English Forum Switzerland

English Forum Switzerland (https://www.englishforum.ch/forum.php)
-   Forum support (https://www.englishforum.ch/forum-support/)
-   -   GDPR and EnglishForum (https://www.englishforum.ch/forum-support/282225-gdpr-englishforum.html)

higgsboson 29.04.2018 15:49

GDPR and EnglishForum
 
With the coming of the new GDPR regulation into effect and its impact in Switzerland, do EF users have the right to have their accounts permanently removed?

https://www.pwc.lu/en/general-data-p...-forgotten.pdf

aSwissInTheUS 29.04.2018 15:54

Re: GDPR and EnglishForum
 
1) Switzerland is not a member of the EU.

2) This new regulation is not mentioned in any of the bilateral agreements between EU and Switzerland.

3) ???

4) Profit.

Or

1) Sweden is a member of the EU

2) The Local AB which owns and operates Englishforum.ch is located in Stockholm, Sweden

3) ???

4) Profit.

higgsboson 29.04.2018 15:56

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by aSwissInTheUS (Post 2940124)
1) Switzerland is not a member of the EU.

2) This new regulation is not mentioned in any of the bilateral agreements between EU and Switzerland.

3) ???

4) Profit.

https://www.swissinfo.ch/eng/right-t...--too/38579658

AbFab 29.04.2018 17:47

Re: GDPR and EnglishForum
 
I guess if your name is Harry Higgsboson, then there might be some point...

jbn 29.04.2018 19:06

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by higgsboson (Post 2940122)
With the coming of the new GDPR regulation into effect and its impact in Switzerland, do EF users have the right to have their accounts permanently removed?

https://www.pwc.lu/en/general-data-p...-forgotten.pdf

GDPR does affect Swiss organisations that have users based in the EU, as well as the fact that historically Swiss data protection rules tend to be closely aligned with the EU regulations. Here is just one example of how and why, just do a general web search for many more: https://blog.kpmg.ch/eu-data-protect...s-switzerland/

k_and_e 29.04.2018 19:21

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by aSwissInTheUS (Post 2940124)
1) Switzerland is not a member of the EU.

2) This new regulation is not mentioned in any of the bilateral agreements between EU and Switzerland.

3) ???

4) Profit.

Or

1) Sweden is a member of the EU

2) The Local AB which owns and operates Englishforum.ch is located in Stockholm, Sweden

3) ???

4) Profit.

EF is based in Sweden, therefore EU rules apply. As it doesn't really ask for personal data, you can of course question if GDPR is applicable at all.

jbn 29.04.2018 19:29

Re: GDPR and EnglishForum
 
Your email address is all it takes.

SOBEIT 29.04.2018 19:31

Re: GDPR and EnglishForum
 
The greater impact will probably effect the smaller businesses in CH. Albeit, I do not see regulations coming until the back end of 18, early 19 in CH. Although the 25th May deadline will prompt businesses to act and start the compliance process now to ease the pain longer term.

Urs Max 30.04.2018 08:44

Re: GDPR and EnglishForum
 
Still, GDPR will need to be implemented by Switzerland in some equivalent form. The adjustment appears to be forced by Switzerland's Schengen membership. See EU Directive 2016/680.

Usually a delay in the implementation by a few months or perhaps half a year is no issue but a longer one may have things get tricky. You may remember the uproar perhaps half a year ago when the EU recognised Swiss stock exchange regulations as equivalent but only for one year, as losing that recognition would ben Swiss banks from serving EU residents.

The parliamentary commission on the implementation of GDPR appears to be in no hurry at all though, so we may be up for more action, soon.

Here's some info by the Swiss Commissioner on Data Protection (not availabel in English I'm afraid).

Spinal 30.04.2018 08:53

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by k_and_e (Post 2940157)
EF is based in Sweden, therefore EU rules apply. As it doesn't really ask for personal data, you can of course question if GDPR is applicable at all.


There are tracking cookies, google analytics, google publisher, SkimLinks and some other stuff.

Oh, and it collects birthday and email address from what I remember.... and it can collect more in your profile. Oh, and let's not forget your pseudonym. It uniquely identifies you, so it is personal data.

The question is, from a reason of processing perspective - is it consent? I don't have a contract with EF that I can think of, so legitimate interest may be hard to prove....

That said, post content is technically "public" - so as long as EF can anonymise it (delete your profile and attribute all your posts to "DeletedUser") that's a step forward.

Then again, one could argue that in the unstructured data (i.e. your post content) there may be personal data and content which can uniquely identify you...

