GDPR and Boards.ie post removal policy **update linked in OP 24/5/18**

Bob24

Steve wrote: »

Its also a fact that law cannot be retrospective, it will be interesting to see how that evolves.

If this is what you mean, consent which was obtained before the enactment of GDPR but which didn't follow GDPR principles will definitely be void on Friday. This is why we are all getting many emails those days from organisations trying to gather our consent again.

Steve

Bob24 wrote: »

If this is what you mean, consent which obtained before the enactment of GDPR but which doesn't follow GDPR principles will definitely be void on Friday. This is why we are all getting many emails those days from organisations trying to gather our consent again.

No, they are seeking future consent, as required by law coning into force. this does not affect past consent, implied or otherwise.

Bob24

Steve wrote: »

No, they are seeking future consent, as required by law coning into force. this does not affect past consent, implied or otherwise.

Have a look at recital 171 of GDPR:

"Where processing is based on consent pursuant to Directive 95/46/EC, it is not necessary for the data subject to give his or her consent again if the manner in which the consent has been given is in line with the conditions of this Regulation, so as to allow the controller to continue such processing after the date of application of this Regulation"

It clearly says that past consent only remains valid if it was given "in line with the conditions of this Regulation" (GDPR).

Permabear

This post has been deleted.

_Dara_

Permabear wrote: »

This post had been deleted.

I read old threads all the time on boards. They are time capsules. Those threads would be ruined if they were pockmarked with deletions.

And don’t forget, not only would your posts be deleted but also posts that quote you. Do you think you should have a say in the posts of others being deleted in order to erase your own footprints on the site? What if they don’t want their posts deleted? Would you just delete the quote, rendering their post incomprehensible? How would it work exactly?

It’s a shame people can’t just stand by what they have written.

Permabear

This post has been deleted.

Franz Von Peppercorn

Permabear wrote: »

This post had been deleted.

Most people here are not identifiable.

And anyway you seem to want to ignore the other technical solutions that could work to obstufacte deleted user names while keeping posts intact.

All I care about is that there’s no link to my actual emails (even hashed) for longer than business practice allows on deleted accounts and no links to other closed accounts.

What you want will kill the site. For instance soccer super threads will make no sense. The great long running “I bet you didn’t know that” thread in AH would lose a huge amount of content when any major contributor closes an account, and so on.

Hurrache

Steve wrote: »

I agree, it was that one time in band camp...
It was still with consent tho.

There's the thing, you don't own it, you agreed by signing up here that boards has the right to publish it in perpetuity.

Read the TOU!! if you don't agree then you can simply not post here!

Your position in this debate is admirable but is untenable and seems to be driven by resentment for something that you resent from a previous experience here.

You need to read up on the GDPR and realise that in terms of data, in perpetuity is a fallacy.

And yet again someone accuses posters of having a grudge for debating through what ifs and how's when it comes to this site implementing GDPR. How utterly bizzare.

Hurrache

_Dara_ wrote: »

I read old threads all the time on boards. They are time capsules. Those threads would be ruined if they were pockmarked with deletions.

And don’t forget, not only would your posts be deleted but also posts that quote you. Do you think you should have a say in the posts of others being deleted in order to erase your own footprints on the site? What if they don’t want their posts deleted? Would you just delete the quote, rendering their post incomprehensible? How would it work exactly?

It’s a shame people can’t just stand by what they have written.

This is a red herring that keeps getting thrown out. The fact that logical structure of threads may become all messed up, which nobody disagrees with, bears no relevance to anything.

beauf

GDPR is a game changer.

People don't seem to get that.

It effects everything IT and web based.

Hurrache

Franz Von Peppercorn wrote: »

And anyway you seem to want to ignore the other technical solutions that could work to obstufacte deleted user names while keeping posts intact.

It will still allow possibility of identifying people and their varying preferences and hobbies.

Permabear

This post has been deleted.

Chorus_suck

This post has been deleted.

seamus

beauf wrote: »

GDPR is a game changer.

People don't seem to get that.

It effects everything IT and web based.

Nah it'll be like that cookie pop-up nonsense a few years back.

Big sites and companies clamouring to get compliant on time, while small ones don't care. I've never put that pop-up on anything I've developed and nobody cares.

Anyone who is data protection compliant will be broadly GDPR compliant and if found in breach they'll be given time to fix it and a stern warning.

The panic over it it's driven by consulting companies like Accenture who've spotted a way to put a team of clueless graduates at a client site for exorbitant daily rates.

Chorus_suck

This post has been deleted.

Permabear

This post has been deleted.

Bob24

Chorus_suck wrote: »

It’s bizzare to see mods and admins arguing that a private company should have the right to own in perpetuity, and publish publically, any individuals personal data for the purpose of monetizing that data. Even when this is against the wishes of that person or is potentially in breach of the law.

