[rdpintqogeogsaa]

GDPR exists right now, actually, and most instances are far from in compliance.

[ndsipa_pomu]

How are they not in compliance?

[rdpintqogeogsaa]

For example by not providing a privacy policy that contains all the information required by GDPR article 14.

[ndsipa_pomu]

Wouldn't that be only applicable if they were harvesting people's information submitted by other people?

My first thought is that people running Mastodon wouldn't qualify as data controllers, but I am no expert in GDPR laws.