[ rss / options / help ]
post ]
[ b / iq / g / zoo ] [ e / news / lab ] [ v / nom / pol / eco / emo / 101 / shed ]
[ art / A / beat / boo / com / fat / job / lit / map / mph / poof / £$€¥ / spo / uhu / uni / x / y ] [ * | sfw | o ]
logo
technology

Return ]

Posting mode: Reply
Reply ]
Subject   (reply to 26548)
Message
File  []
close
infographic-data-protection[1].jpg
265482654826548
>> No. 26548 Anonymous
19th May 2018
Saturday 1:10 am
26548 spacer
Anyone fucking around with GDPR?

I've just found out that it will change the cookie law to require explicit consent. I've already come across one website that has thrown up a splash page to harvest my consent before it redirects to the page I actually want.

I don't care about cookies, but the problem here is that I have to enable scripts before I can click the button and visit the page I actually want. So if that gets rolled out across all websites it will defeat the point of me browsing without scripts in the first place. Grrrrr.
Expand all images.
>> No. 26549 Anonymous
19th May 2018
Saturday 11:38 am
26549 spacer
>>26548
Supposedly the successor to the "cookie law" which is ePrivacy, not GDPR, actually seeks to reduce "consent overload" and move the soliciting of permission from web site to browser.
>> No. 26550 Anonymous
19th May 2018
Saturday 12:07 pm
26550 spacer
The GDPR gives users an unprecedented level of control over their personal information.

If they're collecting data with the consent of the user, that consent must be explicit, granular and revocable. They can't demand that you sign away all your rights just to access their website or do business with them. They have to offer you the option of sharing only the amount of personal data that is absolutely necessary for a specific transaction. If they use cookies to save the contents of your shopping cart and for ad tracking, they have to offer the option of opting-in to the former while opting-out of the latter. You can also change your mind about giving consent at any point, or revoke consent for any specific piece of information.

https://gdpr-info.eu/chapter-3/
>> No. 26551 Anonymous
19th May 2018
Saturday 12:20 pm
26551 spacer
>>26548
>I've already come across one website that has thrown up a splash page to harvest my consent before it redirects to the page I actually want.
Strictly speaking, if they won't let you in without giving consent, then it's not consent freely given and doesn't count.
>> No. 26553 Anonymous
19th May 2018
Saturday 1:37 pm
26553 spacer
>>26551
The cookie law was only ever used as a weapon by the disgruntled and competitors. The public didn't care and the ICO had no interest in taking any meaningful action. There was only ever a single prosecution across the entire EU (in Spain). Will this really be any different?

Consulting firms sure love to shout from the hills about how much must be done though.
>> No. 26554 Anonymous
19th May 2018
Saturday 1:42 pm
26554 spacer
>>26548
> So if that gets rolled out across all websites it will defeat the point of me browsing without scripts in the first place. Grrrrr.

This is my same bugbear I have with cloudflare. I have to give temporarily script access to a domain that I don't want to in order to bypass their DDOS-protection crapola.

If they dropped me at a cloudflare.com redirection page or whatever so I could give that script rights (over https) then I might sort of be less miffed about about it as I'd only be trusting one domain rather than every domain I want to visit that's protected by CloudFlare.
>> No. 26560 Anonymous
24th May 2018
Thursday 3:17 am
26560 spacer
>>26551
Well if you want an example HuffPost (apparently 'part of the Oath family' of websites) have just done it to me.
>> No. 26561 Anonymous
24th May 2018
Thursday 7:49 am
26561 spacer
>>26560

They're almost certainly in breach of the GDPR and I intend to complain to the ICO as soon as the Data Protection Act 2018 is granted royal assent.

Their interstitial does give you the ability to opt-out of third-party tracking (albeit through a convoluted and confusing process), but they don't offer you the ability to opt-out of data collection entirely. The opt out screen says "To continue using HuffPost and other Oath sites and apps, we need you to let us set cookies to collect your data", which is contrary to the conditions for consent in Article 7 and Recital 32 of GDPR.
>> No. 26562 Anonymous
24th May 2018
Thursday 11:02 am
26562 spacer
One of the websites I use, owned by Pinterest, has just temporarily disabled access to EU users.
>> No. 26563 Anonymous
24th May 2018
Thursday 11:21 am
26563 spacer

Shoot-Self-In-Foot.jpg
265632656326563
>>26562
If in doubt, blame the victims. It's a strategy that works every time. Pesky EU users, it's your fault we can't hoover up your data in dubious fashions and bury it in 500 pages of legalese any more.
>> No. 26564 Anonymous
24th May 2018
Thursday 3:11 pm
26564 spacer
>>26563
You say what they are doing "works every time", and you've illustrated it with an image suggesting they are 'shooting themselves in the foot'.

Well which is it?
>> No. 26565 Anonymous
25th May 2018
Friday 12:36 am
26565 spacer
Very happy we are finally here with it.
>> No. 26566 Anonymous
25th May 2018
Friday 4:46 pm
26566 spacer
I've managed to get a handful of GDPR emails from sites I've never used, so now I can see where people have used my details or which idiots don't know their own email addresses.
>> No. 26567 Anonymous
25th May 2018
Friday 5:44 pm
26567 spacer
>>26566

There's an american bloke who has the same name as me, and it seems his email must have an underscore or a dot in it somewhere but is otherwise identical to mine, so I keep getting emails about the warranty expiring on his Buick and the occasional forward from his family when people type it wrong.
>> No. 26568 Anonymous
25th May 2018
Friday 7:26 pm
26568 spacer
>>26567
I think it is gmail which ignores the dots - have seen the same.
>> No. 26572 Anonymous
28th May 2018
Monday 7:38 pm
26572 spacer

AA.jpg
265722657226572
Fuck you, AA.
>> No. 26573 Anonymous
28th May 2018
Monday 7:39 pm
26573 spacer
>>26572

Fucking hell. There's no way that's legal.
>> No. 26574 Anonymous
28th May 2018
Monday 7:40 pm
26574 spacer

AArses.jpg
265742657426574
>>26573
I should've included the actually tick box text too.
>> No. 26575 Anonymous
28th May 2018
Monday 9:45 pm
26575 spacer
>>26573
Agreed. Clear violation of Article 7.4 and contrary to the Recital 43.2. No bundling means no bundling. They can be asinine and insist on explicit consent for contact that's absolutely necessary for the thing to function, but if >>26574 is the thing they want agreeing to then that's blatantly not necessary and a clear-cut case of bundling. "Our business model won't work without this" and "the site literally breaks if you don't enable this" are two completely different things.
>> No. 26576 Anonymous
28th May 2018
Monday 10:19 pm
26576 spacer
>>26575
How do I report it anyway, I'm guessing the ICO doesn't yet have the infrastructure set up, as their website has a whole list of subjects to complain about but none are relevant.
>> No. 26577 Anonymous
28th May 2018
Monday 11:56 pm
26577 spacer
>>26576
You can start the process online. Report it under "Your personal information concerns".
>> No. 26578 Anonymous
29th May 2018
Tuesday 12:05 am
26578 spacer
>>26574
The text is even worded in such a way that no-one would believe it to be mandatory!
>> No. 26579 Anonymous
29th May 2018
Tuesday 12:14 pm
26579 spacer

hmm.png
265792657926579
"We are currently working out a way to continue misusing your data, please stand by"
>> No. 26580 Anonymous
29th May 2018
Tuesday 1:30 pm
26580 spacer

Screenshot_20180529-132951.png
265802658026580
I'm not sure that's how freely given consent is supposed to work.

Return ]
whiteline

Delete Post []
Password