Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
#313 2018-05-22 17:50:28
Re: Txp cookies, visitor logging, and GDPR stuff in general
Back to the subject
Yiannis
——————————
NeMe  | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#314 2018-05-22 18:06:05
Re: Txp cookies, visitor logging, and GDPR stuff in general
michaelkpate wrote #311983:
implying that anyone who care about Free Speech is an Actual Nazi.
Yep. Gotta love the mainstream media and their daily duplicity. I don’t doubt that headlines are manipulated to that extent. If it isn’t sensational or clickbaity, or immediately grabs your attention as you scroll through 300 posts about what type of sandwiches your “friends” ate for lunch, it won’t get noticed.
colak has it spot on that terms have become so interwoven and bombarded at us every day with confusing and contradictory examples, we’re in an age where everyone’s stepping on eggshells to not seem anti-something. And when we can’t enter into debate – even political debate – out of fear for offending someone, well that’s censorship by any other name.
</off-topic-rant>
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
#315 2018-05-23 04:48:43
Re: Txp cookies, visitor logging, and GDPR stuff in general
Bloke wrote #311987:
well that’s censorship by any other name.
I wish I believed that! Censorship normally comes with its own set of legal rules which, in democratic societies, are always open to public discourse. The absence of a real and open debate smells like public manipulation steered by political (and politically motivated algorithmic) agendas.
Yiannis
——————————
NeMe  | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#316 2018-05-23 21:08:02
Re: Txp cookies, visitor logging, and GDPR stuff in general
Well I’m bamboozled by Hermes and their GDPR email I received today. Given that they seem to have found someone to compose their email who can’t grasp the concept of a single sentence being a standalone block of information, I’m kind of glad I’m going to be removed from their list:
If you don’t opt-in we will no longer be able to communicate with you after 24th May and we will erase your data but please note we will never sell your data to third parties; we will always keep your details secure.
So, umm, are you going to erase my data or just not sell invisible information that you somehow keep secure to third parties? ?
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
#317 2018-05-23 22:15:57
Re: Txp cookies, visitor logging, and GDPR stuff in general
For companies that have operated under the principle of “extract as much data as possible and figure it out later,” reorganizing under GDPR is a lot like an episode of Hoarders, especially one of those episodes where the hoarder doesn’t finish cleaning and everyone sort of falls apart crying at the end. – No one’s ready for GDPR
Offline
#318 2018-05-23 22:23:37
Re: Txp cookies, visitor logging, and GDPR stuff in general
Bloke wrote #312034:
So, umm, are you going to erase my data or just not sell invisible information that you somehow keep secure to third parties? ?
Hahaha, that was a particularly good one!
In reply to michaelkpate #312039:
“extract as much data as possible and figure it out later,”
Yes, I read that one too. I bet there are plenty like that.
@Destry, Bici and others: All engines are go for you: Webfaction have now published their DPA. And it’s lengthy: be prepared for eyes glazing over! Apparently we’ll see something soon in the control panel.
TXP Builders – finely-crafted code, design and txp
Offline
#319 2018-05-24 05:51:09
Re: Txp cookies, visitor logging, and GDPR stuff in general
We’ve sent our GDPR letter yesterday… Here’s my favourite part of it:
We continue to monitor the evolving interpretation of the regulation to ensure your rights are protected and added an extensive privacy policy written in a clear language which will definitely help you fall asleep should you have any trouble doing so.
Yiannis
——————————
NeMe  | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
#320 2018-05-24 07:15:24
Re: Txp cookies, visitor logging, and GDPR stuff in general
jakob wrote #312040:
Webfaction have now published their DPA. And it’s lengthy: be prepared for eyes glazing over! Apparently we’ll see something soon in the control panel.
Thanks for the heads up.
I’m surprised they’ve actually made the DPA public, which most companies don’t do because it’s only a contract between the controller and the processor.
I also don’t know why they call it an “Addendum” when the specific term is “Agreement”, but that’s probably legal insignificance.
I’m a little surprised by this part because I thought all their ‘processing’ was done on European servers:
9. Transfers of Personal Data.
9.1 U.S. Based Processing.
Customer Data will be transferred within and outside the EEA and processed in the United States.
Anyone know good European-only web hosts? I.e. don’t use US data centers? That seems to be a hard thing to find. Not that it matters much anymore, legally speaking.
