GDPR discussion thread

Maybe, but although representatives love money passing the love of women, governments love power, and extending that power over dangerous devices of communication between citizens, terrorists, illegal downloaders, Russians, designated trolls, and whomever is currently Emmanuel Goldstein For A Day..


Back to Samizdat !
 
Maybe, but although representatives love money passing the love of women, governments love power, and extending that power over dangerous devices of communication between citizens, terrorists, illegal downloaders, Russians, designated trolls, and whomever is currently Emmanuel Goldstein For A Day..


Back to Samizdat !
Well, I'd say the current lack of any real online privacy rights does extend their power, since all that data can just as easily be shared with the government as it can with other businesses. ;)
 
With the new option for the cookies notice at the bottom, if they don't click accept, do any cookies drop? If none, then would there be no ads displayed? Tracking code? If that's the case, then I will likely be adding this to my site to force people to either accept or leave.
https://www.quantcast.com/gdpr/consent-management-solution/

We've had to add that in order to satisfy our Media partner, it is 'Interactive Advertising Bureau (IAB) ' approved
 
Okay I'm trying to understand this but I'm not entirely sure I understand...

My sites are hobby/discussion forums. They're not for profit, though we do collections donations (through paypal) to help keep it running.

Does my site have to comply with GDPR?
 
Personally, I'm a LOT more worried about this new law the EU Parliament is set to vote on in late June:

https://www.techdirt.com/articles/2...ill-be-complete-utter-disaster-internet.shtml

Filters, filters everywhere, but of course it will all supposedly be "optional." :sick:

If you ask me, it all sounds like GDPR Extortion to me. If you are looking to stun growth, kill online startups, and fine sites millions or billions of dollars. GDPR, in my opinion, GDPR is not pro-business, they are anti-business, and their new law pretty much backs up those claims, now the EU is coming out with some lame copyright proposal that will further alienate people from starting any type of online business out of fear.

I am not sure what type of debt that the EU is in, but it seems to me that these new absurd laws is to fine websites so they can make massive amounts of money, and if I did not know better, all this would imply that the EU wants to control the internet on their terms, pay to play, and if the GDPR ever collects any of these ungodly fines, then where does this money go? to the EU debt fund or something? or maybe to those people that created the GDPR to begin with, all of this has the same stink, and has to do with money, power, extortion, and control.

Think of it this way, if your site is not within the EU, do you want another country controlling what you do? I am not sure what everyone else thinks, but I think what GDPR / EU is doing is completely unethical to say the least, and I am not sure how anyone else can say otherwise.
 
Last edited:
With the new option for the cookies notice at the bottom, if they don't click accept, do any cookies drop? If none, then would there be no ads displayed? Tracking code? If that's the case, then I will likely be adding this to my site to force people to either accept or leave.
https://www.quantcast.com/gdpr/consent-management-solution/

According to the GDPR fake law, then you can not give the user an ultimatum, by doing this, then you are taking away the choice of the user to make the decision to stay or leave on their own, in other words, GDPR is taking away your rights to say accept the cookie or be denied access.
https://www.westernjournal.com/face...ith-8-8-billion-lawsuit-on-first-day-of-gdpr/
 
According to the GDPR fake law, then you can not give the user an ultimatum, by doing this, then you are taking away the choice of the user to make the decision to stay or leave on their own, in other words, GDPR is taking away your rights to say accept the cookie or be denied access.
https://www.westernjournal.com/face...ith-8-8-billion-lawsuit-on-first-day-of-gdpr/
The link I provided still lets the user change the way cookies are dropped, just not as obvious.
 
I am proud to announce that we received our first GDPR-based warning on our fax today.
Took a bit longer than expected (my bet was that the first one would come on friday afternoon), but anyway it's finally there :)
 
If you ask me, it all sounds like GDPR Extortion to me. If you are looking to stun growth, kill online startups, and fine sites millions or billions of dollars. GDPR, in my opinion, GDPR is not pro-business, they are anti-business, and their new law pretty much backs up those claims, now the EU is coming out with some lame copyright proposal that will further alienate people from starting any type of online business out of fear.

I am not sure what type of debt that the EU is in, but it seems to me that these new absurd laws is to fine websites so they can make massive amounts of money, and if I did not know better, all this would imply that the EU wants to control the internet on their terms, pay to play, and if the GDPR ever collects any of these ungodly fines, then where does this money go? to the EU debt fund or something? or maybe to those people that created the GDPR to begin with, all of this has the same stink, and has to do with money, power, extortion, and control.

