 | | | 
07.05.2018, 16:43
|  | Forum Veteran | | Join Date: Dec 2016 Location: Zurich
Posts: 1,799
Groaned at 14 Times in 13 Posts
Thanked 1,858 Times in 805 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | That's what I wrote
In theory, your user name could be changed to something random before the deletion, and your avatar would not be visible after deletion. But your user name would still be visible in quoted text; that could be fixed, but it would again rely on directly SQLing the database. | | | | | Sorry - missed that bit.
As for removing username, there's a faster/easier way. An admin can add the username to the banned words (like swear words), and it should replace any instance of the username with asterisks.
Still doesn't fix unstructured personal data...
| This user would like to thank Spinal for this useful post: | | 
07.05.2018, 16:58
|  | Moderately Amused | | Join Date: Jul 2010 Location: Bern area
Posts: 11,619
Groaned at 95 Times in 90 Posts
Thanked 20,357 Times in 9,008 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | ...Still doesn't fix unstructured personal data... | | | | | In terms of forums, don't you think there's also an element of personal responsibility? People join forums such as ours voluntarily. They share as much or as little as they want. Even if we delete instances from EF, pages have been cached by Google bots and the like. It's very, very hard to totally erase everything you've ever posted online from all locations, forever.
Although forums will get lumped in, I think GDPR is more about 3rd party companies that collect your data. For example any time you (generic you, as in any person) go to a website, there are dozens of trackers that follow you across the internet.
Most websites have a pop-up these days that say by continuing to use the site, you consent to the use of the cookies, which pretty much includes the 3rd party trackers. But the devil is in the detail of the privacy and cookie policies. How do you know what sites are tracking you and what info they have?
By using any site you've consented to others having your "personal data", but you don't always know precisely what is collected or where it's going. If a person is that paranoid about personal data he or she should basically stay off the internet, no? | 
07.05.2018, 17:02
|  | Moddy Wellies | | Join Date: Apr 2007 Location: North Yorkshire
Posts: 8,729
Groaned at 53 Times in 47 Posts
Thanked 9,942 Times in 3,654 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | As for removing username, there's a faster/easier way. An admin can add the username to the banned words (like swear words), and it should replace any instance of the username with asterisks. | | | | | Be a bit awkward for anyone seeking help with a spinal injury or enquiring about the wonderful sightseeing opportunities for a fortnight in Mirfield
| The following 3 users would like to thank mirfield for this useful post: | | 
07.05.2018, 17:08
| Forum Legend | | Join Date: Oct 2014 Location: SG
Posts: 10,454
Groaned at 629 Times in 455 Posts
Thanked 14,121 Times in 7,379 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | It's really hard to delete/scramble personal data from unstructured data (e.g. the post content). e.g. if I say that I live in Zurich, my age is 128 years old and I'm male - that can probably uniquely identify me. Thus the content of this post, would be personal data. Good luck identifying that without manually going through all my posts. | | | | | Not in the sense of GDPR. See paragraph (15)
To paraphrase:
The processing must be automated and the data structured to facilitate easy access to the personal data in question.
| 
07.05.2018, 18:39
| | Re: GDPR and EnglishForum | Quote: | |  | | | Sorry - missed that bit.
As for removing username, there's a faster/easier way. An admin can add the username to the banned words (like swear words), and it should replace any instance of the username with asterisks.
Still doesn't fix unstructured personal data... | | | | | Have you seen ****** Tap?
Very bad idea.
| 
07.05.2018, 18:52
|  | Forum Veteran | | Join Date: Dec 2016 Location: Zurich
Posts: 1,799
Groaned at 14 Times in 13 Posts
Thanked 1,858 Times in 805 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | In terms of forums, don't you think there's also an element of personal responsibility? People join forums such as ours voluntarily. They share as much or as little as they want. Even if we delete instances from EF, pages have been cached by Google bots and the like. It's very, very hard to totally erase everything you've ever posted online from all locations, forever.
Although forums will get lumped in, I think GDPR is more about 3rd party companies that collect your data. For example any time you (generic you, as in any person) go to a website, there are dozens of trackers that follow you across the internet.
