GDPR

Out of context: Reply #19

  • Started
  • Last post
  • 25 Responses
  • detritus1

    Think of GDPR as more of 'guideline legislation' than a hard and absolute law. If you're a cunt with clout and you fuck-over EU citizens, then you'll have the book thrown at you.

    If you're a nonEnt running a small concern out of Wichita and couldn't give a hoot about users in the EU, the EU won't give a hoot about you.

    There's a philosophical difference between 'laws' in on either side of the Atlantic.

    detritus 1Permalink
    UpvoteDownvote
    Flag
    • I dunno, I'd say that just creates massive confusion especially when it comes to something this technical.yuekit
    • Not really - all it asks is that you disclose what you do with other people's data, don't be a dick with it or use it illicitly.detritus
    • It's hard/impossible to 'Write-Once' laws that foresee and cater to every eventulity, otherwise you just have lawyered-up corps find loopholes and then you'redetritus
    • ...back to square one again. Much 'better' - if less bluntly clear and absolutely-prescribe... - to create an explorable framework.detritus
    • That was what I thought too at first. But it seems like a lot of people are interpreting it as you need to opt users into every cookie.yuekit
    • i.e., you can't even use Google Analytics without getting the user's permission first.yuekit
    • I'm all for protecting privacy, but including IP address and cookies (as with the previous EU cookie law) in that is silly.yuekit
    • Yeah, because a lot of the people interpeting it incorrectly are in America and trying to cover what they presume is a litigious hellscape.detritus
    • On my 'GDPR' note I actually mention that, as an aside, I've taken off Google tracking from my site - not because, just besides.detritus
    • Right and it's probably no big deal for you or me -- but there are a lot of medium sized businesses that rely on those sorts of analytics.yuekit
    • The crucial point is that a user to 'my' site would otherwise share their identifiable user imprint with a 3rd party such as Google - that *should* be stated.detritus
    • having that as an optionable check in or otherwise is entirely up to the site owner - a simple statement that it is happening should suffice.detritus
    • I take this as a global opportunity to scrutinize the debacle that has become user tracking on the internet. If things are tricky for a while, so be it.detritus
    • I'm fed up with the Googleplex sticking its nose into every possible detail - ye olde webserver stats are fine enough for most needs. No NEED for 3rd partiesdetritus
    • (Unfortunately) I spent a few hours earlier this week reading up on the law... and a common interpretation seems to be that this is NOT up to the site owner.yuekit
    • You are now obligated to get user consent for every cookie if the person is coming from the EU. And you can see big sites such as CNN now doing this.yuekit
    • Funny thing is, simply by geotargeting EU users you are gathering their IP. So arguably by attempting to comply with the law you are already breaking it.yuekit
    • Again, I'm not sure how hard and fast things are - as a counter, I've seen lots of big organisations simply state what they do, and if you don't like it, leavedetritus
    • That was how the old EU cookie law worked. The whole idea of GDPR is that you need to get consent from the user for everything.yuekit
    Show [[ numHiddenNotes ]] more notesAdd Note
    SaveCancel

View thread