And finally, I don’t see any mention of ‘IP addresses’ anywhere. In Annex 2, No. 1 they talk about ‘Encryption’ and ‘Data Minimization’ and something called ‘PII/SPII’ and “PII/SPI’, whatever that is. But I think this means they’re encrypting/anonymizing our data but not the data our servers are providing for us as website owners. For example the server logs they keep for our sites in rotation of 7 days (a nice short period, at least) do not anonymize the IPs (thus an important reason for making clear in your privacy policies what you do with IP data).
P.S. I suggested to Phil to use bq(cite). (thus bq(cite)..) as a new forum style for displayed quotations of externally-sourced content so they appear differently than quoted matter from conversations in a thread. I just marked the one above that way. I’m guessing if everyone does the same, then those displayed quotations will convert to the new style when the style rules are added. Michael, for example, I know you use the bq. feature heavily for external content, you might want to add the selector on those, if you care.
Offline
#321 2018-05-24 08:05:22
Re: Txp cookies, visitor logging, and GDPR stuff in general
Destry wrote #312043:
Anyone know good European-only web hosts? I.e. don’t use US data centers? That seems to be a hard thing to find. Not that it matters much anymore, legally speaking.
Here’s a German web host I just learned about that looks good for the ‘green’ stance they have. That would get my money if a few other boxes were ticked (have no idea about their GDPR compliance), but I can’t read anything. In any case, I’m in no rush to move at the moment.
Sorry to get off track.
Offline
#322 2018-05-24 08:31:42
Re: Txp cookies, visitor logging, and GDPR stuff in general
Destry, I suspect PII and SPI are Personally Identifiable Information and Sensitive Personally Identifiable Information, but you’re right that they should be defined.
Re Webfaction server locations: you should see where your server is in your admin panel, and you can opt to switch if you want. My client’s server is in London.
In Germany, I mostly use all-inkl as a shared server web host and they’ve been consistently reliable and affordable plus you can get someone on the phone without waiting for ages; email service is also quick (that’s all been in German up to now, though) and the service staff are knowledgeable. A further plus for me is that they’re ‘local’(-ish) with servers in Dresden and are not a conglomerate. Let’s Encrypt is a 1-click affair per domain/subdomain. GDPR-DPA is available from within their customer area. They also use power from 100% renewable energy sources. Webmail users can set their own spam rules and own autoresponder (something that Webfaction still can’t do). SSL is available from the PrivatPlus (7,95€, 5 domains inclusive) account upwards, SSH from the premium account (9,95€, 10 domains inclusive) upwards. Their admin panel, accounts panel and webmail (all custom affairs that look a bit dated but work fine) are also available in English (and Polish) but everything else is in German – that is probably the biggest problem for you, I suspect. No idea about email service in other languages. Otherwise, it’s a pure and simple Apache, PHP, MySQL shared server setup, so no Node, Python, Ruby, etc.
TXP Builders – finely-crafted code, design and txp
Offline
#323 2018-05-24 12:08:09
Re: Txp cookies, visitor logging, and GDPR stuff in general
Thanks, that doesn’t sound bad. I could probably do with learning a few German words, the tongue of my forefathers. My kids are studying it now as a third language. I’m still mastering English.
Offline
#324 2018-05-24 15:18:23
Re: Txp cookies, visitor logging, and GDPR stuff in general
With the clock counting down…
Publishers feel in the dark on critical points. Google has said it expects publishers to gain user consent on its behalf, in order to continue working using its ad tools. In doing so, it has proclaimed itself co-controller of that data, and some publishers worry that means it can decide whatever it does with that data — something that would previously have been purely in the realm of the publisher. (Google disputes this, saying having controller status doesn’t give it unlimited rights to the data, and that the use of data is limited by its contracts with publishers.) They say Google hasn’t shared any detail on how it then plans to use that data with any of its publisher partners. With the risk of costly penalties, publishers aren’t willing to be kept in the dark on how audience data is used, for which they are directly liable. – ‘No one thinks this is a good idea’: Some frustrated publishers are sitting out Google’s GDPR meetings
I am not sure why you want to skip a meeting if you think you are being kept in the dark but that is their prerogative, I guess.
If you can stand reading one more analysis I thought this one from Android Police was very comprehensive: The GDPR goes into effect on Friday, here’s how it will affect you
Oh, and I just installed a brand new version of the NVIDIA Experience desktop software. There were several new checkboxes about privacy and data collection when I logged back in – which the software required.
Offline



