Hello There, Guest! Register

Tulpa Community Census 2018

GDPR
Pleeb Offline
Owner
Forum Administrators

Posts: 853
Threads: 70
Joined: May 2012
2 Attached Accounts
#1
 
GDPR

I'm not sure if this warrants an announcement yet, and we're not even sure to what extent it applies to us.  However, we're actively investigating this, and will likely have an answer/announcement/something over the weekend.
05-25-2018, 12:13 AM
Website Find Reply

Sponsors:
Lolflash - click it, you know you want to

Luminesce Offline
loves the moon
Registered

Posts: 1,466
Threads: 11
Joined: Apr 2014
4 Attached Accounts
#2
 
RE: GDPR

Wouldn't that be on MyBB and not us? I'm not sure we have anything to do with it, 250 is a rather unrealistic expectation. It's probably up to MyBB to comply, however they'd do that.

Hi! I'm Lumi, host of Reisen, Tewi, Flandre and Lucilyn.
Everyone deserves to love and be loved. It's human nature.
My tulpas and I have a Q&A thread, which was the first (and largest) of its kind. Feel free to ask us stuff.
05-25-2018, 06:28 PM
Find Reply
jean-luc Offline
capt@in.jean-luc.org
Patron

Posts: 674
Threads: 52
Joined: Nov 2012
2 Attached Accounts
#3
 
RE: GDPR

They might *say* it applies to everyone (those with EU citizen's data, so almost everyone), but I can say that the laws of the federation apply to you; doesn't mean they do. If Pleeb is outside the EU and the company hosting is outside the EU, I don't see why you can't give the EU the middle finger and continue with your day like normal.

Also I should move to the EU…

Host: Jean-luc (plain-colored text)
Tulpas: Snow & Henry
Choose your tulpas' colors here!
Click here if you'd like a changing avatar like mine!
Ain't that just fantitiliantastic!
I host a podcast called Tulpaudcast.
and ramble crazily about everything while walking on Jean-luc walking.
05-25-2018, 08:16 PM
Find Reply
Pleeb Offline
Owner
Forum Administrators

Posts: 853
Threads: 70
Joined: May 2012
2 Attached Accounts
#4
 
RE: GDPR

(05-25-2018, 06:28 PM)Luminesce Wrote: Wouldn't that be on MyBB and not us? I'm not sure we have anything to do with it, 250 is a rather unrealistic expectation. It's probably up to MyBB to comply, however they'd do that.
I wholeheartedly agree -- mybb is the ones that came up with the solution to those new cookies terms awhile back, and I'm surprised that they haven't come up with anything yet.

There's a pretty big discussion going on here, as well as a plugin that's in the works (currently being tested): https://community.mybb.com/thread-215816.html

(05-25-2018, 08:16 PM)jean-luc Wrote: They might *say* it applies to everyone (those with EU citizen's data, so almost everyone), but I can say that the laws of the federation apply to you; doesn't mean they do. If Pleeb is outside the EU and the company hosting is outside the EU, I don't see why you can't give the EU the middle finger and continue with your day like normal.

Also I should move to the EU…

It basically applies to anyone that handles EU citizen data, even those outside the EU. So if it does apply to community forums, it'll apply to tulpa.info unless we bar anyone from the EU from joining.
(This post was last modified: 05-25-2018, 10:38 PM by Pleeb.)
05-25-2018, 10:38 PM
Website Find Reply
jean-luc Offline
capt@in.jean-luc.org
Patron

Posts: 674
Threads: 52
Joined: Nov 2012
2 Attached Accounts
#5
 
RE: GDPR

Did you even read my message? It doesn't apply even if they say it does. They can't enforce it. They might send a big scary letter telling you to pay fines, but they can't force you to pay or garnish income or jail or anything if you're in another country.

Host: Jean-luc (plain-colored text)
Tulpas: Snow & Henry
Choose your tulpas' colors here!
Click here if you'd like a changing avatar like mine!
Ain't that just fantitiliantastic!
I host a podcast called Tulpaudcast.
and ramble crazily about everything while walking on Jean-luc walking.
05-25-2018, 10:55 PM
Find Reply
Pleeb Offline
Owner
Forum Administrators

Posts: 853
Threads: 70
Joined: May 2012
2 Attached Accounts
#6
 
RE: GDPR

(05-25-2018, 10:55 PM)jean-luc Wrote: Did you even read my message? It doesn't apply even if they say it does. They can't enforce it. They might send a big scary letter telling you to pay fines, but they can't force you to pay or garnish income or jail or anything if you're in another country.
I did... I'd still rather not get scary letters saying that I'm being taken to court in Europe for €20,000,000 (the minimum fine for violating this, for tulpa.info).  I can see it being a mess, and feel like someday it could come to bite me (this is worse-case scenario ofc -- but the university that I work for is in full legal crazy mode over this.... and I always have the worst of luck).  Still, some suspect strings could be pulled.

