Topic: GDPR

[An_dz]

The difference is they only collect what you want to give them

That's not true, I don't want to give any information to Google but they still get it and create a profile about me wherever there's a site that has their stuff (Analytics, JS libs, fonts, custom searches, etc.). And even if you do sign up to their service they can collect data about you that you don't give to them but they "find out" inspecting your behaviour. Facebook bought WhatsApp exactly because of that, it reveals a lot about you.

This is a death switch to free internet.

That's true, the law has some requirements that are idiot, like demanding a "Director of Privacy" or whatever the name is. That's simple for a big company, but not for a small one.

[Ters]

That's not true, I don't want to give any information to Google but they still get it and create a profile about me wherever there's a site that has their stuff (Analytics, JS libs, fonts, custom searches, etc.). And even if you do sign up to their service they can collect data about you that you don't give to them but they "find out" inspecting your behaviour. Facebook bought WhatsApp exactly because of that, it reveals a lot about you.

Not only that, but its almost impossible to live in the modern world without a Google and Facebook account. Since I almost consider those two my moral enemies, I'm stuck in 2005.

That's true, the law has some requirements that are idiot, like demanding a "Director of Privacy" or whatever the name is. That's simple for a big company, but not for a small one.

It's just a matter of tagging someone with the responsibility. The law here more or less dictates that all businesses and organizations have a general assembly, a chairman of the board and a CEO. If your are a one man company, well then those are all you. In addition, you are typically also CMO and maybe CFO and CTO.

[jamespetts]

Would you say every company that owns a phone book has to serve such an Article 14 notice to everyone who is in the phone book? If you, as employee of a company, visit a company website for some quick information, and that website happens to include personal data, would you be forced to write that Article 14 notice, or delete your browser history, or both?

The company would probably be able to claim that it would involve "disproportionate effort" to serve an article 14 notice to everyone in the telephone book - but this would be the only basis on which it would not have to do so. The employee would be a processor and not a controller, and so be not personally required to serve the notice. I am not sure how this is relevant, however.

The difference I wanted to highlight is that as a user of a service, you only give data away, and recieve data that was given by the data subject willingly and for that very purpose, who were informed about all the implications as required by the GDPR. While not as public as a phone book, it's as public as a companies deed (=anyone who pays a fee can get it), hence comparable.
But that would mean if I created my own Facebook alternative as a private individual, no matter how large it would grow, as long as I would keep it as a garage project I could own millions of users data all while the GDPR wouldn't apply to me... Yeah, I'm sure that protects user data alright...

The extent of the data processed does not appear relevant to the "personal or household[/family]" exception. The example that you give is an edge case which was no doubt not in the minds of those who drew the Regulation.

(As an aside, there may well be a case for replacing things like Facebook (by competition, not force) with decentralised services, run by the people who use them on servers that each rent as part of their ISP package, bringing the original idea of the World Wide Web up to date with modern networking technology: in that instance, each individual would run an automated server that would host her/his own data and interact with all the other servers, which would form a cloud from which social networking and other currently centralised services, such as auctions, online dating, advertising houses for sale/rent, ride sharing and other such things could be provided in a decentralised manner. In that way, each individual (at least in the non-commercial cases) would be acting in a purely personal capacity and be exempt from the GDPR, as well as from the control of large organisations).

I am afraid that it is very naive to think that the GDPR is a way of the state protecting people from the actions of commercial entities. It is an example of the long-standing technique of myriad tyrants of taking a genuine issue and deliberately over-reacting with far more extreme repression of liberty than can possibly be justified in truth to solve the original problem in order to achieve sinister and repressive ends. Remember, the state is the institution with the most power, and there are huge exceptions for the state (e.g. anything to do with "national security", which is not clearly defined) in its compliance with the Regulation. Be in no doubt that the people who drew, sponsored and passed this legislation are deeply, deeply evil.

[Ters]

The extent of the data processed does not appear relevant to the "personal or household[/family]" exception.

I can't think of any personal or household activity that involves keeping track of data about thousands of living persons. And genealogi is the only thing pushing this up from hundreds.

