Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#286 2018-05-19 16:38:20
Re: Txp cookies, visitor logging, and GDPR stuff in general
michaelkpate wrote #311894:
This article admits that no one knows anything.
I actually looked into geolocation technology a few weeks ago in order to see if I could come up with a way to block anyone from an EU country as a proof of concept.
Hi Michael, please do not block us, but there is an htaccess way here.
<ifModule mod_geoip.c>
# Block visitors from EU member states
GeoIPEnable On
SetEnvIf GEOIP_COUNTRY_CODE AT DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE BE DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE BG DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE HR DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE CY DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE CZ DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE DK DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE EE DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE EG DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE EE DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE FI DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE FR DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE DE DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE GR DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE HU DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE IE DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE IT DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE LV DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE LT DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE LU DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE MT DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE NL DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE PL DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE PT DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE RO DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE SI DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE ES DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE SE DenyCountry
Allow from all
Deny from env=DenyCountry
</ifModule>> Edit:)
Last edited by colak (2018-05-19 16:53:28)
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#287 2018-05-19 17:02:19
Re: Txp cookies, visitor logging, and GDPR stuff in general
michaelkpate wrote #311894:
This article admits that no one knows anything.
On visiting the article my FF plugins blocked a number of tracking attempts from the particular page.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#288 2018-05-19 17:49:54
Re: Txp cookies, visitor logging, and GDPR stuff in general
colak wrote #311896:
On visiting the article my FF plugins blocked a number of tracking attempts from the particular page.
It’s Advertising Age. Not too surprising they would have 7 forms of Analytics (Crazy Egg, Google Analytics, Quantcast, comScore, Chartbeat, new Relic, siteCatalyst) and 3 advertising networks (Doubleclick Campaign Manager, Doubleclick for Publishers, and Google AdSense).
Courtesy of https://www.wappalyzer.com/.
And I wasn’t actually going to block anyone. Especially after I watched this YouTube Video and the host said he still hasn’t bothered to put the cookie warning up on a lot of his sites.
Offline
#289 2018-05-19 17:56:56
Re: Txp cookies, visitor logging, and GDPR stuff in general
This is the first I’ve seen of this: hellobar.com has a Terms of Use, a Privacy Policy, and a GDPR Notice.
Offline
#290 2018-05-19 19:33:47
Re: Txp cookies, visitor logging, and GDPR stuff in general
Offline
#291 2018-05-19 19:37:50
Re: Txp cookies, visitor logging, and GDPR stuff in general
michaelkpate wrote #311894:
This article admits that no one knows anything.
I actually looked into geolocation technology a few weeks ago in order to see if I could come up with a way to block anyone from an EU country as a proof of concept.
I’m from an EU country (until next year, anyway), and I’m still from an EU country when I spin up a VPN or SOCKS proxy in a non-EU data centre. Also, if you have a non-EU assigned IP address subnet assigned to you, these are often portable and can be transferred to EU data centre.
Offline
#292 2018-05-20 07:51:29
Re: Txp cookies, visitor logging, and GDPR stuff in general
An article from the guardian relating to the right to be forgotten:
‘I felt exposed online’: how to disappear from the internet
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#293 2018-05-20 15:57:04
Re: Txp cookies, visitor logging, and GDPR stuff in general
In recent weeks, a grassroots movement has formed around the slogan Delete Facebook (Zuckerberg claims it has been a failure).
The evidence supports his claim.
March 24, 2018 – Mark Zuckerberg Lost $10 Billion in One Week After Facebook’s Privacy Scandal
May 12, 2018 – Mark Zuckerberg’s Net Worth Is Up $13 Billion Since Height Of Privacy Scandal
Goldman Sachs said Facebook’s US unique users on mobile rose 7% year-on-year to 188.6 million in April, when the scandal was biting hard. Time spent on Facebook also went up. The graph below says it all. – The backlash that never happened: New data shows people actually increased their Facebook usage after the Cambridge Analytica scandal
Offline
#294 2018-05-20 16:26:43
Re: Txp cookies, visitor logging, and GDPR stuff in general
No such thing as bad publicity, eh.
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Hire Txp Builders – finely-crafted code, design and Txp
Offline
#295 2018-05-20 17:42:26
Re: Txp cookies, visitor logging, and GDPR stuff in general
I think that I posted this before but it is circulating again.
