Forums

Sega Master System / Mark III / Game Gear
SG-1000 / SC-3000 / SF-7000 / OMV
Home - Forums - Games - Scans - Maps - Cheats - Credits
Music - Videos - Development - Hacks - Translations - Homebrew

View topic - General Data Protection Regulation - The Thread

Reply to topic
Author Message
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
General Data Protection Regulation - The Thread
Post Posted: Sun May 13, 2018 11:43 am
Hi guys,

today I´m opening a thread about a serious topic: The General Data Protection Regulation, which becomes active as of my 25th, 2018. It´s already known for two years, but with the beginning of may 25th, every webmaster and forum owners are forced to prepare their sites for this. If not, extremely high fees will be need to pay if an ´attorney´ takes notes of it.. from 350$ to, uh, 20 millions. A personal insolvency could be the result, many boards on the web are closing their doors right now, but it´s possible to prepare a website/a board.

But what does that Regulation mean? It´s a law standardised within the EU to protect the personal data of all people. Laws and rules of single countries won´t be active anymore regarding this (with some exceptions[?]). It´s a very complicated topic and I am already working on my site to prevent any issues.

So let´s work together on this! I didn´t understood everything about it yet, so it´s helpful if we talk about it.

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
https://ec.europa.eu/info/law/law-topic/data-protection_en

To be honest, I think it makes no sense at all because if you register yourself on a website or forum, you agree that your personal data can be used. I think it´s way to make money, like it was with illegal downloads some years ago. I guess it will be forgotten in a few years.

What´s important? I guess it´s necessary to have an imprint. It has to be cleared what your website is made for and the reason why you´re using their data (name, birthdate, your hometown/country ect.). If you use a counter, you should write down what kind of data the counter collects (browser, IP adress, which pages the visitor is looking at, their country ect.). If your website uses cookies, it has to be clear what the cookies are doing and if they are only session cookies or not. It has to be clear that the webmaster doesn´t give personal data to foreign people, but if a specific user wants the informations about his own data you kept, you have to give it to him/her.
The good thing is that this is a video games website, so there aren´t really personal informations to find on the main site. For the forum, it´s needed to hide the people´s profiles I guess. Birthdates, hometowns and countries need to be hide as well (again, I think it´s bullshit). The membermap is a problem too =/ Also good is that not much photos of people are used here. If yes, maybe it´s better to put a copyright sign on them or better, having their permission that they can be used by you.

This is all I can do right now. I know it´s much text, but compared to the rest of the internet, SMS Power is one of the last sites which are important to me. If anybody has questions or helpful ideas, don´t hesitate to write everything down what´s in your mind.

Cheers,
Gordman
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 19 Oct 1999
  • Posts: 14686
  • Location: London
Reply with quote
Post Posted: Sun May 13, 2018 12:10 pm
I'm aware of GDPR but I have chosen to ignore it as somethig where I can reactively do something (edit posts) if necessary. All data shared here is with knowledge that it will be shown as it is, and I don't think we have to do the German impressum stuff. We don't share anything except where we use Google analytics, which I may just remove.
  View user's profile Send private message Visit poster's website
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
Post Posted: Sun May 13, 2018 12:15 pm
Hmm, you still should think about removing the membermap and hiding the locations and birthdates of members. Just to be on the save side. The imprint stuff is needed in Germany, that´s right. I don´t know how that is handled in France or Great Britain, but I thought it´s better to mention it.
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 08 Jul 2001
  • Posts: 8644
  • Location: Paris, France
Reply with quote
Post Posted: Sun May 13, 2018 4:55 pm
All those information are input by the user with the intent of sharing it. Users can remove the info from their profile if they don't want it in.
  View user's profile Send private message Visit poster's website
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
Post Posted: Sun May 13, 2018 8:57 pm
That´s absolutely true. But tell it to ´them´ ;) If you don´t take this serious it´s up to you. I just hope nothings gonna happen to your site because of those pricks.
  View user's profile Send private message Visit poster's website
  • Joined: 05 Sep 2013
  • Posts: 3759
  • Location: Stockholm, Sweden
Reply with quote
Post Posted: Mon May 14, 2018 8:20 am
from what I understood, it all concerns personal data that the user *don't* want to share (otherwise sites like FB wouldn't exist at all ;) )

In any case, you should never ever share with anyone the data that isn't meant to be shared, like e-mail addresses, passwords - or you might have troubles.
  View user's profile Send private message Visit poster's website
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
Post Posted: Wed May 16, 2018 7:30 pm
From what I´ve understood, just to be clear: What the EU wants overweights what the users want and what website owners think. Website owners MUST hide the data. After may 25th, a hunt on websites and boards is going to start.

I feel like an idiot now, trying to warn you but people laugh at me. At least it feels like that. Bocky, please take it serious and please take your time to read yourself through it. Of course they are hunting big sites like Facebook first before going to smaller sites, but don´t feel safe.It doesn´t matter where your server is; if your service is used by people inside the EU, the GDPR is active. Let´s hope it doesn´t have a long life chance, but I guess it has and they will change it a few times. It´s similar to that damn ACTA stuff (which happily never became reality).
  View user's profile Send private message Visit poster's website
  • Joined: 16 Jun 2018
  • Posts: 1
  • Location: Derby
Reply with quote
Post Posted: Sat Jun 16, 2018 9:05 am
"After may 25th, a hunt on websites and boards is going to start. " I think your well overplaying this. They really don't care unless you are reported for a genuine misuse of the data you hold. A few days ago Carphone Warehosue had to admit they mislaid 5milion+ personal records. These are the things that GDPR is about not an individuals email addreses on a forum that they have willingly made public
  View user's profile Send private message Visit poster's website
  • Joined: 02 Jan 2005
  • Posts: 667
Reply with quote
Post Posted: Sun Jun 17, 2018 3:50 pm
They're probably more concerned with what companies are doing with data. Still, I made some changes on my site. From what I was reading, even YouTube embeds are a violation because they're collecting data even if you don't click on a video.
  View user's profile Send private message Visit poster's website
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
Post Posted: Sun Jun 17, 2018 9:14 pm
The thing is, it´s a regulation. A regulation stands above everything, even above single laws and everyone has to conform to this regulation. Sure they are going for the big companies first, but who knows if they are going for the smaller sites then? I think it´s an irresponsible behaviour by Maxim and Bock to underestimate this regulation and reckless towards the community. To risk the own existence isn´t a casual issue as well.

