Nicolas FR
Well-known member
My site my rules. It’s pretty clear yes.
Request of personal data
- Thread starter Faust
- Start date
Sim
Well-known member
Of course I can't arbitrarily declare the laws of the country I operate in (or in the case of GDPR - the laws of the country my visitors are from) to be null and void. That's not what I was saying at all.
I was referring to those people who claim that my approach to moderation is not democratic - or that I'm restricting their "freedom of speech", thus showing a complete lack of understanding about what those things actually mean.
The government under whose jurisdiction I operate, sets the laws around what is acceptable - I cannot go beyond that. But within that broad range, I can set whatever rules I like.
I run my sites as a benevolent dictator - I set the rules, I interpret the rules to determine which content is acceptable and which isn't - and I enforce the rules strictly. If I go too far, people will leave. I need to find the balance between maintaining order and encouraging contribution - so I do try very hard to not be a **** about the rules.
For example, I run a fairly strict "no NSFW content" rule, I also ban discussion about certain topics and certain activities such as advertising or self promotion are strictly controlled.
To have someone complain that their freedom of speech is being supressed by my rules banning discussion about certain topics shows their fundamental misunderstanding about what freedom of speech actually is.
To declare my approach to moderation to not be democratic shows their fundamental minsunderstanding about what democracy actually is.
In the same vein - someone demanding that I remove all of their content posted on my forum as their "personal data" under GDPR laws shows their fundamental misunderstanding about what the GDPR laws actually say.
Would be great if this was the case
But it isn't the case (at least in Germany).
There have been rulings in Germany (Landgericht München I Az. 12 O 16615/06, unfortunately the full text has not been published) that you can't just ban as you like.
Günter Freiherr von Gravenreuth – Wikipedia
Under GDPR you cannot charge for personal data.
Of course the XML will already contain all of the personal data you have - the rest is public data and he/she is also free to search for it from their profile.
Pepelepew
Active member
Learn some reading comprehension
digitalpoint
Well-known member
Would be interesting to see what their logic in that court ruling. But I’d say it’s fairly safe to say that for a normal random user, there is no legal reasoning that you are forced to allow them to post, have an account on your private forum, etc.Would be great if this was the case
But it isn't the case (at least in Germany).
There have been rulings in Germany (Landgericht München I Az. 12 O 16615/06, unfortunately the full text has not been published) that you can't just ban as you like.
Günter Freiherr von Gravenreuth – Wikipedia
de.wikipedia.org
Now if you have some sort of contract between them where part of it lays out some stipulation about having an account for some reason (maybe a contract where they are an admin on your site or a moderator or one business partner deleted the other), then sure they might have a case. Like maybe if @Mike banned/deleted @Kier, that could be a court case.
But I can’t think of any legal reason where a random user signs up and you are forced to allow them to have an account/ability to post and you have to pay for the server resources to host their account when you don’t want to.
Nicolas FR
Well-known member
Sorry not to be english or american... I should have read between the lines I guess...Learn some reading comprehension
Pepelepew
Active member
Ok you get a pass
Kevin
Well-known member
That'll be put to the test soon in the US due to somebody getting kicked off Twitter and is now suing. It'll set extremely bad precedent if the person gets any credence to their claim in court.
Sirmadsen
Active member
Of course laws go before a Terms of Use. What I was implying is that a user/member cannot request data that is not subject of GDPR if it is stated in said Terms. GDPR only applies to data that can directly identify a user as a specific person. If a user has a name like badboyxxx06 and a similar email, the only logical thing that could connect that user to physical person would be his or hers IP address (which is questionable since probalby more than one person uses that computer unless it's a single person which you can't know). So deleting the user is enough action, all posts and content can remain on site if you made that clear in the terms.
What you can export in the ACP is more than enough if you have a strong terms of service or terms of use in place no matter what the user request.
I do however recommend that anyone read up on what GDPR really is as it is not as simple or complicated for that matter as many want to make it sound. I work in law enforcement and security, which doesn't mean by any stretch that I'm a professional GDPR consultant, but knowing laws is kinda what I do for a living (in my country of course).
webbouk
Well-known member
You can charge to cover your expenses if the request is for data outside of your legal obligations,
combatgamez
Active member
As others have said I would just ban the user and delete all content from that user, problem solved.
Sounds like no matter what you would do the person wouldn't be happy.
Of course, it is your site and your rules, just remember though which country you are in and your servers and what that means when it comes to what laws you could potentially be breaking. But in all honesty some person on the internet will usually give up if you just ban hammer them.
Sounds like no matter what you would do the person wouldn't be happy.
Of course, it is your site and your rules, just remember though which country you are in and your servers and what that means when it comes to what laws you could potentially be breaking. But in all honesty some person on the internet will usually give up if you just ban hammer them.
