Textpattern CMS support forum

You are not logged in. Register | Login | Help

#11 2018-04-08 18:58:11

jakob
Moderator
From: Germany
Registered: 2005-01-20
Posts: 3,162
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #310778:

My aim is to be more expressively transparent about how I don’t track or collect data, as a kind of badge of honor, versus what I do and how it’s used for the sake of laws. I think the more people that take that open stance, the more pressure it puts on those who do track, scrape, collect, exploit, etc. The more awareness it makes in the wild in general.

I applaud your transparency and yourt intention to do it with brevity. For a personal site, it’s perhaps easier to do that. For other sites, I really hope people find a way to be clear and to the point while still avoiding the fangs of predatory lawyers who seem to earn their living firing warning letters complete with fines to people who haven’t quite conformed to the new laws.

The week before last, I looked at one of those GDPR disclaimer generator site on behalf of a non-profit association client of mine: their site has no tracking, no user registration, no payments, no affiliations, no comment system. The only pertinent aspects are some member-supplied information (provided offline and person-to-person in direct agreement), a mailchimp signup and a link to a facebook page. In the whole multi-pane generator form, there are just three boxes ticked. The result is … I kid you not … 12 A4 pages (~5000 words) worth of policy infos. I shudder to think how long it will be on sites with anonymized webstats and perhaps an embedded twitter feed.
To me that has to be counter-productive. Aside from the fact that it needs considerable editing (it’s an association with members not a company with customers), I have suggested my client supplies a short info as a preamble to actually inform people and the privacy policy to ward off the lawyer-sharks.

(That said: that particular disclaimer does have a passage on server logs that you might find useful.)


TXP Builders – finely-crafted code, design and txp

Offline

#12 2018-04-08 19:38:08

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 8,462
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #310784:

In the whole multi-pane generator form, there are just three boxes ticked. The result is … I kid you not … 12 A4 pages (~5000 words) worth of policy infos.

Yowzers. Gotta keep themselves employed, I guess. It’s jobs for the boys, just like in governments throughout the so-called democratic world!


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#13 2018-04-08 21:03:25

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,383

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #310778:

Well, every web server records IP address, doesn’t it?

Not strictly, no. The web servers I’ve used can all have logging disabled, or have the log format set to exclude the IP address. There are also methods to anonymise the visitors so their path can be tracked through your/the site, but there’s no identifying data in the logs.

Aside: I think GDPR is going to be a big mess for the first few years, and I suspect some crazy fines will be handed out.

Offline

#14 2018-04-08 21:07:59

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,383

Re: Txp cookies, visitor logging, and GDPR stuff in general

philwareham wrote #310756:

I guess that checkbox could be updated to localstorage- maybe open an issue to discuss.

github.com/textpattern/textpattern/issues/1236

Offline

#15 2018-04-08 21:10:09

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,383

Re: Txp cookies, visitor logging, and GDPR stuff in general

Bloke wrote #310763:

I’m tempted to leave it and completely overhaul the commenting system in a future Txp version by making it a module, deprecating the mess of comment tags we have now and starting again with new tags.

See github.com/textpattern/textpattern/issues/308 for some background info, starting in the heady autumn days of 2014!

Offline

#16 2018-04-08 21:20:51

gaekwad
Member
From: People's Republic of Cornwall
Registered: 2005-11-19
Posts: 2,383

Re: Txp cookies, visitor logging, and GDPR stuff in general

gaekwad wrote #310789:

Aside: I think GDPR is going to be a big mess for the first few years, and I suspect some crazy fines will be handed out.

I’ve been using this with my clients, it’s the best explanation I’ve found to date:

blog.varonis.com/gdpr-requirements-list-in-plain-english/

Offline

#17 2018-04-09 03:48:23

michaelkpate
Moderator
From: Avon Park, FL
Registered: 2004-02-24
Posts: 1,118
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Here’s another one I ran across:

Centry’s GDPR Guide

Which was discussed here:

This Week in Law 418: FOMO Re EU

Offline

#18 2018-04-09 07:25:04

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 6,916
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

OK, Destry persuaded me that we have to have a warning for our cookies. I am trying to use Jukka’s code but it does not seem to be working.

