- cross-posted to:
- fediverse@kbin.social
- fediverse@lemmy.ml
- cross-posted to:
- fediverse@kbin.social
- fediverse@lemmy.ml
Highlighting the recent report of users and admins being unable to delete images, and how Trust & Safety tooling is currently lacking.
We’re not talking about a user demanding you release a flatpak build targeting their personal linux distribution running in a VM’d WSL, we’re talking about a consumer facing social app that doesn’t include the functionality for a user to delete something they added.
You know what the acronym used for describing the most basic functional web app api is?
CRUD - Create, Read, Update, Delete
What we’re talking about is a complete free and open source project that’s built and maintained completely through volunteer labour.
There are zero obligations towards the people actively using the software.
While I agree that the functionality should exist, the devs can literally do whatever they want. Nobody is paying them.
Edit: you’re also seeing only a single instance of a conversation. I can guarantee that the devs have been dealing with asinine and demanding users for a while now. There comes a point where your patience wears thin.
Yes, there are, and that obligation is to not publish something as production ready if it is illegal to use because of how it’s built.
I’m a software developer, I understand exactly how frustrating user demands are, that was still a completely and utterly unacceptable way to respond to a very politely worded request for software that literally just doesn’t break privacy laws to run.
As the commenter pointed out, if you don’t want to fix it, fine, but then you absolutely have a moral, ethical, and professional obligation to document that clearly in your README.md.
No, there really isn’t. Do I feel that project owners should follow good practices for maintaining clean code that also allows users to keep things legal? Absolutely I do.
But that is not the same thing as an obligation. If there was a single cent exchanged between the devs and anyone else (donations do not count) then this conversation would be entirely different.
I don’t agree with the devs’ stance. But it is 100% their prerogative to say no. It’s their project, not ours.
As am I.
I agree.
No, you absolutely do not. Although I do somewhat agree on the professional part, but it’s still not an obligation. It’s completely unprofessional, but that’s different than it being an obligation.
The word obligation is not as narrow as you’re using it:
Does he have a contractual obligation? No, no contracts were signed. Does he have a legal obligation? No, the license file in the project absolves him of legal liability.
But he absolutely has a moral, social, and professional obligation to do so.
If you want to apply such a better definition, then you have an obligation to learn Rust and submit a PR to bring the project into compliance. You have a societal obligation since you are aware of the issue and use Lemmy.
You owe it to your fellow Lemmites. Lemurs? Lemmings? Whatever the term for a Lemmy user is.
All I have an obligation to do is give back to society, and I do so through taking care of my parents and grandparents, volunteering teaching classes every weekend at the community center, volunteering to upgrade and maintain an app for a non profit, donating to charity, open source projects and news organizations, helping my elderly neighbours with their snow and leaf clearing, etc.
And if you find one of my open source github projects will cause a user to violate a local law, kindly file an issue and I’ll immediately update the README.md and take it down until the issue is fixed.
100% your prerogative.
Nope, it’s my moral, ethical, and social obligation as a person, my professional obligation as a professional software developer, and if I had bothered to file the paper work for my engineering license, would also be my legal obligation as an engineer.
You seem to know what you are talking about. Have you made a pull request yet?
Have you learned how to program to fix the problem?
It doesn’t seem worth my time to learn Rust just to submit a PR to devs who behave like that, they’ll just reject it and be pithy, like they are when a user asks them to comply with EU privacy law.
Ya, this is exactly the attitude that burns out devs and kills projects. Congrats for being super entitled towards a free project.
It is not entitled to expect a published project to comply with basic privacy legislation and not be illegal to use.
If your bar for this project is that much below basic consumer expectations, then this project was always going to fail.
No it’s not. But what is entitlement is bombarding voluntary devs with garbage requests. Is this particular issue entitlement? No. But having seen the various requests made over the last year or so there’s a breaking point where a person gets overly sensitive.
Think of being pestered ALL day at work over garbage and having an all around bad day. Then on the way home you jump into a store to pick something up and someone says something annoying but ultimately innocuous to you. Some people can handle it in stride, some people’s nerves get frayed.
I’m not excusing the devs here. I don’t actually know what their thoughts are. But from personal experience in the dev world and from what I’ve seen, it looks to me like they’re getting frustrated by users.
And they might be in a region where the privacy concerns don’t apply to them. And I agree that it’s a problem, but ultimately it’s their right and prerogative to not implement.
Remember, absolutely no one here has paid a single CENT to the devs for their work (not talking about donations).
So complaining about the quality of their work while you are benefiting from it for free is literally entitlement.
I understand having frayed nerves, I even understand snapping at someone because you’re having a bad day, and I do feel sympathy for the devs, and wouldn’t hold this against them (especially since they’re at least providing a nuke everything option that will address it).
But the line between entitlement and reasonable expectation is not one of monetary compensation.
Engineering ethics does not let you off the hook just because no one paid you to build what you built. If an engineer goes to the park and unilaterally builds a playground that doesn’t meet basic legislated safety standards and kills a kid, they’re not off the hook. They will be investigated by their professional body and have their license revoked.
Hell if they just build a playground off in the woods on their own private land but don’t take reasonable steps to prevent kids from accessing or using it then they will have their license revoked.
Sure, but if you want to extend the analogy that far, then the devs are just posting free plans online on how to build a playground. It’s the instance owners who physically build the “playground” and are liable.
Again, that does not matter. If an engineer published those plans online and you built it and your kid died they would have their license revoked and face likely criminal liability.
Your failure to provide a reliable source for your claims is not my problem.
If you cannot provide a reliable source of your claims, your claim will be dismissed.
Is it entitlement if it’s making using the entire thing illegal everywhere? Since there is no tooling to block traffic from the EU / not federate with instances that don’t comply with GDPR?
No. It’s the dev’s project. They can do whatever they want with it. They can delete the repo and go live in the woods if they want.
To be clear, I don’t agree with the stance they have taken. But I also see the kind of reactions there are far from what people are making it out to be. I think the people complaining about the devs being “mean” are just hypersensitive and have never been told “no” their whole lives.
Like I said, I disagree with the devs’ position to not implement this feature. It’s been highly requested, and for good reason. But this is a free project. If they say no, then it’s no. If we don’t like that decision, then maybe we need to move somewhere else.
It sucks but sometimes that’s life.
I don’t care if they are mean. The app isn’t GDPR compliant. That’s what matters.
Fine, that’s what matters. Then ask them to implement it or write it yourself.
And if they say no, then that’s your answer and Lemmy instances within the EU will need to move out of the EU or just shut down.
They can’t be in the EU or the US. That cuts like 99% of them off. That’s exactly my point - they don’t want to implement something that makes the app illegal with 99% of the userbase being from there.