• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle

  • It depends how you use car assistance devices. It you drink Musk’s cooldaid about the autopilot it’s bullshit. People who use these technologies to do something else/let them get distracted are idiots and tbh, should be punished severely.

    But there is ample scientific data that e.g. radar based speed control/adaptive cruise control does reduce injury rates as it let people stay focused for longer as less concentration is used.

    Basically you have a (individual )envelope of concentration/focus that you can stay reasonably focused. The time limit how long you can do so is influenced by ones general mental condition, experience, individual constitution on that day, driving circumstances, time, etc. On average it is around 2.5h.

    With well designed assistance systems this period can be prolonged by up to 1h, 45min on average and cases where we have a bad day profit more. And as we are all idiots who think we can drive 4h/5h/6h/+X straight the time we are not concentrated enough is reduced significantly.

    And of course there are pure security oriented systems that simply do things better than humans - automatic obstacle recognition and breaking systems are a good example. There is literally a kid not being injured or dead because my car has one (as it is the European law by now) - crossed a inner city street without looking, between two large vans parked on the side… No chance to see the kid. And even with 30km/h a full front collision can kill. The car was brought to a full stop before I even recognised what happend.

    Source: one of my best friends is a researcher on that topic for a major university.



  • I mostly buy parts for my woodworking shop at home from Ali. A benchdog is a benchdog and they are absolutely the same to what you get at Amazon,etc. And they are literally 1/3 of the price here even if you add shipping and customs. So if one is truely shit I couldn’t care less.

    So far I had no bad experiences really - one shipment was missing a 2 bucks piece but I can live with that. Some things actually surprised me as the quality I got was better than expected.

    Electronic wise I bought a Qotom mini PC from them years ago (directly from the Qotom shop) which still works as my UTM.

    So far I really can’t complain.



  • You can actually still use google Home if you want to - it integrates well with Google Home and Alexa but is currently massively expanding their own voice assistant option.

    Home Assistant is more a “background” integrator - it links up all you different smart home options, makes them thereby smarter and adds external data (e.g. weather, traffic,etc.) whenever you want. And of course enables you to easily add your own visualisation and your own automations.

    It is on one side incredibly easy to “start”. And on the other side incredibly powerful.



  • I am a healthcare professional with some public health and sanitation training and worked/traveled in Africa, Asia quite a lot, especially in the lesser known destinatios. So for regular life? Not much. I do adhere to basic sanitary rules (cook it,peel it or leave it) and make sure the water I use is clear when I am in these areas. But otherwise just the normal stuff like washing your produce before eating it, washing your hands after having a leak,etc. In my daily life it is rather unlikely to come in contact with the really nasty shit. (okay, only when you work with raw chicken…that stuff is nasty)

    But work-wise? I am an extremist in that regard. I still wear a mask when seeing patients (more out of fear that I might infect them unknowingly), I absolutely desinfect my hands as often as required, I adhere to sanitation rules (e.g. for putting in iVs) religiously and make my students do the same. And when I am a patient I absolutely make sure that staff does the same when treating me.

    The reason for that is quite simple: I saw too many hospital acquired infections and had a minor one myself. And that is unnecessary - and the stuff you get there is the one to truely fear. That will fuck you up badly.


  • Former (small scale) data protection officer here. While I am long out off the data protection game and there are surely a lot more qualified people out there I maybe can clear up a few misconceptions here and answer a few questions that come up regularly:

    (BTW: My first language is not English and all my comments/books on that topic are not in English so excuse me if my translations are sometimes not 100% accurate)

    1. Does the GDPR even apply to a instance hosted outside the European Union? It absolutely does. And in fact it is harder to comply to the GDPR outside of the European union. The GDPR does apply to all data collectors (from now on DCs) that collect data of European citiziens. While §2 Section 2a GDPR limits the application of the GDPR to usage within EU laws the collection of EU citiziens information clearly falls under the EU law as long as the EU citizien is within the EU during the collection process.

    2. So why is it harder to comply to EU law outside of the EU? Because of local laws. A good example are US homeland security laws that do contradict the GDPR (and various other EU laws) and therefore make it impossible for someone to host EU data in the US complying to the GDPR. Facebook made a pretty costly experience in that regard recently. To comply to the GDPR one would need to keep EU citiziens out of their service AND defederate all EU instances. More of that later.

