Necessary changes due to EU-GDPR

Questions about SolydXK: forum, project, distribution, etc..
User avatar
ilu
Posts: 2521
Joined: 09 Oct 2013 12:45

Necessary changes due to EU-GDPR

Postby ilu » 17 Apr 2018 12:28

Starting from May 25 we'll have to adhere to the new EU-GDPR. This means several more documents with prominent links about consent, information and documentation on this forum and on the website. This will be a lot of work - does anybody already have english documents fit for use?

User avatar
Arjen Balfoort
Site Admin
Posts: 9310
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: Necessary changes due to EU-GDPR

Postby Arjen Balfoort » 17 Apr 2018 13:51

I quickly scanned https://www.eugdpr.org :shock:
I always feel a slight panic coming up with these kind of sites...where to start?


SolydXK needs you!
Development | Testing | Translations

User avatar
ilu
Posts: 2521
Joined: 09 Oct 2013 12:45

Re: Necessary changes due to EU-GDPR

Postby ilu » 17 Apr 2018 16:51

Page design: We will need another toplevel menu items for "Privacy statement and Imprint" (maybe 2 if they can't be combined - I'll have to check that) - best place would be next to "FAQ" if that's possible. Same on the homepage next to "About". It can't be a submenu.
I'm already working on the text to put there for other projects but of course I'd be happy to make use of other peoples work so if anybody already did it ... :lol:

Registered forum and homepage users: Next we'll need to have a look at what people see when they register, I'll have to make a test account to check and then redesign the texts. Still enough time untill May 25th.
You'll have to think about where exactly you store user data - backup included - and write that down in a few sentences for the privacy statement. A deleted account has to really be deleted - backup included, but it's still unclear how that's to work on backups and probably overkill for our situation. Lastly registered users have to have a way to see all data stored about them - that point might need some addenda upstream at phpBB. At the moment I think the user profiles are enough - if all stored data is visible there?

Guests: Since we don't use cookies except for registered users there's nothing we'd have to show to guests. But there's a tracking script from wp.com - It would be better to get rid of that while redesigning the homepage. Since you seem to have chosen plone for the new homepage that will be gone - excellent decision. But you are now using a cookie to set a language - bad choice because that needs cookie consent. Maybe no language cookie except for registered users? If you don't store data you have nothing to care about, so that's always the best decision..

Repository users: This is something I have to think and read up about. I don't think anybody has already thought that through. Please write up what data - if any - you - unvoluntarily - collect and whether it's stored somewhere. It's probably just numbers for usage statistics and no IPs?

User avatar
ilu
Posts: 2521
Joined: 09 Oct 2013 12:45

Re: Necessary changes due to EU-GDPR

Postby ilu » 23 Apr 2018 16:28

Just in case anybody wants to have a good laugh (pick any of the articles and enjoy):
https://www.startpage.com/do/search?cmd ... ith_date=y

Just some of the headlines:
  • Whois? No, Whowas
  • Whois is dead as Europe hands DNS overlord ICANN its arse
  • Can we still have a GDPR moratorium, asks US domain-name body
  • As GDPR draws close, ICANN suggests 12 conflicting ways to cure domain privacy pains
  • Internet overlord ICANN has hit on an ingenious solution to the impending collision of the domain name system's Whois service and incoming European privacy legislation: let everyone else figure it out.
  • Hey, so Europe's GDPR privacy deadline for Whois? We're going to miss it ... by a year or so
Also some of the pictures are hilarious.
https://www.theregister.co.uk/2018/04/10/gdpr_whois_regulations/ wrote:In response to its organizational failure, ICANN's CEO Goran Marby sent a copy of its flawed GDPR "Cookbook" to each of Europe's 28 data protection agencies on March 26 and asked them to tell it what they should do. And asked that ICANN and its contracted parties be given a special exemption from the law while it tries to sort itself out.
"We request you to help ICANN and the domain name registries and registrars to maintain the global WHOIS in its current form, through either clarification of the GDPR, a moratorium on enforcement or other relevant actions, until a revised WHOIS policy that balances these critical public interest perspectives may be developed and implemented".
Holy shit. They know of the problem for 10 years and chose to ignore it! It's obviously too hard to accept that EU governing bodies want to forbid "to maintain the global WHOIS in its current form". That's the point of GDPR.
https://www.theregister.co.uk/2018/03/16/whois_gdpr_icann/ wrote:Marby also made a second desperate plea, this time to European GAC members, who he "humbly begged" to contact their data protection authorities to get "firm advice" on what needed to be done to the Whois system to bring it in line with Euro law.
...
In short, it (GAC) argues that the changes proposed by ICANN "are not supported by the necessary analysis and supporting rationale which poses the question whether the choices reflected in the current proposal are required by the law."
What???? They didn't even read the GDPR? I stopped laughing at this point. They should hire me. I can read.

User avatar
Arjen Balfoort
Site Admin
Posts: 9310
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: Necessary changes due to EU-GDPR

Postby Arjen Balfoort » 23 Apr 2018 17:19

I'm working my way through the articles. Interesting, shocking and funny!

I've also read through this phpBB thread where GDPR and phpBB is discussed: https://www.phpbb.com/community/viewtop ... &t=2419821


SolydXK needs you!
Development | Testing | Translations

User avatar
grizzler
Posts: 2175
Joined: 04 Mar 2013 15:45
Location: The Hague, NL

Re: Necessary changes due to EU-GDPR

Postby grizzler » 25 Apr 2018 20:07

The latest from The Register: ICANN takes Whois begging bowl to Europe, comes back empty

Pathetic.
Frank

SolydX EE 64 - tracking Debian Testing


Return to “Non-technical”

Who is online

Users browsing this forum: No registered users and 1 guest