I’d love to know if those same mods and admins believe that OTHER sites such as Facebook etc. should have the same rights.

It’s also gas to see posters being attacked (yet again) when they ask a question boards doesn’t want asked. First an admin attacks, then the mod minions pour in. Boards really, really doesn’t like non-positive feedback or difficult questions.

My guess is that you will see a very different and more harmonised message coming from boards team members in the coming days when boards management has put toghether an official stance on this and asks the admins/mods to follow that stance.

Personal opinions expressed by some mods and admins on this threads would IMO be a risk for boards if they were to be confused with the official policy of the organisation (for exemple the belief which has been expressed that consent can be given on a permanent basis or that previous consent which wasn’t asked as per GDPR principles will remain valid once GDPR starts being enforced), so I assume there will be communication issued to the whole team to explain what to say and not to say.

BowSideChamp

My guess is the TalkTo partners will walk away if the site is not GDPR compliant.

Bob24

BowSideChamp wrote: »

My guess is the TalkTo partners will walk away if the site is not GDPR compliant.

I have absolutely no doubt boards will be GDPR compliant. They are not in the business of breaking the law.

beauf

seamus wrote: »

Nah it'll be like that cookie pop-up nonsense a few years back.

Big sites and companies clamouring to get compliant on time, while small ones don't care. I've never put that pop-up on anything I've developed and nobody cares.

Anyone who is data protection compliant will be broadly GDPR compliant and if found in breach they'll be given time to fix it and a stern warning.

The panic over it it's driven by consulting companies like Accenture who've spotted a way to put a team of clueless graduates at a client site for exorbitant daily rates.

If you are in a place with lots of data, the risk of adverse publicity is the main issue.

Franz Von Peppercorn

Permabear wrote: »

This post had been deleted.

Plenty of people asked the question. You have absolutely decided in your own head that only the deletion of posts and all posts on closing accounts is in compliance with the law.

Nody

Permabear wrote: »

This post had been deleted.

And on the other side we have people who read a whole lot more into the directive than it actually will grant. As always the end result will most likely be somewhere in the middle of the two positions. Having said that on the one side we've had a lawyer on thread talking about it who study the law and on the other people who appear to not read anything but summaries of it I know on which side I'm inclined to lean towards which is also backed up by my professional experience in the field (and yes I do work in an area heavily impacted by it and has been for years).

At the end of the day however all of this is barking in an empty cup as we go around giving the same arguments because the only thing that matters is the legal advice that boards get and act on. What ever that advice is people will disagree to some extent and the policy will be updated as more important legal cases (by more important I'm pointing towards European wide cases with experts out the wazoo arguing it out; boards is a small fish in a big pond by comparison) clarifies the law further.

Permabear

This post has been deleted.

Sleeper12

....... wrote:

This post has been deleted.

....... wrote:

This post has been deleted.

I'm pretty sure boards.ie can delete email address & IP address yet leave the comments. That way the comments are linked to no one meeting all requirements of the directive

Hurrache

Sleeper12 wrote: »

I'm pretty sure boards.ie can delete email address & IP address yet leave the comments. That way the comments are linked to no one meeting all requirements of the directive

But that's what we're debating. If posts contain identifying information, which many, individually or in combination, do then it can be argued by that poster that just scrubbing their name won't have any affect whatsoever.

Sleeper12

Reati wrote:

Jaysus last minute job. Its enacted it like 2 weeks or something. Have ye been not been playing attention to the tech news lol

In fairness to boards.ie I'm only getting emails from companies I've dealt with about their plans this week. I have a WordPress online store & they only released a plug in Friday that allows me to fulfil the directive.

Permabear

This post has been deleted.

Franz Von Peppercorn

Permabear wrote: »

This post had been deleted.

Ive been reading an online forum for forum admins. They are confused too but there is mention of article 9, which provides an exception for data processors when:

“processing relates to personal data which are manifestly made public by the data subject"

my email isn’t manifestly made public but my posts are. This seems to transfer responsibility back to the user.

Data collected about a user (iP adresses etc) is not the same as user generated personal data.

Not everybody on that forum agrees. Until there are court cases nobody knows.

Sleeper12

Hurrache wrote:

But that's what we're debating. If posts contain identifying information, which many, individually or in combination, do then it can be argued by that poster that just scrubbing their name won't have any affect whatsoever.

There is no debating on this matter. Boards.ie have always removed posts identifying someone. They have done this long before anyone even thought of the directive

BowSideChamp

Sleeper12 wrote: »

There is no debating on this matter. Boards.ie have always removed posts identifying someone. They have done this long before anyone even thought of the directive

They do not allow users to delete their posting history. Posts containing political opinions, details on sex, gender age, religious beliefs etc. All defined as sensitive personal information under GDPR.