Think of it this way, if your site is not within the EU, do you want another country controlling what you do? I am not sure what everyone else thinks, but I think what GDPR / EU is doing is completely unethical to say the least, and I am not sure how anyone else can say otherwise.

Crooked politicians doing the bidding of those paying them the most money. Nothing new there. Okay, I'll give a few of them the benefit of the doubt and assume they might really believe that being so "friendly" to big business will somehow make their economies prosper - which is probably what the people lining their pockets are promising them - but whatever their true intentions it's all very short-sighted. Directly in the wake of the GDPR's passing, that's supposed to be all about respecting and protecting people's privacy, we have this legislation that creates a situation where almost everything users do online will be more closely monitored.
 
And so it begins

Under the GDPR I wish to exercise my right to request a copy of all personal data you have recorded about me, and have it deleted. I would like my account closed in addition to this, I note that your website states that accounts cannot be deleted, however this statement is in breach of GDPR and I require you to act upon this request.

Under GDPR I am entitled to ask for you to do this, and cite the following reasons:

* the personal data I gave you is no longer necessary for the purpose which you originally collected or processed it for; as I was banned as a member of your site and you therefore do not need my data
* you are relying on my consent as your lawful basis for holding the data, and I hereby withdraw consent;
* you are relying on legitimate interests as your basis for processing, I objects to the processing of their data, and as I am no longer active on your site and do not wish to be, there is no overriding legitimate interest to continue this processing;

With regards your advertised privacy policy, please be sure to include all of the following data types in your reply, and subsequent deletion:

Internet Protocol (IP) address
Device Fingerprint data
geographical location
browser type and version
operating system
referral source
length of visit, page views, website navigation and any other related browsing activity

In addition, any personal data which you, or your systems have recorded as linked to my former account should be included in this request.

Under GDPR you have one calendar month, beginning from May 29th (as the next working day). If I do not receive my data by this time, I will pursue further action against your website and seek the highest penalties available.

Can anyone advise on how we should respond to this?
 
I should add, the email address he contacted us from was NOT the one associated with his account. I assume I can wait a month and send back an email to that effect?
 
I would definitely require this person to contact you from the account to verify.

Yeah so my plan is to email him in 29 days, telling him he has to email from the correct email. That I assume resets the clock and gives us 2 months but what are we actually required to do?

He's clearly trolling us as he's been banned.
 
Yeah so my plan is to email him in 29 days, telling him he has to email from the correct email. That I assume resets the clock and gives us 2 months but what are we actually required to do?

He's clearly trolling us as he's been banned.
I'll let someone more knowledgeable on the matter respond as this is not something I'd trust my advice on haha.
 
Unfortunately, this kind of thing is going to happen a lot. I remember reading about a poll somewhere where something like one in five people said they would consider making such requests as a way of getting back at companies they felt had treated them badly. The good news is that there's only a relative handful of European regulators and it will probably take them at least months to get around to you, and then it's not at all clear what if anything they could do about it, especially if you're outside the EU. The regulators themselves probably aren't all that clear about what they should do in many cases, and it's doubtful they have the power to do much right now in a lot of situations, especially if, again, you're not in the EU. Yeah, yeah, some people will get upset at this seeming "thumbing of the nose" at their vaunted laws, but let's face it: the GDPR right now is a big fat mess that not even most Fortune 500 companies have yet fully got a handle on.
 
Last edited:
I would send something along the lines of...

Thank you for your recent request...blah de blah.
In order to further your request please confirm the email address you registered with, the date of registration, the date you last posted to our forum and the IP address that you last used when visiting us whilst logged in.
We require this information to validate you as the user before we can release to you the information requested.

Regards .....



That should just about flumox most enquiries and you are well within your rights not to release such personal information unless you can be assured that it is to go to the person identified by such.
 
Yeah so my plan is to email him in 29 days, telling him he has to email from the correct email. That I assume resets the clock and gives us 2 months but what are we actually required to do?

He's clearly trolling us as he's been banned.

Until there is a legal precedence set nobody can really answer that with any authority because it's unknown territory.

My advice would be to try and ensure it is not you that gets caught up in a legal procedure so I would not assume that delaying your reply resets the clock. In fact I'm sure that it wouldn't.

I would reply straight away stating that for security purposes you require confirmation of the erasure request from the registered email account. In the unlikley event of a legal action being brought against you it demonstrates that you are willing to comply with the member's request.
 
Top Bottom