Most websites have a pop-up these days that say by continuing to use the site, you consent to the use of the cookies, which pretty much includes the 3rd party trackers. But the devil is in the detail of the privacy and cookie policies. How do you know what sites are tracking you and what info they have?
By using any site you've consented to others having your "personal data", but you don't always know precisely what is collected or where it's going. If a person is that paranoid about personal data he or she should basically stay off the internet, no? | | | | | Consent is actually the hardest (imho) reason for processing to deal with. If you are processing under consent, the data subject is allowed to withdraw consent with associated implications.
Much easier to have a contractual basis or legitimate interest in most cases...
That said, in terms of a site like this where you have consented and data is being processed under consent. While there may be an element of personal responsibility, the onus is on the company to protect your data.
My personal take, (I am not a/your lawyer), is that a forum like this would be looking at shifting the focus to all data being uploaded is being made public by the data subject, thus, explicitly excluded from GDPR as it is now public data. | Quote: | |  | | | Not in the sense of GDPR. See paragraph (15)
To paraphrase:
The processing must be automated and the data structured to facilitate easy access to the personal data in question. | | | | | This assumption may be based on the scope of GDPR, which states that "this Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system."
The GDPR therefore basically refers to automated or partially automated data processing and to data processing that forms part of a filing system or are intended to form part of a filing system, even if it is not automated. The GDPR also defines the concept of a filing system, which imeans "any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis."
The Regulation also covers manual data processing when it comes to data structured based on specific criteria. On the other sied, the preamble to the GDPR (15) provides that "files or sets of files, as well as their cover pages, which are not structured according to specific criteria should not fall within the scope of this Regulation." However, please keep in mind that the laws of the Member State may extend the application of the data protection rules to unstructured files or sets of files, even if they are processed manually.
(Source: http://gdpr.blog.hu/2018/04/30/5_1_m...on_of_the_gdpr )
| 
08.05.2018, 01:00
| Forum Legend | | Join Date: Oct 2014 Location: SG
Posts: 10,454
Groaned at 629 Times in 455 Posts
Thanked 14,121 Times in 7,379 Posts
| | Re: GDPR and EnglishForum
How is my previous post an assumption?
| 
08.05.2018, 09:50
|  | Forum Veteran | | Join Date: Dec 2016 Location: Zurich
Posts: 1,799
Groaned at 14 Times in 13 Posts
Thanked 1,858 Times in 805 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | How is my previous post an assumption? | | | | | It's a quote from the linked site  I can't edit to put quotation marks.
The crucial part from the regulation is this:
"this Regulation applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system."
Hence, processing does not need to be automated, as long as it's part of a filing system. Next, a filing system is defined as "any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis."
Therefore, you can have:
* unstructured personal data, which is processed partly or wholly by automated means (e.g. forum posts)
* structured personal data, which is not processed by automated means (e.g. a paper filing archive)
both of which would be in scope.
| 
08.05.2018, 11:06
|  | Moddy Wellies | | Join Date: Apr 2007 Location: North Yorkshire
Posts: 8,729
Groaned at 53 Times in 47 Posts
Thanked 9,942 Times in 3,654 Posts
| | Re: GDPR and EnglishForum
One forum I frequent has has closed down and deleted the database.
He was running the site himself as a hobby, and it was the simple answer to all the hassle he was getting.
| 
08.05.2018, 16:03
| | Re: GDPR and EnglishForum
Sounds like a good idea.
| 
08.05.2018, 16:47
|  | Moderately Amused | | Join Date: Jul 2010 Location: Bern area
Posts: 11,619
Groaned at 95 Times in 90 Posts
Thanked 20,357 Times in 9,008 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | Sounds like a good idea. | | | | | No, that sounds like a terrible idea! | 
08.05.2018, 17:10
|  | Forum Legend | | Join Date: Jul 2011 Location: Switzerland
Posts: 23,252
Groaned at 457 Times in 353 Posts
Thanked 18,506 Times in 10,258 Posts
| | Re: GDPR and EnglishForum
No, definitely not a good idea!  Please don't!
