Forum

> > Unreal Software > General Data Protection Regulation
Forums overviewUnreal Software overviewLog in to reply

English General Data Protection Regulation

25 replies
Page
To the start Previous 1 2 Next To the start

old General Data Protection Regulation

Gaios
Reviewer Off Offline

Quote
What about GDPR at UnrealSoftware.de now? Those regulations are absolutely required in order to make this community working still.

The new regulations will be enforced from May 25, 2018 throughout the European Union.

More >

old Re: General Data Protection Regulation

Yates
Reviewer Off Offline

Quote
user Gaios has written
• Impossible to completely delete your account
• Impossible to change your nickname whenever you want
• Strong password isn't required in order to use this community
• IP visible for moderators? Not cool

What are you trying to state here? The GDPR doesn't include any of these things.

GDPR doesn't state that social websites have to have the option to delete accounts. People just need to be able to request it (@contact page). And even then the only thing DC would need to do is remove the e-mail, avatar and contact information (which you can do too).

All your posts are still public domain and do not belong to you (see exceptions to the Right to Erase rules public interest archiving purposes).
edited 1×, last 17.05.18 11:51:37 am

old Re: General Data Protection Regulation

Gaios
Reviewer Off Offline

Quote
user Yates has written
GDPR doesn't state that social websites have to have the option to delete accounts.

I didn't say that . I know that.. lol


GDPR has written
When does the right to erasure not apply?
(...)
• for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing

Do forum posts are public interest? I don't really understand lol

old Re: General Data Protection Regulation

Yates
Reviewer Off Offline

Quote
user Gaios has written
I didn't say that . I know that.. lol

Then why make a thread about GDPR and state that it's impossible to completely delete your account? What is the relation?

user Gaios has written
Do forum posts are public interest? I don't really understand lol

Yes. Destroying threads and removing meaning where there once was because someone wanted their forum posts deleted is absurd. It's in the interest of the public to make sure things like that don't happen and that the forum remains complete. Not that the Right to Erasure would ever apply to forum posts, but if it ever occurs you can still argue against the removal with the exception I mentioned.

Public = this community.

You should probably read more into the GDPR before creating a thread about it.

old Re: General Data Protection Regulation

Gaios
Reviewer Off Offline

Quote
user Yates has written
You should probably read more into the GDPR before creating a thread about it.

No need. I'm not Database Administrator here. At least I wanted to say something about and ask some questions.

old Re: General Data Protection Regulation

Nova
User Off Offline

Quote
So you just did write two completely different things in one thread? Of course are people trying to get a connection between the two.

To your questions:
• Not being able to delete your account on will is pretty reasonable. There are enough disadvantages do make up for the advantages. If you really, really want to it, write a message to DC.
• In my opinion the cooldown for changing your name is even too low. You should not be able to change it that often as that only creates confusion. But yeah, looking at your account I can see why you would want a change for that... I don't even ask why you want to change your name from GajosPL to Gayos to Gaiyos to Gaios...
• Enforcing strong passwords isn't easy and mostly just leads to people writing up their passwords. The current system is already pretty restrictive - enforcing at least 1 number / other character is okay, but leads to its own problems.
• IPs are visible for moderators... that's normal for nearly every site. Your IP is public, don't ever believe it to be a secret value. You're a security supporter - shouldn't you know why that is? To be honest, I don't know what a security supporter does, but I would guess you can see IPs of users?

old Re: General Data Protection Regulation

DC
Admin Off Offline

Quote
Well.. I didn't read the GDPR stuff. It's too long and I got better stuff to do. Not sure what I have to change. Luckily it's impossible for the EU to check all websites. Also they surely won't focus on tiny sites like UnrealSoftware.de when they check stuff.

Also luckily I don't store mega sensitive data like payment info or real names.

old Re: General Data Protection Regulation

Yates
Reviewer Off Offline

Quote
Yes. 2% of the worldwide annual revenue of the previous year or 10 million, whichever is higher

Every country so far has admitted not even coming close to being prepared for the GDPR. So I wouldn't worry. All points stated in the original post of this thread have nothing to do with the GDPR anyway. As long as you use sufficient encryption over passwords and use HTTPS you'll be fine.

old Re: General Data Protection Regulation

Nova
User Off Offline

Quote
The EU isn't your enemy - greedy lawyers are. They know that small sites are less willing to read all that shit and thus have a higher chance to not comply with the rules. Let's hope this won't turn into a quite expensive surprise for you.
edited 1×, last 18.05.18 06:46:18 am

old Re: General Data Protection Regulation

JasJack67
Super User Off Offline

Quote
I would think if there is anything that has to be done legally, the EU would first inform the sites of it's violation and then be given some amount of time to fix it.