The EU is considering a copyright proposal that would require code-sharing platforms to monitor all content that users upload for potential copyright infringement (see the EU Commission’s proposed Article 13 of the Copyright Directive). The proposal is aimed at music and videos on streaming platforms, based on a theory of a “value gap” between the profits those platforms make from uploaded works and what copyright holders of some uploaded works receive. However, the way it’s written captures many other types of content, including code. (blog.github.com/2018-03-14-eu-proposal-upload-filters-code/)
and in the States
The House of Representatives has combined the largely good Music Modernization Act with the CLASSICS Act, which would add new royalties and penalties to recordings made before 1972, without giving anything back to the public. That same mistake was replicated in the Senate with S. 2823. (act.eff.org/action/stop-another-expansion-of-copyright-tell-the-senate-to-vote-no-on-s-2823).
Is it only me who is detecting patterns here?
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#296 2018-05-21 13:38:37
Re: Txp cookies, visitor logging, and GDPR stuff in general
What is GDPR and how will it affect you?, from the guardian.
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#297 2018-05-21 14:12:01
Re: Txp cookies, visitor logging, and GDPR stuff in general
If you are concerned about GDPR, this may make you feel better.
The reason why I am sure this is the way it will go down is this is exactly how it has been done so far, every interaction with data protection authorities has followed the exact same pattern: warn, fine, increased fines. There are no known cases – though I’m willing to be surprised on this one, but none that I can find – where an entity was presented with a huge fine without first being given a chance to comply with the law. – GDPR Hysteria
So there is nothing that actually prevents abuse but they haven’t done it before so they probably won’t do it now.
For instance, one oft heard argument is that no webserver (or even any internet service) is going be able to be compliant because all web servers log IP addresses, and IP addresses are PII. But that argument does not hold water. There are several reasons for that, the major ones being: webservers only log IP addresses if you configure them to do so. Almost all webservers have a formatting option that determines what exactly is logged and you could configure your webserver to not log the whole address but just the network portion. You also have the option to log the address and to disclose that you do so in your privacy policy, but then you will have to allow for the removal of that data on request, which you may find burdensome (or not, that depends on the volume of such requests). Finally, you may have a legitimate reason to log the IP address, provided you delete it after you are done with whatever use you collected it for in the first place. There is enough room in the GDPR to hold on to the address for 30 days with a possible extension of another 60 days after which an automated reply to the user can tell them their IP address was purged and you’d be in compliance.
I am trying to figure out how to notify someone I have deleted their IP address I collected from them visiting my website 30 days ago.
Oh, and in contrast to colak’s article that said “Nowhere in GDPR does it state that you need ‘consent’ for email marketing”:
Can I send marketing email? Yes you can, provided you have obtained proper consent to do so. And no, you can’t mail your users to obtain consent after May 25th, you actually shouldn’t be doing that anyway. Any addresses that you have collected without consent should be considered lost. In general such messages, collectively classified as ‘SPAM’ are off limits when sent to private individuals. – GDPR Hysteria Part II, Nuts and Bolts, actionable advice
I guess we will have to wait for the regulators to decide. Hopefully, they will be consistent.
Offline
#298 2018-05-22 00:23:13
Re: Txp cookies, visitor logging, and GDPR stuff in general
cant resist posting this on Vicky Day:
“Do you know a good GDPR consultant?”
“Yes.”
“Can you give me their email address?”
“No”
#GDPRhumour
…. texted postive
Offline
#299 2018-05-22 02:43:28
Re: Txp cookies, visitor logging, and GDPR stuff in general
michaelkpate wrote #311940:
If you are concerned about GDPR, this may make you feel better.
That was good set of articles, thank you.
I am trying to figure out how to notify someone I have deleted their IP address I collected from them visiting my website 30 days ago.
That is not what you have to do. You can collect IP addresses and store them; you must however detail this in your privacy policy and code of conduct (purpose etc – that also answers @Bloke worry up thread. e.g a legitimate purpose is managing your server, tracking that bot that “visits” you every 2 seconds). If someone then asks you to delete their IP address, you must do so and notify them.
Where is that emoji for a solar powered submarine when you need it ?
Sand space – admin theme for Textpattern
phiw13 on Codeberg
Offline
#300 2018-05-22 05:46:17
Re: Txp cookies, visitor logging, and GDPR stuff in general
Several months ago I deleted my Flickr account that I never used, and supposedly my Yahoo account too. I get an email today about their acquisition to Smugmug it says:
‘If you do not consent to SmugMug’s Terms and Privacy Policy, you will need to delete your Flickr account through your Account Settings.’
(Bold is a link to Yahoo login.)
So not only am I not given the chance to opt in to this shit as required by GDPR (or rightfully dropped if I do nothing). I have to sign in to an account I no longer have to do it and opt out?
This makes me angry!
Is their a GDPR watchdog to report to? Because I will gladly be one of those people to wage major complaints on these companies.
Or what could be happening here is Yahoo didn’t delete my email from their spam engine, which is still a violation of GDPR. Which again makes me want to report them.
Offline