>ask to have my account, posts and threads deleted on a old forum
>"we don't delete your account"
So how do I use GDPR to convince them to do it? They said my posts and threads aren't "personal information", when it quite literally says in GDPR that pseudonymous is considered personal information, along with IP addresses.
Other urls found in this thread:
ec.europa.eu
theguardian.com
redstate.com
theguardian.com
gdpr-info.eu
twitter.com
Threaten them with a lawsuit
You can either go to some lawyer or simply tip off some lawyer who is specialized in finding companies like that.
GDPR has stiff penalties for non-compliance..
Stiff penalties? As in, harsh?
Depends on where the server is located, who operates it, and whether or not it makes any money at all. If it's just some dude's personal forum, you probably have little to no recourse, especially if they're outside the EU.
If it's like some German guy's botnet though, then you should probably find a lawyer.
It's a Scandinavian forum, in a Scandinavian country that's been part of the EU for decades and the owner is definitely a citizen in EU
Then file a complaint. Two caveats:
1) GDPR is fine based. If he's not pulling in any money, then there's probably little that can be done.
2) He can argue that storing your messages is essential to the operation of the website.
>stiff penalties
well, wouldnt want to get stiffly penalized.. or would i.. i need time to ponder, dont message me for the next 15 minutes
Lawyers don't handle GDPR, it's handled by a regulatory body such as ICO
you piece of shit
>open disqus and british websites
>check policy update
>They are now required to log my IP and the date of access but that's because it's better for me and this will be a good thing for my privacy
based european union
file complaint at the national DPA. In Sweden for example at Datainspektionen.
Fines are up to 20M€ or if 4% of turnover is more, even more. The guy could get to pay a fine of appropriate height even if he isn't earning any money.
>He can argue that storing your messages is essential to the operation of the website.
This legalized the tracking IP/history market. A few years ago it was illegal to log IP if they didn't say this in their ToS
Now they can log your ip and history without telling you as long as they claim the data collected is not for profit
This Regulation does not apply to the processing of personal data:
>d) by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security.
>Where the controller intends to further process the personal data for a purpose other than that for which the personal data were obtained, the controller shall provide the data subject prior to that further processing with information on that other purpose and with any relevant further information as referred to in paragraph 2.
> Paragraphs 1 to 4 shall not apply where and insofar as:
>(B) the provision of such information proves impossible or would involve a disproportionate effort, in particular for processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the conditions and safeguards referred to in Article 89(1) or in so far as the obligation referred to in paragraph 1 of this Article is likely to render impossible or seriously impair the achievement of the objectives of that processing. In such cases the controller shall take appropriate measures to protect the data subject's rights and freedoms and legitimate interests, including making the information publicly available
For the European Parliament
The President
M. SCHULZ
For the Council
The President
J.A. HENNIS-PLASSCHAERT
Doesn't matter where it is, who it is or money is made or not.
If you log data from some EU dude, you have to comply with the GDPR.
Even if it's for example some little kid's forum in the US. If he has some users from the EU, he has to comply with the GDPR. If he wants to, or not.
I mean, you can say that, but there's absolutely no way to enforce that on the kid in the US since there's no treaty in place. The kid can just block EU users and keep the data.
>(((you piece of shit)))
>If your company is a small and medium-sized enterprise ('SME') that processes personal data as described above you have to comply with the GDPR. HOWEVER, if processing personal data isn’t a core part of your business and your activity doesn't create risks for individuals, then some obligations of the GDPR will not apply to you (for example the appointment of a Data Protection Officer ('DPO'))
>risks
>core
>Business
What of I do not serve EU people because I do not want to mess wit this EU crap (I am from eu but that is not important to this question) so I block EU ips and have disclaimer + agreement that user is not from EU. BUT some dickhead uses vpn and lies about not being from EU and requests to get his data removed? Can I say "fug off kid"?
you remove the data requested
comply with the law
The people that support this
theguardian.com
redstate.com
theguardian.com
Are concerned abut your privacy. Yes, they really are.
That's the problem. I don't know where to file a complaint
I love the wording in all these corporate messages. It's like they all assumed theirs would be the only one we'd read so they can pretend to be making changes spontaneously out of good will.
Yes, because they have no way to enforce it on you unless you plan on operating in the EU at some point. No treaty exists on the matter and so the EU has no recourse other than to block your website.
Danishbits?
>He can argue that storing your messages is essential to the operation of the website.
This is not how it works. The GDPR makes it pretty clear that you can ALWAYS demand that all your data has to be erased:
You only need ONE of the mentioned reasons to make them erase your data. One reason would be:
>1d) the personal data have been unlawfully processed;
And that's already the case if OP didn't explicity agreed on the new terms of service based on the GDPR.
Basically GDPR give you a lot of very cool tools to BTFO any data grabber out there. It's a great idea, but people often don't get their rights.
If the kid just blocks users from EU than he is basically safe. That's what many services already did.
How exactly it get's enforced if for example some shithead decides to fuck with him, I don't know exactly, because die GDPR doesnt't mention how the sanctions will be enforced, so it's up to the court/law that user lives in.
That is a good question. Sadly I don't have any information about this particular situation. I will try looking into it.
>Jow Forums is starting to wake up to how over the top and excessive this law is
good.
>things that never happened
Fuck off. I do not serve EU clients. User agreed he is not feom EU and that law doesn't apply to him.
But what of I am european and server is in EU? But everything else is as in my previous post.
So discord will be rekt soon?
>User agreed he is not feom EU and that law doesn't apply to him.
Imagine being so american you think you can actually sign away your rights in an EULA
No, Fragbite.
I am european AND I LIVE IN EU COUNTRY (not same thing) you fucknut.
And this is not signing "your rights away" (and why can't we sign our rights away? fucking nany state) it's "we don't serve europeans. Are you sure you are not european? By clicking yes you validate that you are not european and thus we don't need to care about eu nany state laws" and user lied.
DO YOU UNDERSTAND DIFFERENCE?
How will they get non-Europeans to comply?
hold on a second
your pseudonym, and forum profiles is personal data, but you contributed posts are not, you've made a copyleft content contribution.
imagine if wikipedia were to erase contributions if some eucuck wanted to be forgotten, how to deal with later diffs based on those... impossible
>waaaah I can't data mine as bad anymore waaaaa
DO IT
>imagine if wikipedia were to erase contributions if some eucuck wanted to be forgotten
I don't see how this is a bad thing?
Are you an EU citizen?
Kolla på Datainspektionens hemsida
Forum posts are not personal data. Unless you put personal data in your forum posts.
if I put personal data here can I sue Jow Forums?
No.
>We do not serve Europeans
>Please enter your European shipping address
>Small websites which sell goods really need to store personal information for some reason
Fuck right off with your bullshit.
Gjort och klart, detta kommer bli spännande. Tvivlar på att nåt händer, men vem vet
GDPR whitelist when? I need it so I can fuck off all the shit sites.
I think it does not matter what the user does but only the fact that you hold data that you should not. How you got the data is another matter. Maybe it's like DMCA requests, you agree to not upload copyrighted material but you can nonetheless and the data holder has to delete it.