Txp cookies, visitor logging, and GDPR stuff in general

michaelkpate · 2018-05-24 19:49:48

Destry wrote #312069:

We’ve got to get the dog off the hay

It is so handy that articles like that include a button that you can use to share them to Facebook.

Destry · 2018-05-24 22:38:55

Yep. It’s a horrible irony that only seems to be lost on the publishers.

bici · 2018-05-25 02:00:34

jakob wrote #312068:

(BTW an aside: I found a way to create a single Let’s Encrypt certificate on webfaction for multiple domains at once. It’s not using the method you detailed in your instructions, but I can expand on that if you’re interested.)

yes please. hope its a simple procedure ;-)

Destry · 2018-05-25 07:41:18

jakob wrote #312068:

No, its been showing that message for a couple of days at least

Thanks. I’m looking into it.

Odd. I updated my certs about a week ago and the sites were fine after that, and I haven’t touched them since.

Destry · 2018-05-25 07:49:33

jakob wrote #312068:

I found a way to create a single Let’s Encrypt certificate on webfaction for multiple domains at once.

I heard this was possible now but haven’t been able to look into it.

As it is now I have to run the script twice, which is the easy part. Copy/pasting the 3 resulting cert keys each time is the drudge work. Would be nice to run the scrip once and have auto updates, but it’s not a big deal to to run manually every couple of months or whatever.

Yes, please, hit me with the new and improved.

colak · 2018-05-25 08:23:40

jakob wrote #312068:

(BTW an aside: I found a way to create a single Let’s Encrypt certificate on webfaction for multiple domains at once. It’s not using the method you detailed in your instructions, but I can expand on that if you’re interested.)

Please do… A step by step tutorial would be absolutely wonderful.

michaelkpate · 2018-05-25 15:36:23

“Facebook has even blocked accounts of users who have not given consent. In the end users only had the choice to delete the account or hit the ‘agree’ button–that’s not a free choice; it more reminds of a North Korean election process,” said Schrems in a statement. “Many users do not know yet that this annoying way of pushing people to consent is actually forbidden under GDPR in most cases.” – Activists Are Already Targeting Google and Facebook Over Europe’s New Data Privacy Law That Went Live Today

I agree with him. GDPR does seem much like a North Korean Election Process.

A number of high-profile US news websites are temporarily unavailable in Europe after new European Union rules on data protection came into effect. The Chicago Tribune and LA Times were among those posting messages saying they were currently unavailable in most European countries. – GDPR: US news sites unavailable to EU users over data protection rules

Going back to our earlier discussion…

I fear that the upcoming EU GDPR privacy regulations will also have serious consequences for the future of post-mass media. – To Facebook — and Its Critics: Please Don’t Screw Up Our Internet

michaelkpate · 2018-05-25 15:49:31

Here’s an interesting one.

I took this photo in Venice in 2010. Now. under GDPR, anyone in Europe can demand that Flickr delete it.

Rieck says the new protection of individual privacy means that anyone who appears in a photograph taken in the EU has an absolute right to refuse to be in that photo, especially if those pictures end up on social media. And it’s up to the person taking the picture to figure out whether subjects want to be in the photo or not. – New EU Data Protection Law Could Affect People Who Take Pictures With Their Phones

Fortunately, I took the time to backup all my Flickr photos to Google Photos last year.

colak · 2018-05-25 16:32:58

michaelkpate wrote #312088:

Here’s an interesting one.

I took this photo in Venice in 2010. Now. under GDPR, anyone in Europe can demand that Flickr delete it.

Fortunately, I took the time to backup all my Flickr photos to Google Photos last year.

If anybody does ask for it to be deleted, here is a quick one you can replace it with:)

michaelkpate · 2018-05-25 17:18:30

Thanks, Colak. :)

Here is another GDPR Guide – aimed at WordPress users but probably some useful information.

Having said that, due to the dynamic nature of websites, no single platform, plugin or solution can offer 100% GDPR compliance. The GDPR compliance process will vary based on the type of website you have, what data you store, and how you process data on your site. – The Ultimate Guide to WordPress and GDPR Compliance – Everything You Need to Know

Destry · 2018-05-25 17:32:34

Facebook and Google hit with $8.8 billion in lawsuits on day one of GDPR

GDPR may not be perfect (any law with merit in this area was going to face challenges), but it’s not a terrible law and reasonably well-written. The shakeup it’s already causing is long past due. It might be annoying to peons like us, but it’s going to hurt the unscrupulous social media and ad-tech industries, and I welcome that wholeheartedly.

Too many tech and media companies today have business models that rely on the abuse of our privacy and security and no law to date has been taking it seriously enough. Those companies want you to blame the GDPR so they can get off the hook and keep screwing you.

I’m glad I live in the EU now, where government does seem to care somewhat for its citizens (compared to US and N.K.). And the fact you see so many emails the last few days of orgs shitting their britches over it… Well, that’s a good sign if you ask me.

Destry · 2018-05-25 18:15:17

US news companies going dark like crows in the night. Lol!

Oh, but wait… There is one phoenix burning bright in the night sky. USA Today used the 2 years wisely and made the ethical play. No ads, no cookies, no tracking, no third-party JS. Only minimal first-party JS that doesn’t seem needed (works fine with JS off, as far as I notice). And look at how fast compared to other media shite.

Apparently they’re still giving Americans the broom handle. That’s one good use of IPs. Yep, glad to be living in the EU right now.

That’s how you do it, media companies. Now USA Today will enjoy EU eyeballs on both sides of the Atlantic while others will watch their stats drop like rocks in the ocean. But who’s tracking. ;)

I suspect we’ll see many jumping on this train quick.

michaelkpate · 2018-05-25 20:29:56

Destry wrote #312093:

Oh, but wait… There is one phoenix burning bright in the night sky.

