Advertisement:

Author Topic: About the GDPR  (Read 40405 times)

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,868
    • StoryBB/StoryBB on GitHub
Re: About the GDPR
« Reply #40 on: May 13, 2019, 07:28:04 AM »
Surely there’s an issue if my PP says “data goes to reCAPTCHA” if I’m not using reCAPTCHA?
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Online m4z

  • Localization Team Apprentice
  • Jr. Member
  • **
  • Posts: 363
Re: About the GDPR
« Reply #41 on: May 13, 2019, 07:46:52 AM »
Surely there’s an issue if my PP says “data goes to reCAPTCHA” if I’m not using reCAPTCHA?

Full ACK. That's why I'm proposing to have these sections statically prefaced by "If this site is configured to use this (/the 'foo') option[…]".
"Faith is what you have in things that don't exist."
--Homer Simpson

Offline Arantor

  • Resident Overthinker
  • SMF Friend
  • SMF Legend
  • *
  • Posts: 71,868
    • StoryBB/StoryBB on GitHub
Re: About the GDPR
« Reply #42 on: May 13, 2019, 08:13:54 AM »
How would the person reading the PP know that? Assume they’re reading the T&Cs before going to registration, they’re going be presented with “if the site is using reCAPTCHA” which they realistically cannot know at that point.

And since mods cannot be done with this, why not just avoid the whole problem by making it the site owner’s responsibility in the first place, maybe by offering this information in the config screen.
Don’t try to tell me that some power can corrupt a person. You haven’t had enough to know what it’s like.

No good deed goes unpunished / No act of charity goes unresented.

Online m4z

  • Localization Team Apprentice
  • Jr. Member
  • **
  • Posts: 363
Re: About the GDPR
« Reply #43 on: May 13, 2019, 09:03:47 AM »
How would the person reading the PP know that? Assume they’re reading the T&Cs before going to registration, they’re going be presented with “if the site is using reCAPTCHA” which they realistically cannot know at that point.

Does the user have to know? Sure, if "optional service x" is the straw to break the camel's back, and the user reads it might be active, then that might keep a user from registering in the forum. But I'd err to the benefit of the site owner and document everything (in the case of a static document).


And since mods cannot be done with this, why not just avoid the whole problem by making it the site owner’s responsibility in the first place, maybe by offering this information in the config screen.

That would be a possibility, too, indeed. I haven't thought of that (but I still prefer the static catch-all document, I think). I, possibly mistakenly (is this even valid english? ???), interpreted your previous replies kind-of as "this is not SMFs problem, the site owner is on his/her/* own to solve this".
"Faith is what you have in things that don't exist."
--Homer Simpson

Offline Aleksi "Lex" Kilpinen

  • A Peculiar Finn
  • Lead Support Specialist
  • SMF Super Hero
  • *
  • Posts: 18,699
  • Gender: Male
  • Don't worry, I'm n00b friendly
    • Aleksi.Kilpinen on Facebook
    • LexArma on GitHub
    • aleksi-kilpinen on LinkedIn
    • There's No Place Like 127.0.0.1
Re: About the GDPR
« Reply #44 on: May 13, 2019, 09:46:09 AM »
Any if statement will not work, as then you are still not telling the user what you are required to tell them, you are just saying this may happen - but not telling them if it will.
A Finnish Support Specialist
 Happily running multiple SMF 2.0 installations.
  Fooling around with an i7 990X @ 3,47Ghz / 12Gb / Win 10 x64 / 3840x2160


How you can help SMF

"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum.
 Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

Online m4z

  • Localization Team Apprentice
  • Jr. Member
  • **
  • Posts: 363
Re: About the GDPR
« Reply #45 on: May 20, 2019, 02:59:41 PM »
Any if statement will not work, as then you are still not telling the user what you are required to tell them, you are just saying this may happen - but not telling them if it will.

Yes, again, IANAL, but I'd naively assume it's very much less of a legal problem to say, f.e.:
Quote
If you're accessing a thread that contains a [youtube] BBC tag, your PII will be sent to YouTube, Google, and Doubleclick, and here's their Privacy Policies.

(and then be wrong about 99% of threads), than to not mention this fact to the users, which seems like an obvious disregard of the GDPR. (And, just to remind you, the GDPR doesn't apply to EU organizations and private site owners only, but to everybody worldwide that is handling PII of EU/EEA citizens.)

(I'll take the safe route for now and disable the [img] BBC in the forum I'm setting up, because it can include basically any URL (and the focus is on text anyway)...)
"Faith is what you have in things that don't exist."
--Homer Simpson

Offline peterbehlendorf

  • Newbie
  • *
  • Posts: 9
Re: About the GDPR
« Reply #46 on: October 01, 2019, 03:12:59 PM »
It would also be nice to have a cookie banner with the position customisable (as much as I dislike them) just to be on the safe side pointing towards the privacy policy.

Offline shadav

  • Jr. Member
  • **
  • Posts: 208
  • Gender: Female
Re: About the GDPR
« Reply #47 on: October 01, 2019, 05:07:06 PM »
It would also be nice to have a cookie banner with the position customisable (as much as I dislike them) just to be on the safe side pointing towards the privacy policy.
you mean like this: https://custom.simplemachines.org/mods/index.php?mod=3693

Offline peterbehlendorf

  • Newbie
  • *
  • Posts: 9
Re: About the GDPR
« Reply #48 on: October 01, 2019, 07:29:20 PM »
It would also be nice to have a cookie banner with the position customisable (as much as I dislike them) just to be on the safe side pointing towards the privacy policy.
you mean like this: https://custom.simplemachines.org/mods/index.php?mod=3693

Yes exactly like that! Thank you. I'm a bit new to using SMF.

I read through the posts here on this thread and didn't see anything about it.

Online m4z

  • Localization Team Apprentice
  • Jr. Member
  • **
  • Posts: 363
Re: About the GDPR
« Reply #49 on: October 02, 2019, 01:23:37 AM »
It would also be nice to have a cookie banner with the position customisable (as much as I dislike them) just to be on the safe side pointing towards the privacy policy.
you mean like this: https://custom.simplemachines.org/mods/index.php?mod=3693

According to the mod site, it's not compatible with 2.0.15 or 2.1rc2...
"Faith is what you have in things that don't exist."
--Homer Simpson

Offline Antechinus

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 24,803
  • Master of BBC Abuse
Re: About the GDPR
« Reply #50 on: October 02, 2019, 01:47:00 AM »
Compatible with 2.0.10, so should work with emulation on 2.0.15. I was actually going to test it myself later, but I want to set up a fresh local site first.