You all make it sound like they will just come shut you off the internet with no warning or acknowledgement. Surely they have to present their case to the site owner or server host right? Then it can be corrected or taken care of if the owner wishes to do so. . .or accept the consequence.

Maybe I'm wrong, there does seem to be this progressing feeling that some men in high places think they can rule the entire world, making laws and rules to keep us all under their thumbs. . .those bastards!

old Re: General Data Protection Regulation

Gaios
Reviewer Off Offline

Quote
user JasJack67 has written
(...) the EU would first inform the sites of it's violation and then be given some amount of time to fix it.

You all make it sound like they will just come shut you off the internet with no warning or acknowledgement.

Yes, that's it. There's no mercy for breaking laws of privacy policy. Because many of user databases could leak through these vulnerabilities.

old Re: General Data Protection Regulation

ohaz
User Off Offline

Quote
user Gaios has written
There's no mercy for breaking laws of privacy policy. Because many of user databases could leak through these vulnerabilities.
Privacy policies don't avoid leaking databases at all. Privacy laws are rarely targeted against attackers, most of the time they are here to defend the user against the owner of the site.

Having to tell the user that you're using cookies will not stop any database leakage. Having granular opt in won't either. Same goes for disabling trackers.

I think you're mixing two things here user Gaios. You're mixing security and privacy. Those are two different things. Of course, security can help privacy - but not all security features are privacy features and the other way round.

old Re: General Data Protection Regulation

Gaios
Reviewer Off Offline

Quote
user ohaz has written
You're mixing security and privacy. Those are two different things. Of course, security can help privacy - but not all security features are privacy features and the other way round.

That's how GDPR thinks.. privacy ← security.

old Re: General Data Protection Regulation

SQ
Moderator Off Offline

Quote
Well, this thread looks embarrassing. GDPR has nothing to do with this kind of community.
There are no private information that you cannot remove from the profile apart old user names.
Therefore, this is irrelevant because Unreal Software does not store any sensitive personal data.

This whole reform probably started because websites started using this data to manipulate people to vote for certain political parties, perhaps using it not just for political related stuff.
In other words, thank Trump.
I suggest reading more about Cambridge Analytica & recent Facebook Scandal.

user Gaios has written
• Impossible to completely delete your account
• Impossible to change your nickname whenever you want
• Strong password isn't required in order to use this community
• IP visible for moderators? Not cool

LOL, Gay'os didn't even read a sentence about GDPR.

user Gaios has written
Actually they want to focus at small companies lol

Who said that.
edited 2×, last 18.05.18 04:56:49 pm

old Re: General Data Protection Regulation

Yates
Reviewer Off Offline

Quote
user SQ has written
Well, this thread looks embarrassing. GDPR has nothing to do with this kind of community.

GDPR doesn't apply subjectively to certain websites. It applies to all and especially this one.

user SQ has written
There are no private information that you cannot remove from the profile apart old user names.
Therefore, this is irrelevant because Unreal Software does not store any sensitive personal data.

My e-mail and IP address are considered personal data under the GDPR. I cannot remove my e-mail, I can only change it. I certainly cannot remove the IP address logs.

This should be done by request and I believe DC would cooperate if you ask nicely and wait a couple of days :P, but the fact that this data is stored truly does mean that Unreal Software should abide by the GDPR.

user SQ has written
This whole reform probably started because websites started using this data to manipulate people to vote for certain political parties, perhaps using it not just for political related stuff.
In other words, thank Trump.

This has nothing to do with the recent scandals. GDPR has been in the works for yeeaars. It's only recently that people started to take notice because of the scandals. But GDPR is certainly not created solely because of them. In fact the GDPR is the aftermath of the laws that apply to e-mail spam and agreement autofilling which only came into effect two years ago. Consider it a DLC.

old Re: General Data Protection Regulation

Patasuss
User Off Offline

Quote
user Yates has written
As long as you use sufficient encryption over passwords and use HTTPS you'll be fine.


Does the UnrealSoftware do that? I never saw an option to use HTTPS on this forum and the login credentials are simply transmitted in plaintext over a HTTP POST Request.
To the start Previous 1 2 Next To the start
Log in to replyUnreal Software overviewForums overview