English General Data Protection Regulation

25 replies
Goto Page
To the start Previous 1 2 Next To the start
Up
Gaios
Security Supporter
Offline Off
What about GDPR at UnrealSoftware.de now? Those regulations are absolutely required in order to make this community working still.

The new regulations will be enforced from May 25, 2018 throughout the European Union.

More >
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
17.05.18 11:38:38 am
Up
Yates
Reviewer
Offline Off
user Gaios has written:
• Impossible to completely delete your account
• Impossible to change your nickname whenever you want
• Strong password isn't required in order to use this community
• IP visible for moderators? Not cool

What are you trying to state here? The GDPR doesn't include any of these things.

GDPR doesn't state that social websites have to have the option to delete accounts. People just need to be able to request it (@contact page). And even then the only thing DC would need to do is remove the e-mail, avatar and contact information (which you can do too).

All your posts are still public domain and do not belong to you (see exceptions to the Right to Erase rules public interest archiving purposes).
edited 1×, last 17.05.18 11:51:37 am
17.05.18 01:08:19 pm
Up
Gaios
Security Supporter
Offline Off
user Yates has written:
GDPR doesn't state that social websites have to have the option to delete accounts.

I didn't say that . I know that.. lol


GDPR has written:
When does the right to erasure not apply?
(...)
• for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing

Do forum posts are public interest? I don't really understand lol
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
17.05.18 01:27:57 pm
Up
Yates
Reviewer
Offline Off
user Gaios has written:
I didn't say that . I know that.. lol

Then why make a thread about GDPR and state that it's impossible to completely delete your account? What is the relation?

user Gaios has written:
Do forum posts are public interest? I don't really understand lol

Yes. Destroying threads and removing meaning where there once was because someone wanted their forum posts deleted is absurd. It's in the interest of the public to make sure things like that don't happen and that the forum remains complete. Not that the Right to Erasure would ever apply to forum posts, but if it ever occurs you can still argue against the removal with the exception I mentioned.

Public = this community.

You should probably read more into the GDPR before creating a thread about it.
17.05.18 02:12:45 pm
Up
Gaios
Security Supporter
Offline Off
user Yates has written:
You should probably read more into the GDPR before creating a thread about it.

No need. I'm not Database Administrator here. At least I wanted to say something about and ask some questions.
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
17.05.18 02:44:53 pm
Up
Nova
User
Offline Off
So you just did write two completely different things in one thread? Of course are people trying to get a connection between the two.

To your questions:
• Not being able to delete your account on will is pretty reasonable. There are enough disadvantages do make up for the advantages. If you really, really want to it, write a message to DC.
• In my opinion the cooldown for changing your name is even too low. You should not be able to change it that often as that only creates confusion. But yeah, looking at your account I can see why you would want a change for that... I don't even ask why you want to change your name from GajosPL to Gayos to Gaiyos to Gaios...
• Enforcing strong passwords isn't easy and mostly just leads to people writing up their passwords. The current system is already pretty restrictive - enforcing at least 1 number / other character is okay, but leads to its own problems.
• IPs are visible for moderators... that's normal for nearly every site. Your IP is public, don't ever believe it to be a secret value. You're a security supporter - shouldn't you know why that is? To be honest, I don't know what a security supporter does, but I would guess you can see IPs of users?
Hexenverbrennung, Inquisition, Kreuzzüge... Wir wissen, wie man feiert! - Ihre Kirche
17.05.18 03:02:26 pm
Up
Yates
Reviewer
Offline Off
@user Nova: IP addresses actually count as personal information and should be treated as such under the GDPR.

Luckily, Gajos cannot do anything. It's just a title.
17.05.18 07:50:39 pm
Up
DC
Admin
Offline Off
Well.. I didn't read the GDPR stuff. It's too long and I got better stuff to do. Not sure what I have to change. Luckily it's impossible for the EU to check all websites. Also they surely won't focus on tiny sites like UnrealSoftware.de when they check stuff.

Also luckily I don't store mega sensitive data like payment info or real names.
www.UnrealSoftware.de | www.CS2D.com | www.CarnageContest.com | Use the forum & avoid PMs!
17.05.18 08:16:08 pm
Up
Gaios
Security Supporter
Offline Off
@user DC: Actually they want to focus at small companies lol
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
17.05.18 08:33:51 pm
Up
DC
Admin
Offline Off
But probably on the ones that make money. So whatever
www.UnrealSoftware.de | www.CS2D.com | www.CarnageContest.com | Use the forum & avoid PMs!
17.05.18 08:40:49 pm
Up
Yates
Reviewer
Offline Off
Yes. 2% of the worldwide annual revenue of the previous year or 10 million, whichever is higher

Every country so far has admitted not even coming close to being prepared for the GDPR. So I wouldn't worry. All points stated in the original post of this thread have nothing to do with the GDPR anyway. As long as you use sufficient encryption over passwords and use HTTPS you'll be fine.
17.05.18 09:23:34 pm
Up
Nova
User
Offline Off
The EU isn't your enemy - greedy lawyers are. They know that small sites are less willing to read all that shit and thus have a higher chance to not comply with the rules. Let's hope this won't turn into a quite expensive surprise for you.
edited 1×, last 18.05.18 06:46:18 am
Hexenverbrennung, Inquisition, Kreuzzüge... Wir wissen, wie man feiert! - Ihre Kirche
18.05.18 07:28:18 am
Up
JasJack67
Super User
Offline Off
I would think if there is anything that has to be done legally, the EU would first inform the sites of it's violation and then be given some amount of time to fix it.

