Custom privacy policies / terms for each instance

[StaticallyTypedRice]

To my knowledge, many jurisdictions (like the EU) require websites to have a comprehensive privacy policy, and in general having one is just a good idea. My suggestion would be to have a page that administrators can edit in order to describe their server’s privacy practices.

We could also provide a default one for all instances, but chances are that to stay accurate, each instance will have to edit it. This should also be made clear to instance administrators.

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/91530045-we-should-write-a-privacy-policy?utm_campaign=plugin&utm_content=tracker%2F126011972&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F126011972&utm_medium=issues&utm_source=github).

[dioraman]

I second this. Mastodon adopts default terms of service + privacy policy for any instance. It is originally adapted from Discourse but I think the Mastodon basis can be improved.

[dessalines]

Does mastodon / pleroma have an editable privacy policy?

[dioraman]

I knew Mastodon and Pleroma instances with modified privacy policies.

Edit: Mastodon "[e]nd goal would be making them dynamically editable by the instance admin, but we need a sensible default". (reference) I proposed a pull request for their project to be safe on the legal side. We may use the same paragraph as well. If you do not feel confident for this adoption, we may ask e.g. to Software Freedom Conservancy.

[nathgit]

In general, I'm very hesitant to sign up to any site without reading their privacy policy first, & I would hope I'm not the only one so I hope one is coming. At least since this one doesn't require an email address, there's no worry of them being able to sell your email address to companies that will spam you. The downside to that is if you forget your password, there's no way to recover it. Email aliases and/or filters are good ways to fight spam too though. Reddit doesn't require an email address either from what I've heard but that doesn't mean there aren't still potential privacy issues. There's atleast 2 sites that list all publicly available knowledge about any reddit username you type in, all derived from info they've posted, comments they made, communities they follow, etc;. The amount of info you can find is unbelievable.

[dessalines]

There's atleast 2 sites that list all publicly available knowledge about any reddit username you type in, all derived from info they've posted, comments they made, communities they follow, etc;. The amount of info you can find is unbelievable.

There isn't a way to prevent that unfortunately for publicly available data, I'm sure there's tools to do this for fediverse users too. But when we add private communities, then that'll be a way to restrict your viewable content.

[nathgit]

I know. I just meant that people put a lot of private data on social networks (which they shouldn't), so a privacy policy is needed.

[nathgit]

Is there any sort of functioning privacy policy template? I'm considering signing up but generally don't sign up on sites without a privacy policy. Not that I don't trust it, just being careful especially since the account can't be deleted.

Is it at least possible to add an email later if I create an account without one?

[nathgit]

Here's a couple links that might be helpful: https://security.berkeley.edu/how-write-effective-website-privacy-statement https://www.privacypolicies.com/blog/how-write-privacy-policy/

[Nutomic]

We are hosted in the EU so a privacy policy for the US wont help us.

[dessalines]

Ya. Anyone who wants to make this, I'd suggest starting with mastodon's as a template that @dioraman linked.

[nathgit]

To my knowledge, many jurisdictions (like the EU) require websites to have a comprehensive privacy policy, and in general having one is just a good idea.

California has calOPPA, (which actually took effect in '04 but has been amended since). It requires any site operating in California (any site providing a service to people living in California, it doesn't refer to where the company is located) that collects user info to have a privacy policy explaining how they use that info & mandates certain things that must be included in the privacy policy, like an outline of exactly what info is collected.

[nathgit]

We are hosted in the EU so a privacy policy for the US wont help us.

EDITED: Here's a couple sites Specific to GDPR privacy policies. The first explains how to make one, the second is a generator. GDPR privacy policy Generator The generator creates a privacy policy, a cookie policy, & several others compatible with GDPR, calOPPA, Google Analytics, etc; There's 7 different ones total.

Edit: CCPA $29 (Required by California law) GDPR $29 calOPPA $12 (Required by California law) =$70

Without GDPR/CCPA/calOPPA wording the generator is free.

[nicfab]

I second this. I was thinking of creating an ad hoc web page with my privacy policy reachable from my Lemmy instance. It would be much more appreciable to have a default Lemmy space/box or page to fill with policy contents.

[nathgit]

There should be some sort of privacy policy. I was admittedly a little confused by the seeming lack of interest when I listed the links I did above allowing you to easily generate a privacy policy. I take my privacy seriously & I read every site's privacy policy before signing up so I know what is being done with my data, so a site not having one is a red flag for me. At the very least I would use an email alias, which is a good idea anyway, in case of a site being hacked, or sold.

[Nutomic]

I opened a pull request for this, please have a look.

https://github.com/LemmyNet/lemmy/pull/2273

[nicfab]

@Nutomic Thank you very much. I appreciate your commit. From my perspective, the title "Legal information" is not wrong, but you can also think of shortening it to only "Legal." I agree with you on the other considerations related to the content; each admin will fill the space with the appropriate content. I would also highlight that the content should at least be terms and conditions and privacy policy. For example, as I read, in the Mastodon "legalese" default document (from my Mastodon instance), there is a section related to data retention for IP addresses that they set, by default, in 90 days. An admin can know that information only from developers. In conclusion, besides the appreciable commit, the admin should also know some technical information from the developers. The admin will provide adequate information to the users to guarantee that nobody else apart from the sysadmin can access that information only for technical purposes. The sysadmin, obviously, has to adopt any security measure on his server.

[Nutomic]

About IP addresses, Lemmy doesnt store them at all. They are only stored in log files, but that also happens when you serve static html files from your server.

[BanzooIO]

I feel this is pretty important to the survival of Lemmy. I AM NOT A LAWYER, but I have created a template based on the Mastodon privacy policy if anyone wants a basic framework to start from:

https://github.com/BanzooIO/federated_policies_and_tos/blob/main/lemmy-privacy-policy.md

I am not overly experienced with instance management yet, but I have done my best to cover all aspects of how data is shared. Please contribute in correcting any errors.

I also feel it is important for admins to disclose the lack of SSL support in connecting to PostgreSQL and what the local admin has done to mitigate the risk.

[nicfab]

If it can be helpful for you and the project, here is the privacy policy on my Lemmy instance: https://community.nicfab.it/legal Furthermore, here is the privacy policy on my Mastodon instance: https://mastodon.nicfab.it/privacy-policy Both are works in progress, and they might be modified anytime.

[BanzooIO]

If it can be helpful for you and the project, here is the privacy policy on my Lemmy instance: https://community.nicfab.it/legal Furthermore, here is the privacy policy on my Mastodon instance: https://mastodon.nicfab.it/privacy-policy Both are works in progress, and they might be modified anytime.

Awesome, nice to see an admin actually on this. Thanks. Definitely open to all input on this, and as you've correctly deduced from the title, plan to expand into other platforms. How would you prefer to be attributed (or if you would prefer not).

As my current version is going to maybe be a bit unsettling for uninformed users, I have created an additional optional policy introduction: https://github.com/BanzooIO/federated_policies_and_tos/blob/main/optional-privacy-policy-intro.md