AbFab 30.04.2018 09:11

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by Spinal (Post 2940244)
There are tracking cookies, google analytics, google publisher, SkimLinks and some other stuff.

Oh, and it collects birthday and email address from what I remember.... and it can collect more in your profile. Oh, and let's not forget your pseudonym. It uniquely identifies you, so it is personal data.

The question is, from a reason of processing perspective - is it consent? I don't have a contract with EF that I can think of, so legitimate interest may be hard to prove....

That said, post content is technically "public" - so as long as EF can anonymise it (delete your profile and attribute all your posts to "DeletedUser") that's a step forward.

Then again, one could argue that in the unstructured data (i.e. your post content) there may be personal data and content which can uniquely identify you...

Doesn‘t the fact that all the information EF has on was voluntarily submitted by you mean you haveconsented??

Spinal 30.04.2018 10:14

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by AbFab (Post 2940251)
Doesn‘t the fact that all the information EF has on was voluntarily submitted by you mean you haveconsented??

GDPR requires "explicit consent".

I.e. you need to perform an action (beyond providing your information) to consent to EF using your personal information.

Also worth noting that if the legal reason of processing is consent, then you have the right to ask the organisation to stop processing your data (or delete your data)... which is something most bbs don't want as it can quickly destroy threads (you suddenly lose half an argument, and the other half doesn't make sense).

Also worth noting, I can't see a privacy statement on here...

Treverus 30.04.2018 10:27

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by aSwissInTheUS (Post 2940124)
1) Switzerland is not a member of the EU.

Thats not how GDPR works. No, we dont know how the EU is going to enforce its laws beyond its jurisdicition, but since the local is based in the EU should they really not try to find that out.

curley 30.04.2018 10:28

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by Spinal (Post 2940272)
GDPR requires "explicit consent".

I.e. you need to perform an action (beyond providing your information) to consent to EF using your personal information.

Also worth noting that if the legal reason of processing is consent, then you have the right to ask the organisation to stop processing your data (or delete your data)... which is something most bbs don't want as it can quickly destroy threads (you suddenly lose half an argument, and the other half doesn't make sense).

Also worth noting, I can't see a privacy statement on here...

This. On a forum like EF, half the information will be gone, which will make it more confusing than helpful.

Spinal 30.04.2018 10:38

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by curley (Post 2940286)
This. On a forum like EF, half the information will be gone, which will make it more confusing than helpful.

and a PITA - as some people don't "quote" properly...

So while it would be easy to remove your quote above automatically if you decide to ask for all your data to be deleted, the quote below, would be harder to remove automatically:

"half the information will be gone, which will make it more confusing than helpful."

curley 30.04.2018 10:54

Re: GDPR and EnglishForum
 
Quote:

and a PITA - as some people don't "quote" properly...

So while it would be easy to remove your quote above automatically if you decide to ask for all your data to be deleted, the quote below, would be harder to remove automatically:

"half the information will be gone, which will make it more confusing than helpful."
Theoretically the quotes could be left in as I did your's above.
It would at least take an other court-case to settle whether a statement is still personal property when anonymised.

Spinal 30.04.2018 10:57

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by curley (Post 2940303)
Theoretically the quotes could be left in as I did your's above.
It would at least take an other court-case to settle whether a statement is still personal property when anonymised.

How do you ensure it's anonimised? It's a challenge when dealing with unstructured data.

I could type: Curl.ey - real name Bob McTesty was a bad guy...

curley 30.04.2018 11:12

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by Spinal (Post 2940305)
How do you ensure it's anonimised? It's a challenge when dealing with unstructured data.

I could type: Curl.ey - real name Bob McTesty was a bad guy...

I was more thinking in terms of the mods being asked to remove the account and all messages of Spinal.

Your example is difficult if not impossible to fight. But - in my opinion - also not worth it. After all, it's like real life. Some people talk/claim things/what ever and if one would bother correcting it all one would have a very boring life.


Hey, I'm not a testy person at all :rofl:

AbFab 30.04.2018 14:05

Re: GDPR and EnglishForum
 
Last i knew the EF servers were in the USA, which kicks the whole issue in the long grass...

Guest 30.04.2018 14:19

Re: GDPR and EnglishForum
 
Quote:

Originally Posted by AbFab (Post 2940400)
Last i knew the EF servers were in the USA, which kicks the whole issue in the long grass...

No it doesn't.

When services or goods are offered within the EU one has to comply to the GDPR, the location of the company and/or the servers is irrelevant.


All times are GMT +2. The time now is 06:35.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0