Dries Buytaert

The data protection challenges of a decentralized, social web

We have to make the decentralized, social web compliant with data protection regulation

Last night, I read a thoughtful blog post from Sebastian Greger, which examines the challenges of implementing privacy in a decentralized, social web. As a part of my own POSSE plan, I had proposed implementing support for Webmention on dri.es. This would allow me to track comments, likes, reposts, and other rich interactions across the web on my own site.

Sebastian correctly explains that when you pull in content from social media websites into your own site with the intention of owning the conversation, you are effectively taking ownership of other people's content. This could be in conflict with the GDPR regulation, for example, which sets tight rules on how personal data is processed, and requires us to think more about how personal data is syndicated on the web.

Data protection is important, but so is a decentralized, social web. These conversations, and the innovation that hopefully results from it, are important. If we fail to make the Open Web compliant with data regulations, we could empower walled gardens and stifle innovation towards a more decentralized web.

— Dries Buytaert