[Members] GDPR & XSF - Minutes

Jonas Wielicki jonas at wielicki.name
Mon Mar 26 16:26:35 UTC 2018

Hi Zash,

On Montag, 26. März 2018 17:53:17 CEST Kim Alvefur wrote:
> It should be taken into consideration that there are more than one kind
> of server operator.

Very good point.

> Roughly, I think these fall into these three groups:
> -   Public servers aimed at the general public. E.g. jabber.org.
> -   Private persons self-hosting, for themselves and possibly friends
>     and family. E.g. myself.

I think the only difference between those two might be that (a) your 
friends&family are probably not going to sue you over GDPR issues and (b) you 
*might* be able to claim that as Article 2.2 c) "purely personal or household" 
activity depending on the size of the group (IANAL whether that actually 

If (b) does not apply, I’m not sure if (a) is enough to be safe.

(I am currently assuming not (a) and not (b).)

> -   Companies and organizations running federated servers for internal
>     communication and contact with customers, partners etc.

For those, the general federation considerations would be relevant. I think we 
shouldn’t focus on this type of deployment, since those are the most likely to 
have the financial resources to figure out legal matters themselves.

kind regards,

More information about the Members mailing list