You can see our usage on github

and here

<txp:output_form form="colak_cookie" />
<txp:variable name="cookie_warning_visible" value="true">
<div class="container_24" id="cookie-monster">
<div class="grid_24">
<p class="centre">By continuing to use the site, you <a href="?hide_cookie_warning=1">agree</a> to the use of cookies. You can find out more about our use of cookies by following this <a href="/about/#cookies">link</a>.</p>
</div></div>
</txp:variable>

This is the output form (which I think that it is identical to Jukka’s).

<txp:variable name="cookie_warning_visible"><txp:php>
	if (gps('hide_cookie_warning'))
	{
		setcookie('cookie_warning_hidden', 1, strtotime('+1 year'), '/');
		echo 'false';
	}

	else if (cs('cookie_warning_hidden'))
	{
		echo 'false';
	}

	else
	{
		echo 'true';
	}
</txp:php></txp:variable>

any advice would be appreciated.


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | NeMe @ github

Offline

#19 2018-04-09 07:31:23

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,021
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

jakob wrote #310784:

For a personal site, it’s perhaps easier to do that.

Understatement of the year. ;)

their site has no tracking, no user registration, no payments, no affiliations, no comment system. The only pertinent aspects are some member-supplied information (provided offline and person-to-person in direct agreement), a mailchimp signup and a link to a facebook page. In the whole multi-pane generator form, there are just three boxes ticked. The result is … I kid you not … 12 A4 pages (~5000 words) worth of policy infos.

Stunning. (And fascinating.)

I have suggested my client supplies a short info as a preamble to actually inform people and the privacy policy to ward off the lawyer-sharks.

That’s a good suggestion.

It’s also a good time to be telling clients to audit their entire content assets and accounts, quitting needless third-party services (Facebook, MailChimp, etc), and cutting content ROT (redundant, outdated, trivial) like their lives depend on it.

As someone who works in the Content Strategy realm of things, I can see how the GDPR is going to create a whole new niche service in that field, contrary to what it’s been up to this point. Where content marketing thrived and dominated that field to get companies, orgs, associations, institutions, etc to spread their communication and archiving across third-party services, the exact opposite is going to be imperative now. A doubled-down emphasis on content auditing — not unlike the self-editing I’m doing to reduce my online footprint and connection with centralized services.

For SMEs (small-medium enterprises), removing non-critical connections with distributed cloud archives and centralized (and decentralized) social media could be the next internet land rush. Own Your Data! has never been more important. Big companies will have a much harder time of this, and that’s where the lawyer sharks will be swimming, where the big money is.

The repercussions of it all could literally change the web as we know it, but in a good way if entities make the effort to tighten their load and jettison the detritus content and parasite services, instead of just screaming FOUL! and hoping it will all go away. Though that could just be my hate for ad/marketing agencies and socmed talking.

I think I just outlined a new service offer for Wion Editorial. Auditing for GDPR survival. I need a internet lawyer partner. We’ll be rich! ;)


The text persuades, the *notes prove。

Offline

#20 2018-04-09 07:38:47

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,021
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #310796:

Big companies will have a much harder time of this, and that’s where the lawyer sharks will be swimming, where the big money is.

Now that I think of it, company size may not be as big of factor as dependency on third-party services. Whether large or small, if a company relies heavily on Google services like Analytics and Drive, or Amazon, whatever. That’s going to be painful to change, if they even can and survive.

But where companies can better self-manage their assets, and eliminate needless bulk, that’s the direction to go. Lean, clean, and mean. That will help reduce legal risk.

Auditors and sys admins have a bright future. ;)


The text persuades, the *notes prove。

Offline

Board footer

Powered by FluxBB