Bitcoin Forum
September 25, 2018, 08:34:40 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: data protection policy and Right to be forgotten  (Read 65 times)
vlom
Legendary
*
Offline Offline

Activity: 1134
Merit: 1050


1312: The Movement — Freedom Organizat


View Profile WWW
September 09, 2018, 11:02:51 AM
 #1

Hi

I have two questions.

1. Data protection policy
I checked the registration from. During registration you don't habe to say "OK" to anything. Thats why I would like to know if there is a data protection policy for this forum?
e.g. I would like to know what kind of data is stored. During registration and while using the forum.

2. Right to be forgotten
The GDPR (https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) introduced a right for peoples to have personal data deleted aka the  "The right to be forgotten".

Is this something that this forum takes care of?

Quote
Q: What do I need to do to make my community forum compliant with the GDPR?

A: The GDPR includes the following key requirements:

Consent: You need explicit consent and you need to clearly inform people how you are going to use their personal data.  For example, if you are handing over your community member list to marketing to be used in various ad campaigns, you should let people know.

Right to be forgotten (right to erasure): If someone asks that you delete their personal data, in most cases, you’ll need to comply. (More on this in the next question below.)
Right to Access:  If someone asks you what personal data you have on them, you will need to provide an answer about what you have, how you’re using it, and be able to provide a copy of the data.

Data portability: The GDPR says that you will need to provide someone with a copy of their personal data in a format that is machine readable and that could be imported into another platform. We can’t imagine this being a frequent request but you should be able to produce a CSV or MySQL export of a user’s data.

Data security: You have an obligation to make sure that you are making reasonable efforts to keep data secure. Basic security measures include making sure your community forum is served over HTTPS and that data is stored and transferred securely. A commercial community forum provider will have put in place a raft of security measures that involve physical security, network security, application security and policies around data handling.
https://blog.vanillaforums.com/community-answers-to-common-questions-about-gdpr-community-forums

And this question is valid for this forum too i think:

Quote
Q: Is user generated content (UGC) personal data? Is UGC subject to rules around data portability and erasure?

A: This is a tricky one.  What if a member asks that you delete all their posts? What if those posts were valuable both to the community and your company? We feel that if the posts are stripped of identifying information ( for example the username and photo of the member), they do not need to be removed. The exception here is if the posts contain information that identifies the person that is requesting removal. That would also include posts with personal data about the requester that was posted by another member. You might consider laying out in your terms of use or privacy policy who owns UGC and what will be done if someone requests removal of posted content.


Thanks for the clarification.
1537864480
Hero Member
*
Offline Offline

Posts: 1537864480

View Profile Personal Message (Offline)

Ignore
1537864480
Reply with quote  #2

1537864480
Report to moderator
1537864480
Hero Member
*
Offline Offline

Posts: 1537864480

View Profile Personal Message (Offline)

Ignore
1537864480
Reply with quote  #2

1537864480
Report to moderator
Einax Airdrops and Bounties made easy! List your ERC-20 token
FREE
ETH markets launching soon!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537864480
Hero Member
*
Offline Offline

Posts: 1537864480

View Profile Personal Message (Offline)

Ignore
1537864480
Reply with quote  #2

1537864480
Report to moderator
1537864480
Hero Member
*
Offline Offline

Posts: 1537864480

View Profile Personal Message (Offline)

Ignore
1537864480
Reply with quote  #2

1537864480
Report to moderator
LoyceV
Legendary
*
Offline Offline

Activity: 1246
Merit: 1994


Let's make Bitcointalk great again!


View Profile WWW
September 09, 2018, 11:20:25 AM
 #2

This has been asked before, and this is theymos' answer:
Quote from: theymos
I intend to ignore all stupidity coming out of the EUSSR.

Jet Cash
Legendary
*
Online Online

Activity: 1008
Merit: 1221


I don't merit Spambies


View Profile WWW
September 09, 2018, 11:23:49 AM
 #3

I struggle to be remembered. Please don't forget me. Smiley

Thirdspace
Hero Member
*****
Offline Offline

Activity: 742
Merit: 584


Mixing reinvented for your privacy | chipmixer.com


View Profile
September 09, 2018, 11:27:47 AM
 #4

what data protection? what "personal data" you've provided to the forum?
registration doesn't require real name/address/id or whatever
we just need too pick a username, password and provide email address
and there isn't even a confirmation email sent (cmiiw), I think even a fake email address may work

vlom
Legendary
*
Offline Offline

Activity: 1134
Merit: 1050


1312: The Movement — Freedom Organizat


View Profile WWW
September 09, 2018, 11:36:57 AM
 #5

This has been asked before, and this is theymos' answer:
Quote from: theymos
I intend to ignore all stupidity coming out of the EUSSR.

OK. This is short an clear statement.
There won't be any "data protection policy" and you won't have the possibility to "delete yourself" here.

In some way I like this position. But in an other way I would like to have more control over the data that is collected here.

what data protection? what "personal data" you've provided to the forum?
registration doesn't require real name/address/id or whatever
we just need too pick a username, password and provide email address
and there isn't even a confirmation email sent (cmiiw), I think even a fake email address may work


I used the search function but did not find an answer. What kind of (personal) data is stored?
btc addresses you post
e-mail address?
ip address?
browser?
OS?
etc?
Makkara
Member
**
Offline Offline

Activity: 350
Merit: 79


View Profile
September 09, 2018, 11:39:36 AM
 #6

This has been asked before, and this is theymos' answer:
Quote from: theymos
I intend to ignore all stupidity coming out of the EUSSR.

That seems a very mature statement. Everyone else taking action on it was just for fun i recon.

https://techtalk.gfi.com/consequences-of-non-compliance-with-gdpr/

LoyceV
Legendary
*
Offline Offline

Activity: 1246
Merit: 1994


Let's make Bitcointalk great again!


View Profile WWW
September 09, 2018, 11:42:18 AM
 #7

What kind of (personal) data is stored?
e-mail address
ip address
As far as I know, the forum stores your registration IP and IP for each post. I remember theymos saying he would like to delete it, but it's very convenient to have for account recoveries.

Quote
browser?
OS?
I would expect Cloudflare to store much more information than the forum does:
What I meant is that Cloudflare can see your unencrypted password when you log in. It's still encrypted from the real server to Cloudflare and from Cloudflare to you. So it's not blatantly insecure except in that Cloudflare is very probably an NSA honeypot, and it's not like the NSA is going to steal your password in order to scam people on bitcointalk.org or anything.

That seems a very mature statement. Everyone else taking action on it was just for fun i recon.
What if other random countries start imposing their local laws on the rest of the world too? Say Andorra, Russia, Japan or Thailand? They can make demands to multinationals with offices in their country, but I don't think they have much to threaten a blog hosted in the USA with.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!