I hate to constantly be taking the contrarian view but here I go again.

You do know that meeting the technical requirements of GDPR is the easy part? That is just writing some code. The hard part is actually staying in business.

Constant layoffs and consolidations. Too many mid-level managers with little direction. The company’s priorities and “initiatives” change on a whim. -No long-term vision, constant layoffs

I left Gannett because I wanted to be part of a company where the environment isn’t heavily laced with fear of losing your job. With all the downsizing it was difficult to focus on tasks at hand especially when sales and marketing became the overall obsession instead of news and content. It became difficult to feel valued as an employee when senior teams were concerned with their own self preservation and were willing to throw you under the bus just to keep their positions. So many unending restructurings made the environment toxic and killed the morale of every employee. Instead of waiting to be RIFed I decided to be safe rather than sorry – I found a better position elsewhere. – Fear is the driving force

Gannett is the parent company of USA Today as well as a number of other local newspapers through the US. The transition from print to digital has been difficult, to put it midly.

“We know that news is in demand more than ever and journalism is more important than ever, so the fact that we’ve got a somewhat dysfunctional business model around how we get it to people, that’s our problem to solve.” – Can newspapers make real changes under the constant threat of layoffs?

And what GDPR does, no doubt with the best of intentions, is make newspapers less valuable to advertisers. Even though they were pretty bad at it, news companies could at least give the people who pay them money some sort of metrics. And now that will be much more difficult.

Still, consider the benefits for advertisers. Once upon a time, advertising was like carpet bombing. You paid a lot of money to put ads in newspapers and magazines or on television and billboards, but it was all hit and miss: you could never be sure what worked. As a US department store magnate, John Wanamaker, once said: “Half the money I spend on advertising is wasted; the trouble is, I don’t know which half.” But when Google and then Facebook arrived, all this apparently changed. The technology deployed by these outfits could ensure that only people likely to be receptive to particular messages would be shown those messages. Wanamaker’s heirs could be sure that their advertising dollars were hitting the spot. And on this foundation, Google and Facebook (and, for a while, Yahoo) made money like it was going out of fashion. It was, as the cliche puts it, a win‑win situation. – Bad news for online advertisers – you’ve been ’ad

I know the prevailing opinion around here is that Google and Facebook are about to see a reckoning. But they are also big companies with lots of lobbyists and lawyers who have spent a long time thinking about these things and building up relationships with their users/products. Newspapers haven’t.

—-

Quick Addition:

The law had been seen as focusing on Silicon Valley tech giants like Facebook and Google, but publishers and advertising companies have warned that it will harm their businesses in particular because it restricts how information is packaged and shared to sell advertising. It is common for websites to use tracking software to gather information about visitors in order to better target ads. – U.S. News Outlets Block European Readers Over New Privacy Rules

Also from the article: “Andrea Jelinek, chairwoman of the new European Data Protection Board, which will coordinate enforcement of the new law, criticized the blackout and said that companies had been given a long time to prepare.” I guess all those predictions about a soft launch were wrong and the Regulators are going to be out in force.

Last edited by michaelkpate (2018-05-25 20:39:08)

phiw13 · 2018-05-26 02:50:01

Dreamhost has finally updated their Privacy Policy to be GDPR compliant. Just in time, I think they posted it May 25, 23:59 GMT…

Privacy Policy
Announcement (skip the usual incontinent babble and cheesy jokes at the beginning – second half is more to the point)

From a quick reading, their Privacy Policy appears mostly inline with the GDPR. They do not appear to make an explicit DPA available at first sight. Perhaps signing up for an account with them is an implicit DPA? They seem to promise additional tools to control the collected data (the blog post mentions their server log retention is 72hours).

jakob · 2018-05-26 09:24:41

phiw13 wrote #312097:

The blog post mentions their server log retention is 72hours.

Presumably that’s access logs only (error logs don’t have IP data, right?). But what is a suitable retention period? I’ve not been able to find any reliable values…

I’ve seen some reports of 90 or 180 days, some of 7 days (like CCTV), I think the varonis site Pete mentioned early on this thread suggested 30 days.

And does the retention period depend on whether or not the access logs are anonymised? When anonymised, they’re of little use for banning IPs or for law enforcement, hence retaining them is less contentious.

Textpattern CMS support forum

#331 2018-05-24 19:49:48

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #312069:

#332 2018-05-24 22:38:55

Re: Txp cookies, visitor logging, and GDPR stuff in general

#333 2018-05-25 02:00:34

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #312068:

#334 2018-05-25 07:41:18

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #312068:

#335 2018-05-25 07:49:33

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #312068:

#336 2018-05-25 08:23:40

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #312068:

#337 2018-05-25 15:36:23

Re: Txp cookies, visitor logging, and GDPR stuff in general

#338 2018-05-25 15:49:31

Re: Txp cookies, visitor logging, and GDPR stuff in general

#339 2018-05-25 16:32:58

Re: Txp cookies, visitor logging, and GDPR stuff in general

michaelkpate wrote #312088:

#340 2018-05-25 17:18:30

Re: Txp cookies, visitor logging, and GDPR stuff in general

#341 2018-05-25 17:32:34

Re: Txp cookies, visitor logging, and GDPR stuff in general

#342 2018-05-25 18:15:17

Re: Txp cookies, visitor logging, and GDPR stuff in general

#343 2018-05-25 20:29:56

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #312093:

#344 2018-05-26 02:50:01

Re: Txp cookies, visitor logging, and GDPR stuff in general

#345 2018-05-26 09:24:41

Re: Txp cookies, visitor logging, and GDPR stuff in general

phiw13 wrote #312097:

Board footer