    3. Does the GDPR even apply to Lemmy posts? It absolutely does! GDPR §4.1 states clearly that all information relating to an “online identifier” (aka username) is already protected. So the IP adresses, etc. collected by the initial server aren’t even the only personal data. This makes the whole topic a clusterfuck in terms of federation.

    4. But what about my small/medium size instance? I am not a business! I make no money. The GDPR does not care a bit about ones intentions here - it applies to all instances that are beyond “personal or intrafamiliy” data collection. This basically means that you can absolutely do what you want with the data you collected at the last family reunion. Maybe one can even get away with a invitation only private instance that only caters to a group of friends knowing each other. But any DC having a public instance is not, by definition, a private DC anymore. Therefore the GDPR does absolutely apply.

    5. Can I simply the user for permission to use their data indefinitly and however I want? One surely can ask that. But that automatically invalidates the agreement. (Funnily enough this is exactly what reddit does and why reddit is not in compliance. Which might turn out costly.) The consent always has to be revokeable, amongst other things.

    6. So what does the GDPR stipulate? There are three main topic we need to look at: Data deletion, traceability of data transfers and connected to this information about data usage.

    Lets start with traceability. Because that makes the federation a federation!

    1. What does traceability of data transfers mean? It basically means that a DC must record its data transfers to third parties and ensure that data is handled there according to the consent agreement with the user and the GDPR. Usually a data transfer agreement is necessary to ensure the rights of all parties. This makes it so difficult for a federated system: In theory a instance would need a data transfer agreement with ALL instances that federate data from it. And these instances woud then need to make sure that they don’t transfer OR their transferpartner is covered in the original data transfer agreement as well their own one. A receipe for a pretty nice clusterfuck.

    2. What does data deletion mean? Under the GDPR every user has the right to have his data deleted from a DC. This does not include data necessary for legal obligations but basically everything else. So the user can at any point revoke his consent and make the instance delete all their data.

    3. Okay, I deleted the data on my instance, do I now comply to the GDPR? Surely I can simply ask the user to go to the other instances and ask them to remove the data? No. And here is another problem: The original DC (the users instance) is responsible for the data handled through transfer. That’s why one needs a transfer agreement. To ensure that the data is deleted on all instances it was transfered to. There are two exceptions here: “Involuntary data transfer” is generally seen as not being part of the data handling. But that mainly applies to datascrapers like the web archive and similar usage where the data is transfered through general usage of a page that the DC cannot reasonaby prevent without limiting the usage of their service massively. That would very very likely not apply to a service that does provide a specialised api for the transfer. The other one is a data transfer partner not complying. In that case the user can sue the DC, but the DC can sue the transfer partner for breach of contract.

    4. What does right to information usage mean? Basically a user has a right to know what happened to their data. So in case of the federation: To what instances got my data transfered to? How did they use it? Did they transfer it?

    5. The end: What does that mean for Lemmy? To be honest: I can not fathom a way that put Lemmy in a position that is fully GDPR compliance. There might be one, but I can’t imagine one that does not entail full defederation. But Lemmy can and must urgently improve the GDPR compliance as far as possible:

    • We need tooling for administrators to easily remove a users personal information from their own instances. Currently this is still very bothersome and time consuming manual work as far as I know.
    • We need a tool to federate deletion requests. So once the administrator of the “original instance” deletes the data a request is sent out to all instances and they automatically delete the user data then.
    • We need a system to deal with instances who do not follow deletion requests. This, for example, could include a “karma” system - once you are caught to not delete the userdata you are getting bad karma. And with enough bad Karma you get defederated by more and more instances.
    • We need a tool to inform people which instances did federate their data.
    • We need to optimize data frugality: The less data is collected the better it is.
    • We should consider data transfer agreements between the instances being set up automatically.

    In theory even then someone can sue an instance owner. Even then we are not 100% in compliance. But it is a far better position in court if one can argue that they did basically everything they can to ensure the users right compared to “I don’t give a f****, your honour”.

    Additionally we should lobby for change in the GDPR to include better rules for federated systems. Also because E-Mail as another federated system is not in compliance - that can easily be weaponized as a good point.