I remember reading somewhere that punishments could result in de-indexing your website from search engines (in europe?), though that sounds far fetched.

EDIT: I can't say if this is a big deal or not, and I hope you're right.  It's yet to be determined if anything will even come of this, but I would rather be safe than sorry.
(This post was last modified: 05-25-2018, 11:55 PM by Pleeb.)
05-25-2018, 11:55 PM
Website Find Reply
Pleeb Offline
Owner
Forum Administrators

Posts: 853
Threads: 70
Joined: May 2012
2 Attached Accounts
#7
 
RE: GDPR

Just an update.  The MyBB plugin seems to be stable, but we'll have to upgrade the forum for it to work.  I'll be shutting things down and upgrading tonight; aiming to have the plugin itself installed in the next couple days.

Conversation in the IRC this morning on the subject.
Code:
<lindalap> Pleeb: what are you doing. The minimum fine is not 20M€, Europeans try to get you into compliance with talk, not like US courts trying to get you into compliance with fines on first violation.
<lindalap> The way they enforce it is exactly by you appointing a data protection representative in the EU.
<lindalap> Even if you fail that, there's international agreements where courts in a third world country would be required to confirm the violation if you did not do the proxy via EU's represenative as required.
<lindalap> The fine is maximum, not minimum, of 20M€ if not the 2/4%
<lindalap> The responsibility is not entirely on MyBB. You'd still have to name the representative, which is not MyBB's thing to do in software.
<lindalap> Also, ads (?) or whatever sponsored content is there is data sharing with third parties and is not considered by MyBB.
<lindalap> s/content/stuff/
<Pleeb> lindalap, http://community.tulpa.info/thread-gdpr?pid=203734
<lindalap> By the way, please change your forum title from "owner" to something like "steward".
<lindalap> Or "operator"
<Pleeb> ?
<lindalap> I don't even like the consideration "does this apply to tulpa.info", just apply the principles globally to everyone.
<lindalap> Some privacy standards.
<lindalap> Re: search engines, what it may do is abuse reports against the hosting provider of the forum.
<lindalap> for terms of service violations
<Pleeb> You should post that in the thread :P...  I seem to be the only one arguing for GDPR (I work in a field that deals with it actively)
<lindalap> I don't have an account and I don't see a privacy policy yet, which would not keep me captive.
<lindalap> I kindly refuse.
<Pleeb> The reason it's up for debate if it applies to us is because it seems to note that it applies to Enterprises, which the community forum isn't..
<Pleeb> Yeah, that's fine.
<lindalap> The first link you posted is misleading
<lindalap> wrt. economic and 250
<lindalap> If you read the GDPR text itself, it says "household" and "purely personal" activities are out of scope.
<Pleeb> Like the whole cookie thing a while ago with Google, I feel like this is something the forum software should be solving (and someone did make a plugin, but I'm waiting to see the results of the testing).
<lindalap> "professional or commercial activity" is in scope, "irrespective of whether a payment of the data subject is required"
<lindalap> And it's also to be considered there are a large amount of data subjects whom tulpa.info concerns and processes
<lindalap> And yeah, it needs software changes.
<Pleeb> Thankfully we're doing a fair bit of the stuff that the GDPR does as standard practice.  Like, if you request in Talk to Staff to have your username anonmyzed and account deleted, we do that for you.
<Pleeb> We just have to do it manually right now, which we do.
<Pleeb> (like, we run a database command to change usernames in quotes, etc)
<lindalap> That's good. Just hope it was in a privacy policy to be informed as GDPR wants to.
<lindalap> I'm not sure who will be your proxy in the EU, though.
<Pleeb> Nah, it's not in the private policy atm.  But we're working on it.
<Pleeb> I believe the new plugin that's being developed for the forum software we're using covers that.
<lindalap> EU is at advantage. Europeans can kind of self-represent, US and others have to appoint a person in the EU.
<Pleeb> And we're aiming to have something updated through the weekend either way.
* Felight (Felight@Rizon-63B9F729.hsd1.va.comcast.net) has joined
* Felight has quit ()
* Felight (~Felight@Rizon-63B9F729.hsd1.va.comcast.net) has joined
* ShanCerv gives channel operator status to Felight
<lindalap> Anyway, tulpa.info and other tulpa forums got archived by ArchiveTeam again all the sudden, in case you're not going to be able to comply.
05-27-2018, 05:06 PM
Website Find Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)

Sponsors:
Lolflash - click it, you know you want to


Contact Us | Tulpa.Info | Return to Top | Return to Content | Mobile Version | RSS Syndication