Textpattern CMS support forum

You are not logged in. Register | Login | Help

#81 2018-04-13 17:20:43

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 7,156
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Hi Julian,

I agree with you that sometimes I write as if I know you guys intimately and vice-versa .. We’ve been here for long enough but the internet is no substitute to person to person interaction. I stand corrected re the anonymizeIP!!! I actually thought that it was working like a proxy.

In any case, I think that the GDPR will increase rather than decrease surveillance. Be that for the few. I am also thinking that even the Right to be forgotten is problematic. Think of investigative journalism for example, where good investigative reporters will no longer be able to gain access to much material which is currently available online because the person/people they are investigating will be able to take down – from the public side at least – all incriminating evidence in their digital footprint.

I believe that companies like Google will not be able to make the right judgements to all the notices they will receive and they will eventually resort to only go with algorithmic decisions which are no different to all the automated DMCA trolls currently infesting the net. In the end we will lose the freedom web1 had, and web2 abused.


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | Respbublika! | NeMe @ github

Offline

#82 2018-04-13 17:47:50

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,173
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

colak wrote #311026:

Think of investigative journalism for example, where good investigative reporters will no longer be able to gain access to much material which is currently available online because the person/people they are investigating will be able to take down – from the public side at least – all incriminating evidence in their digital footprint.

I understand what your getting at. But that particular statement is interesting. You’re looking at it from the perspective, in this case, journalists being able to pin something on someone, or, rather, the perspective that once anyone makes a post online of any kind, be it socmed, blog, whatever… they are not allowed to remove it ever again. They must forever remain accountable for whatever thing they said, even if they made a human mistake. And that would seem to go for not being able to edit their original post either, because, after all, you could change the thing said that someone might want to pin you for.

If we’re talking about shitdip Donald (and not Donald Swain), I can kind of see your point. People like that need to be held accountable because they are extremely controversial, influential, and powerful.

But think if it was you, or your son, or father…. Hopefully that suddenly makes a big difference in your perspective. I am doing a major audit of my online footprint for exactly the reasons of not being pinned to the wall by reporters, TSA pricks at the border, employers, wife, whoever. It doesn’t matter. I should not have to be painted all over the internet if I decide I don’t want to be anymore.

By the way, there are some special conditions for journalism in the GDPR. I haven’t read them yet, but I did notice them. Also, criminal records are not even covered, if I remember right. In other words, criminals don’t have the same right to erasure. So it seems they are giving the good people the edge, as it should be.

I absolutely agree with you about not trusting tech companies. I don’t. Not any more. Never will again. Likewise, governments.


The text persuades, the *notes prove。

Offline

#83 2018-04-13 18:08:13

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,173
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

@ phiw13

Destry wrote #311025:

I don’t think there is a good explanation, thus no good reason to ask for it, thus why it’s hard to say anything worthwhile about why you need to collect.

I just remembered one reason why emails may be collected in comment systems. Some provide notifications to commenters when people reply directly to their comments. I don’t know if that’s how it works in Txp or not, but I think Disqus, for example, works that way.

That would be your reason/statement in the CoC if that was the case.


The text persuades, the *notes prove。

Offline

#84 2018-04-13 20:00:54

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 3,390
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Hi Yiannis,

Thanks for joining up the dots. And yes, I agree with much of what you say. Someday maybe we’ll all descend on you and can discuss this all and more in person ;-) I just read your cookie notice and just had to say it made me laugh!


TXP Builders – finely-crafted code, design and txp

Offline

#85 2018-04-14 06:51:04

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 7,156
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #311027:

If we’re talking about shitdip Donald (and not Donald Swain), I can kind of see your point. People like that need to be held accountable because they are extremely controversial, influential, and powerful.

Hi Destry, I am thinking of shitdip Donald:). An artist we exhibited twice in our space created a project re Swain, part of which can be found on youtube, so I am also aware of the dangers of the inadequate laws.

