Notices by Erin 💽✨ (erincandescent@akko.erincandescent.net)

@ryanc @hovav @f4grx @brouhaha it would be nice if an algo were written down as per e.g. https://github.com/C2SP/C2SP/blob/main/det-keygen.md for ECDSA

@f4grx @brouhaha @ryanc i don’t see any problem with using a e.g. 256-bit seed to a DRBG into a known algorithm to generate the private key

in fact this is how e.g. ed25519 and ML-KEM are defined.

@cwebber

wireless mouse: ehh probably ok
wireless keyboard: what the fuck hell no

@whitequark Do you have access to any of the confidential information here, or are you going purely based upon what is public?

That Person A is terrible does not mean that Person B is not terrible. That logs exist does not mean that information does not exist outside of the logs.

I have no ongoing association with either party in the concrete case. I have knowledge ofsome nonpublic information not from either party that I consider materially relevant but i would not consider sufficient to base a decision upon.

@whitequark My agenda as much as it exists is to remind people that the court of public opinion is, in practice, a lynch mob.

To paraphrase a post I just read

I have learned that (a named member of a community safety team) is saying that evidence against me exists, but they cannot share it without endangering others

This means (said team) is effectively judging me based upon secret evidence against without opportunity for due process or defence

This isn’t how a community safety team should act

Actually, no, this is exactly how a community safety team must conduct its’ business.

As a relatively extreme example: let’s say I’m a member of such a team, and I become aware that a project member has nonconsentually distributed nude photos of their former partner. The evidence there is the offence; clearly I cannot just publically republish those photos.

Lets say you approach me with logs of a 1:1 conversation you had with a person. If I redistribute those, either to the accused or to the public, I am fundamentally revealing to the accused that you provided those logs; this fundamentally exposes you to harm and abuse from the accused person.

Depending upon jurisdiction, publication of such accusations can also be a legal violation of the accused’s right to privacy under data protection law, or considered libelious or slanderous, or at least sufficient grounds for one to attempt such a lawsuit. This is not a risk that you can generally take or that most people would be willing to take. This is why, in general, safety and moderation teams will not comment on expulsions or bans except in the most general terms unless forced otherwise

Yes, you have to trust the safety team’s assesment as to whether the provided information and/or evidence is fake, misleadingly quoted or genuine. Yes, you have to trust their decision. Yes, they might get it wrong. Yes, this is imperfect.

A community safety team is not a court. They do not have the evidentiary standards of a court. They also do not have the powers of a court to compel release of evidence, nor to restrain from redistributing confidential evidence or to reasonably punish them for such mishandling. The court process is not the be all and end all of conflict resolution; there is a large gap between “proven to a court’s satisfaction to convict” and “disproven”, and there is also a large gap between “unreasonable behaviour within a community” and “unreasonable behaviour punishable by law”

Now, I would say that in general a community safety team should not comment at all on their actions, but when you repeatedly publically name members of said safety team to your thousands of followers, with the inevitable consequential result being discreditation at best and in all likely circumstances harassment, you have to wonder whether you are actually a safe and responsible person to have as a part of a community.

Interesting case on the intersection of the e-Commerce Directive 2000 and the GDPR. n.b. that parts of the e-Commerce directive referenced in this decision have been replaced by the Digital Services Act 2022, but I don’t think there would be any impact here.

The TL;DR appears to be that if your T&Cs are overbroad, you are no longer a mere conduit under the e-Commerce Directive/DSA and thereby you are responsible for any data published:

66 Although it is apparent from the case-law cited in paragraph 58 above that a person may be classified as a ‘controller’ of personal data only if he or she exerts influence over the processing of such data, for his or her own purposes, it should nonetheless be noted that that may be the case, inter alia, where the operator of an online marketplace publishes the personal data concerned for commercial or advertising purposes which go beyond the mere provision of a service which he or she provides to the user advertiser.

67 In the present case, it is apparent from the order for reference that Russmedia publishes advertisements on its online marketplace for its own commercial purposes. In that regard, the general terms and conditions of use of that marketplace give Russmedia considerable freedom to exploit the information published on that marketplace. In particular, according to the information provided by the referring court, Russmedia reserves the right to use published content, distribute it, transmit it, reproduce it, modify it, translate it, transfer it to partners and remove it at any time, without the need for any ‘valid’ reason for so doing. Russmedia therefore publishes the personal data contained in the advertisements not on behalf of the user advertisers, or not solely on their behalf, but processes and can exploit those data for its own advertising and commercial purposes.

68 Consequently, it must be held that Russmedia exerted influence, for its own purposes, over the publication on the internet of the personal data of the applicant in the main proceedings and therefore participated in the determination of the purposes of that publication and thus of the processing at issue.

In summary: keep any rights reservations in your T&C concise and to the point

@filippo @oec @kasperd I have seen this incorrect belief from multiple people at this point and i’m deeply curious who introduced it because I don’t think even Bernstein’s screens said it (but I must confess I only lightly skimmed them, having more important things to do with my time…)

A perhaps niche question I’ve been trying to find the answer for which someone on here might know the answer to: what’s the present day copyright status of works made for or by the former government of the DDR?

(Specifically the copyright state in present day Germany, because per the Berne convention everything else will flow from there)

SPIEL Essen

📷 Sony a7R III, Minolta MC Rokkor-PF 55mm 1:1.7 #photoposting #photography

Two more.

I wish I’d had another go at the Tarot cards. They look soo good, but my focus was a little off (and they’re quite tricky to photograph in general!)

Upsides of a 60s manual focus lens:

• Absolutely dirt cheap
• Lightweight
• Aperture ring way more satisfied than digital dial

Downsides:

• Its super easy to take just out of focus photos when you’re moving quickly/being lazy and don’t check the image at full magnification

@domi @ptrc It looks like the issue is that Forgejo is creating an account on receiving an actor self-deletion activity…

Which feels pretty busted to me