You all make it sound like they will just come shut you off the internet with no warning or acknowledgement. Surely they have to present their case to the site owner or server host right? Then it can be corrected or taken care of if the owner wishes to do so. . .or accept the consequence.

Maybe I'm wrong, there does seem to be this progressing feeling that some men in high places think they can rule the entire world, making laws and rules to keep us all under their thumbs. . .those bastards!
The Survivalist_02-16-18 is now available. DOWNLOAD HERE >The Survivalist 02-16-18 | Performance-In options keep Water Detail off
18.05.18 08:23:20 am
Up
Gaios
Security Supporter
Offline Off
user JasJack67 has written:
(...) the EU would first inform the sites of it's violation and then be given some amount of time to fix it.

You all make it sound like they will just come shut you off the internet with no warning or acknowledgement.

Yes, that's it. There's no mercy for breaking laws of privacy policy. Because many of user databases could leak through these vulnerabilities.
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
18.05.18 02:58:35 pm
Up
ohaz
User
Offline Off
user Gaios has written:
There's no mercy for breaking laws of privacy policy. Because many of user databases could leak through these vulnerabilities.
Privacy policies don't avoid leaking databases at all. Privacy laws are rarely targeted against attackers, most of the time they are here to defend the user against the owner of the site.

Having to tell the user that you're using cookies will not stop any database leakage. Having granular opt in won't either. Same goes for disabling trackers.

I think you're mixing two things here user Gaios. You're mixing security and privacy. Those are two different things. Of course, security can help privacy - but not all security features are privacy features and the other way round.
https://ohaz.engineer - Software Engineering
18.05.18 04:25:58 pm
Up
Gaios
Security Supporter
Offline Off
user ohaz has written:
You're mixing security and privacy. Those are two different things. Of course, security can help privacy - but not all security features are privacy features and the other way round.

That's how GDPR thinks.. privacy ← security.
IMG:https://i.imgur.com/itOslkM.gif
This community is a meme.
18.05.18 04:45:32 pm
Up
SQ
Moderator
Offline Off
Well, this thread looks embarrassing. GDPR has nothing to do with this kind of community.
There are no private information that you cannot remove from the profile apart old user names.
Therefore, this is irrelevant because Unreal Software does not store any sensitive personal data.

This whole reform probably started because websites started using this data to manipulate people to vote for certain political parties, perhaps using it not just for political related stuff.
In other words, thank Trump.
I suggest reading more about Cambridge Analytica & recent Facebook Scandal.

user Gaios has written:
• Impossible to completely delete your account
• Impossible to change your nickname whenever you want
• Strong password isn't required in order to use this community
• IP visible for moderators? Not cool

LOL, Gay'os didn't even read a sentence about GDPR.

user Gaios has written:
Actually they want to focus at small companies lol

Who said that.
edited 2×, last 18.05.18 04:56:49 pm
18.05.18 05:31:19 pm
Up
Yates
Reviewer
Offline Off
user SQ has written:
Well, this thread looks embarrassing. GDPR has nothing to do with this kind of community.

GDPR doesn't apply subjectively to certain websites. It applies to all and especially this one.

user SQ has written:
There are no private information that you cannot remove from the profile apart old user names.
Therefore, this is irrelevant because Unreal Software does not store any sensitive personal data.

My e-mail and IP address are considered personal data under the GDPR. I cannot remove my e-mail, I can only change it. I certainly cannot remove the IP address logs.

This should be done by request and I believe DC would cooperate if you ask nicely and wait a couple of days :P, but the fact that this data is stored truly does mean that Unreal Software should abide by the GDPR.

user SQ has written:
This whole reform probably started because websites started using this data to manipulate people to vote for certain political parties, perhaps using it not just for political related stuff.
In other words, thank Trump.

This has nothing to do with the recent scandals. GDPR has been in the works for yeeaars. It's only recently that people started to take notice because of the scandals. But GDPR is certainly not created solely because of them. In fact the GDPR is the aftermath of the laws that apply to e-mail spam and agreement autofilling which only came into effect two years ago. Consider it a DLC.
19.05.18 11:25:41 am
Up
Patasuss
User
Offline Off
user Yates has written:
As long as you use sufficient encryption over passwords and use HTTPS you'll be fine.


Does the UnrealSoftware do that? I never saw an option to use HTTPS on this forum and the login credentials are simply transmitted in plaintext over a HTTP POST Request.
Portal
19.05.18 01:19:33 pm
Up
Yates
Reviewer
Offline Off
No. Currently Unreal Software does not use HTTPS. DC said he was going to work on it.
To the start Previous 1 2 Next To the start