| 
11.05.2018, 23:25
| Forum Legend | | Join Date: Dec 2010 Location: ZH
Posts: 5,320
Groaned at 58 Times in 48 Posts
Thanked 2,708 Times in 1,614 Posts
| | Re: GDPR and EnglishForum
Who in EF does one contact to put a Data request in on the 25th May?
| 
12.05.2018, 01:02
|  | Forum Legend | | Join Date: Oct 2006 Location: canton ZH
Posts: 13,131
Groaned at 218 Times in 182 Posts
Thanked 15,264 Times in 7,847 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | Who in EF does one contact to put a Data request in on the 25th May? | | | | | You're trying to get all mods to quit by May 24th? | This user would like to thank curley for this useful post: | | 
13.05.2018, 18:14
| Newbie | | Join Date: Apr 2018 Location: Como
Posts: 8
Groaned at 0 Times in 0 Posts
Thanked 12 Times in 6 Posts
| | Re: GDPR and EnglishForum
As a software developer who was struggling to make several projects to comply with GDPR I would highlight several important aspects: - Any business working with EU citizens has to comply. Unless EnglishForum bans every EU citizen from the website it has to comply.
- Personal Information is a very broad term. Cookies, google analytics, avatar, private messages between members, IP addresses, there's definitely a lot of sensitive private information collected.
- EnglishForum has to provide an easy human-friendly description on how that data is used and protected.
- EnglishForum has to get a clear consent upon a new user (as well as old ones) land on the site / register. It might be better to send emails to old users.
- EnglishForum should provide a way to remove personal data of particular user upon his or her request. It is argueable whether public posts are private information and should be protected, most likely not.
- EnglishForum should be able to explain its data protection efforts, for example tell that they do not store login, password, personal data (let's say private messages) in plain text.
That doesn't mean that if EnglishForum doesn't comply it would get into any trouble. So far everything was peaceful and no one was hurt :-) But the measures are definitely not hard to implement.
| The following 7 users would like to thank dangerden for this useful post: | | 
13.05.2018, 19:20
| Forum Legend | | Join Date: Dec 2010 Location: ZH
Posts: 5,320
Groaned at 58 Times in 48 Posts
Thanked 2,708 Times in 1,614 Posts
| | Re: GDPR and EnglishForum
No one hurt yet but predicted fines imposed will damage not only reputation but the pocket too.
| 
14.05.2018, 08:22
| Newbie | | Join Date: Apr 2018 Location: Como
Posts: 8
Groaned at 0 Times in 0 Posts
Thanked 12 Times in 6 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | No one hurt yet but predicted fines imposed will damage not only reputation but the pocket too. | | | | | I guess one should be as juicy as Facebook and leak a lot of data to get a max fine.
| This user would like to thank dangerden for this useful post: | | 
24.05.2018, 20:30
| Forum Legend | | Join Date: Dec 2010 Location: ZH
Posts: 5,320
Groaned at 58 Times in 48 Posts
Thanked 2,708 Times in 1,614 Posts
| | Re: GDPR and EnglishForum
Have I missed EF’s privacy notice or have they chose the non-complaint route?
| 
24.05.2018, 20:34
|  | Forum Legend | | Join Date: Oct 2006 Location: canton ZH
Posts: 13,131
Groaned at 218 Times in 182 Posts
Thanked 15,264 Times in 7,847 Posts
| | Re: GDPR and EnglishForum | Quote: | |  | | | Have I missed EF’s privacy notice or have they chose the non-complaint route? | | | | | Maybe it's only for newbies.
What do you want to complain about after 8 years? What ever it is, you partly caused it | 
24.05.2018, 22:01
| | Re: GDPR and EnglishForum | Quote: | |  | | | Have I missed EF’s privacy notice or have they chose the non-complaint route? | | | | | Neither, they decided that no changes were necessary, that they already complied, so there's no need for a new privacy notice.
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | Thread Tools | | Display Modes | Linear Mode |
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts HTML code is Off | | | All times are GMT +2. The time now is 12:13. | |