GDPR ready forums

Abhi

How many forum software are GDPR ready ? Do you think the admins are aware of it ?

Non-complaince to GDPR and European Union traffic can be a lot of headache. Considering all software are regularly updating and GDPR law itself is more than one year old, is there any excuse for being non-compliant ?

phenomlab

Abhi mine is 😁

Abhi

Congrats 😀

I have a doubt. Why should people outside EU comply to EU laws ?

phenomlab

Abhi they don't, but unless you are using GEO location techniques you can't know the exact origin of your visiting user so the policy is enforced regardless. And hence the dual edged sword - you cannot track an EU user by their IP as this is forbidden under GDPR - regardless of where your website is located

Abhi

phenomlab you cannot track an EU user by their IP as this is forbidden under GDPR - regardless of where your website is located

What if your are in US and defy it ? Logging IP has been standard practice since ages.

phenomlab

Abhi Then that it is scope for GDPR. If you record the IP address of a visiting user from the EU, that is classed as PII (Personally Identifiable Information).

Abhi

What if a webmaster does not comply ?

phenomlab

Abhi then the consequences can be severe. For example, non compliance for GDPR where it can be proven - for example, your site is hacked and you have a data breach involving EU citizens - would attract fine of €20m or for times the annual turnover of any parent company - whichever is greater.

Similarly, non compliance can also be in the form of no privacy policy, no mechanism to opt out of emails, no methods to request or change data, etc.

Abhi

I see. But isn't people in US outside the jurisdiction of EU laws ? How can law or a court in the EU punish someone living in the US ?

phenomlab

Abhi If you hold data pertaining to an EU individual, you are bound by the law. GDPR covers the individual, not the country.

Abhi

I don't see any software allows me to see what they have stored of me. Neither an option to delete data related to me. I am not sure about IPB, but almost all others have no such option.

admin

What if Germany has a law. If you forgot your jacket in a stadium, the operators should find you and give it back. The same person goes to US, forgot his jacket in a stadium in the US, now the US citizens are in possession of EU jacket. Are they bound to find and return that particular jacket which they have in possession ?

I am not try to mock anyone here. I simply fail to understand other being compliant about an EU law.

phenomlab

admin that jacket isn't data and unless there's a name tag in it with a social security number, date of birth, email address etc, then it can't be attributed to an individual - EU citizen or not 😁

GDPR isn't a joke sadly.

admin

My point was, a law in a distant country has no jurisdiction in the US or other countries. For eg. certain substances are legal in one country while illegal in others. Will the UK abide by a law in France ? As long as there is no specific treaty about it. EU cannot control the web and what is happening in there.

phenomlab

admin that really isn't so
https://termly.io/resources/articles/gdpr-in-the-us/

I think you should research this subject before commenting further.

admin

phenomlab I was not confronting you.

I thought since we have an expert here, it is better to ask directly 🙂

Abhi

I like GDPR. It is a good thing and I am sad that there is no such thing in other countries.

But I haven't seen any reports of GDPR take downs yet. Not outside EU, if there are any.

phenomlab

Abhi It is a good thing and I am sad that there is no such thing in other country

The whole of Europe is in scope for GDPR. CCPA covers California for example. If you check, virtually every country has it's own privacy law in one form or another