The problem we are facing is that technology creeps in, very shyly in the beginning, but it’s not long before it becomes spread, and an integrated part of our daily lives. Think of mobile phones for example, or self driving cars which promise/threaten to become the norm in the foreseeable future. Another artist / writer we have presented said that technology is developing faster than our laws. The particular book was finished whilst he was staying with us. The problem, as I see it, is that both technologies AND laws are creeping into our lives in a way that affects our rights. The post 9/11 era is characterised by state suctioned paranoia, enhanced by the hegemonic neo-liberal economic systems. Their combined effect on both technology developments, and our new laws, are leading us to a path reminiscent of totalitarian, extremist, times which basically allows governments to entrap their citizens. Or as you pointed out:

“Multiple changes in this area include CNIL agents being allowed to carry out the online checks under a borrowed identity.”

jakob wrote #311030:

Someday maybe we’ll all descend on you and can discuss this all and more in person ;-) I just read your cookie notice and just had to say it made me laugh!

You are all very welcome to come! I’m glad you laughed on that one. I’m trying to make it even funnier… Suggestions are always accepted:)


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | Respbublika! | NeMe @ github

Offline

#86 2018-04-14 17:25:27

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 7,156
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

I just came across this old cookieless cookie solution which provides us with some food for thought.


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | Respbublika! | NeMe @ github

Offline

#87 2018-04-15 08:37:38

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,173
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

colak wrote #311043:

I just came across this old cookieless cookie solution which provides us with some food for thought.

That’s interesting. As are the extra details explained in wikipedia.

Others might grasp it better than me, so consider this a spill of the pick-up-sticks only, but my first reaction is:

  1. This would qualify as personal data because it could be used in combination with other data to identify you. Similar logic as was argued for IP addresses after comparison with ISP logs (rare scenarios, yes, but the ruling was: it counts as personal data).
  2. Etags are hard to detect?, which means using them without opt-in from data subjects can get you in serious hot water. (Class-action lawsuits over it already years ago, might see more of those now.)
  3. Controllers can set Etag headers, but it’s optional? Though they have no authority over browser and web server design, so onus is on users there to browse anonymously, clear cache, etc.
  4. Controllers would need to account for “Etag headers” in their policies about whether they’re using them or not, why, etc. (‘if you keep using this site, you agree to the Etags for caching purposes’ … whatever) or (‘This site does not use Etags. The browser may set them but you can use safe-mode, etc’).

As the article seems to say, the risk of this is kind of small, because their are bugs with a totally undetectable implementation, and it doesn’t work at all if users browse with anonymous browsing mode on, for example.

How do Etags factor into Txp caching plugins? Are the headers added in that case?


The text persuades, the *notes prove。

Offline

#88 2018-04-15 08:45:25

Destry
Moderator
From: Haut-Rhin
Registered: 2004-08-04
Posts: 4,173
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

colak wrote #311034:

You are all very welcome to come! I’m glad you laughed on that one. I’m trying to make it even funnier… Suggestions are always accepted:)

A Txp meetup in Greece! That would be wonderfully appropriate.

Yes, the cookie policy is great. Something I might have wrote. ;)


The text persuades, the *notes prove。

Offline

#89 2018-04-15 09:15:51

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 7,156
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Destry wrote #311051:

A Txp meetup in Greece! That would be wonderfully appropriate.

Make that Cyprus:) (Think Greece but with British type of organisation and Westminster based legal system)


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | Respbublika! | NeMe @ github

Offline

#90 2018-04-16 09:14:22

phiw13
Plugin Author
From: Japan
Registered: 2004-02-27
Posts: 1,625
Website

Re: Txp cookies, visitor logging, and GDPR stuff in general

Here is something else I have been pondering: what happens with AMP pages? You make sure your site is GDPR compliant, then you serve your page through AMP. A visitor receives a link to your site from someone (friend / twitter / …) who found it through google on a mobile device. The URL he or she receives is to the AMP page, which is loaded with Google stuff. Technically it is your site, but it is also Googles.

Quid of your privacy policy?

Offline

Board footer

Powered by FluxBB