GDPR explicitly exempts government entities. Still, way better than not having it IMO.

Regulating governmental intrusions into privacy would take a completely separate and probably much larger bill.

Tor.

And the correct term is anonymizing proxy. Having the term VPN overloaded to mean two completely distinct things is rather annoying and/or confusing.

I’m fairly sure I’ve seen an NNTP based imageboard that distributed it’s content through that protocol and different instances had overlap of boards. That’s about the closest match to federated system you’re going to find with this model I think. Interesting concept. Not something I’d want to interact with personally though.

For anonymous proxy (which is what you seem to mean instead of VPN) I just keep using Tor for almost everything. Sure, some services do block it - more than your usual commercial offering. But TBF that mostly saves me time from tying to deal with them.

Original WhatsApp was XMPP with phone number for your username. Pretty much what https://quicksy.im/ does now.

WhatsApp today is completely different beast.

It’s been a year or two, but last time I tried it their app worked fine on x86 Android in qemu. Not the most efficient way to run it, but at least it’s isolated from the rest of the system.

Slight difference is that Zuck has had control from the start, whereas other companies might have had “don’t be evil” leadership that was… optimized away for financial reasons.

Not that it really matters nowadays. Just an observation.

Honestly it was mostly a Discord competitor if anything. One with FOSS clients for desktop and Android.

The private chat is baseline implementation just to tick a box rather than anything practically useful.

Re profiling, I don’t think instances will bother doing that (unless they start running ads). However, they also don’t prevent anyone from building that profile themselves from observable behavior. And creating such database might constitute original work by itself. Now, they don’t get as fine-grained interactions as you would with tracking-infested sites. But they will get the most valuable ones such as active participation.

I’m not convinced by Session’s decision to remove forward secrecy. I don’t care if it’s malice or incompetence, they shouldn’t be in business of encrypted messaging either way.

And their lack of transparency on their share of underlying network and the associated costs for new entrants doesn’t make them smell like a cryptoscam any less.

My personal advice is avoid. You’ll be far better off with simplex, or xmpp+omemo for something not paired with phone number.

EU is not doing it yet, however there is strong push from interested parties within and outside of the EC:

https://balkaninsight.com/2023/09/25/who-benefits-inside-the-eus-fight-over-scanning-for-child-sex-content

Including illegal use of targeted advertising / misinformation campaign:

https://eupolicy.social/@ilumium/111226868912928077

Look at https://simplex.im/ then. It’s work in progress but the design is good.

But I’m glad to have a better Signal client too.

It’s been doing the exact opposite and implementing more targeted advertising after several previous monetization attempts (including a cryptocurrency integration) flopped.

Similarly the feature set is increasingly locked behind “premium” paywall.

It’s headed in no good direction if you ask me.

I call BS on that. Large-scale content scraping was already against the TOS to begin with. And you can’t kill off slow stealth scraping without also blocking search engine crawlers. Or at least not without hurting the searchability.

State authorities aren’t bound by GDPR. That’s something that’s explicitly stated in it.

Oh wow, this is great news. I expect there will still be uncomfortably many dubious black boxes left there. But it’s certainly a step in the right direction. For me the sticking point with AMD was always shoddy SW/FW/drivers shipped with superior (compared to their biggest competitor anyway) hardware design. It’s good to see them conceding that and outsourcing to open source community rather than some dubious third party.

Though for the time being if you want truly open firmware get a POWER chip instead. If you can afford it.

I feel like both of these are extremely location dependent. From my friends across North America I know that network connectivity can be very very poor if you aren’t living close to a big city.

And as far your example with school goes, I’ve seen the polar opposite happen where all kids got a mandatory Teams or Google account (depending on school) fairly early into the lockdowns.

Maybe subcontinents are still too big to generalize about from one person’s experience. :-)

Enter https://yourinstance.example.com/c/somecommunity@otherinstance.example.com into your URL bar and it should come up after a bit and let you subscribe. Some instances have blacklists you can find under the “Instances” link down bottom, but usually this should do the trick.

If you submit a request under GDPR “right to be forgotten” they are mandated to comply. (As long you are EU citizen)

Not that GDPR violations are uncommon, but at least it seems the regulators are capable of slapping companies with hefty fines.

It does but most instances disable it by default and you would have to ask admin to whitelist you.