In the end, there isn´t that much to do but they don´t care. At least they should make sure that browsers are showing SMS Power as ´save´ (green lock symbol at the search bar at the top of the browser).
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 19 Oct 1999
  • Posts: 14686
  • Location: London
Reply with quote
Post Posted: Sun Jun 17, 2018 9:23 pm
HTTPS is not really relevant, GDPR does not require it. We are presumably required to do certain things if demanded - and it would be a shame if people started submitting GDPR requests for trolling purposes, as we are just regular people running a community website. But we aren't required to do anything immediately, despite considerable FUD being spread around recently.
  View user's profile Send private message Visit poster's website
  • Joined: 30 Jun 2016
  • Posts: 194
  • Location: Melbourne, Australia
Reply with quote
Post Posted: Mon Jun 18, 2018 2:32 am
My concern with HTTPS is more web browsers plannning to mark non-HTTPS sites as insecure.

I could see browser vendors getting more aggressive with the warning into future, to boot.
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 19 Oct 1999
  • Posts: 14686
  • Location: London
Reply with quote
Post Posted: Mon Jun 18, 2018 6:36 am
http://www.smspower.org/forums/16740-HTTPS
  View user's profile Send private message Visit poster's website
  • Joined: 21 Aug 2012
  • Posts: 363
  • Location: Berlin, Germany
Reply with quote
Post Posted: Mon Jun 18, 2018 1:50 pm
Maxim wrote
HTTPS is not really relevant, GDPR does not require it.

I´m getting the impression that you´re trying to avoid any work. ´This is not necessary´, this is not needed´.. I have no words left for you man. It´s a shame, because you were a good dude many years ago.

I had to work on my site as well, and I think that HTTPS thing makes a site look more serious if it the green ´safe´ mark appears. It took me some damn hours to edit all pictures & links, but it´s fine now. It is indeed needed, ´cause if the site is ´insecure´, people are getting a hint that their data could be stolen ect.
Sure it´s just some pictures & links that makes the site look insecure, but a user doesn´t know that. That´s the moment where GDPR becomes effective.

Sure it´s all bullshit, ´cause no one really looks at it, but as Flygon mentioned the problems coming with it, it´s better to adjust the site and that´s it. In the end it´s up to you.
  View user's profile Send private message Visit poster's website
  • Joined: 05 Sep 2013
  • Posts: 3759
  • Location: Stockholm, Sweden
Reply with quote
Post Posted: Mon Jun 18, 2018 1:59 pm
Gordman wrote
Maxim wrote
HTTPS is not really relevant, GDPR does not require it.

I´m getting the impression that you´re trying to avoid any work.


You don't get the point - he's saying that HTTPS and GDPR have nothing to do, and that's true. HTTPS might come for this forum one day, but the forum will keep on working even if that doesn't happen. And FWIW GDPR doesn't require HTTPS anyway.
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 08 Jul 2001
  • Posts: 8644
  • Location: Paris, France
Reply with quote
Post Posted: Wed Jun 20, 2018 7:59 am
Quote
I´m getting the impression that you´re trying to avoid any work [...]you were a good dude many years ago

Gordman we have a hundreds other things to do to keep this site afloat. PHP 5.2 is being deprecated, we have to transition forums and pmwiki integration, we have large performances issues with how we use the wiki, the site uses 120000 files, our youtube channel is down, we have busy jobs and families and are already overwhelmed so we have to gauge priorities. We appreciate the thought but as well as being mildly rude "you were a good dude many years ago" and mixing up things such as HTTPS and GDPR you may want to recalibrate the legal overlap with the real world (this site has been openly dumping and releasing roms for twenty years). Maxim already identified transitioning to HTTPS as something we could work on. The reality is we could use serious web dev/support help to move the site forward but people who have time to spare are so very rarely caring and patient and meticulous and skilled enough, and it until we find that magical benevolent skilled helper it falls on us two to do the work (and very mostly Maxim frankly, he probably handled 80% of the web/tech stuff there).
  View user's profile Send private message Visit poster's website
  • Site Admin
  • Joined: 19 Oct 1999
  • Posts: 14686
  • Location: London
Reply with quote
Post Posted: Wed Jun 20, 2018 8:07 am
And that's worrying for me - I'm a professional software developer (in real languages), not a web person. If I was, we'd be on our 10th JavaScript framework by now...
  View user's profile Send private message Visit poster's website
  • Joined: 05 Sep 2013
  • Posts: 3759
  • Location: Stockholm, Sweden
Reply with quote
Post Posted: Wed Jun 20, 2018 3:07 pm
we're lucky you aren't, then :D
  View user's profile Send private message Visit poster's website
  • Joined: 09 Jul 2018
  • Posts: 1
Reply with quote
Post Posted: Mon Jul 09, 2018 6:15 pm
As we're 6 weeks from GDPR coming in to place has anyone seen or heard anything at all about it? I certainly haven't
  View user's profile Send private message
Reply to topic



Back to the top of this page

Back to SMS Power!