole word my home address so that they know where I am located. However the public instances are running fine without this, so maybe this threat of lawsuits isn’t as serious as you suggest?