I am afraid that it is very naive to think that the GDPR is a way of the state protecting people from the actions of commercial entities. It is an example of the long-standing technique of myriad tyrants of taking a genuine issue and deliberately over-reacting with far more extreme repression of liberty than can possibly be justified in truth to solve the original problem in order to achieve sinister and repressive ends. Remember, the state is the institution with the most power, and there are huge exceptions for the state (e.g. anything to do with "national security", which is not clearly defined) in its compliance with the Regulation. Be in no doubt that the people who drew, sponsored and passed this legislation are deeply, deeply evil.

As long as they are fighting other evil people who are at the moment threatening me, I'll go along with it. Just like the Soviet union was a nice friend to have 1941-1945. Despite the fact that, as far as the UK and France are concerned, the Soviet union also invaded Poland, which is what the war was started over in the first place. If the government is doing the same evil data collection about me, a battle against that will not be easier without GDPR. It might be easier, as it brands them as hypocrites. (Furthermore, I work with some personal information the government has on its inhabitants, even if it is only the relatively harmless parts, and GDPR is hitting us quite hard.)

[killwater]

Just like the Soviet union was a nice friend to have 1941-1945.

  Greatest buddies ever...
https://en.wikipedia.org/wiki/Soviet_war_crimes#World_War_II
https://en.wikipedia.org/wiki/Katyn_massacre
https://en.wikipedia.org/wiki/NKVD_prisoner_massacres


Please think twice before posting such examples...

I need to stop derailing this topic. Please delete if this post is considered inappropriate

[Ters]

  Greatest buddies ever...
https://en.wikipedia.org/wiki/Soviet_war_crimes#World_War_II
https://en.wikipedia.org/wiki/Katyn_massacre
https://en.wikipedia.org/wiki/NKVD_prisoner_massacres


Please think twice before posting such examples...

Why? That was exactly my point.

[jamespetts]

I can't think of any personal or household activity that involves keeping track of data about thousands of living persons. And genealogi is the only thing pushing this up from hundreds.

But that is circular reasoning - you define something as being not "personal or household" because of the number of people whose data are processed, and then state when questioned on why there should be a connexion that you cannot think of any "personal or household" activity that involves processing the personal data of a large number of people. The conclusion appears therefore to be an essential premise of your reasoning, which is thus invalid.

As to claiming that deeply evil individuals are a "good friend to have", that is very, very dangerous indeed and I am afraid never, ever valid. All evil must be opposed by any means necessary, come what may.

[Ters]

But that is circular reasoning - you define something as being not "personal or household" because of the number of people whose data are processed, and then state when questioned on why there should be a connexion that you cannot think of any "personal or household" activity that involves processing the personal data of a large number of people. The conclusion appears therefore to be an essential premise of your reasoning, which is thus invalid.

No, I have long since defined personal and household activities as things relating to functioning as a person and being part of a household. Activities like buying food, washing clothes, keeping touch with friends and close relatives, paying taxes.

As to claiming that deeply evil individuals are a "good friend to have", that is very, very dangerous indeed and I am afraid never, ever valid. All evil must be opposed by any means necessary, come what may.

Well, I'm the pragmatic type. If I'm alone and a group of thugs is threatening me, I'll temporarily befriend a rival group of thugs if there is any hope that I will end better off. Evil won't be any more oppressed if I just let the first group of thugs beat me up. By playing the two evils against each other, I can wait it out until maybe one day, enough people will be willing to fight them both (or the one that's left). Currently, most people seem ignorant of either threat.

[jamespetts]

No, I have long since defined personal and household activities as things relating to functioning as a person and being part of a household. Activities like buying food, washing clothes, keeping touch with friends and close relatives, paying taxes.

Why should a hobby or other personal activity not also count as relating to functioning as a person?

Well, I'm the pragmatic type. If I'm alone and a group of thugs is threatening me, I'll temporarily befriend a rival group of thugs if there is any hope that I will end better off. Evil won't be any more oppressed if I just let the first group of thugs beat me up. By playing the two evils against each other, I can wait it out until maybe one day, enough people will be willing to fight them both (or the one that's left). Currently, most people seem ignorant of either threat.

That sort of "pragmatism" has been responsible for some of the greatest evil that humankind has ever known being allowed to thrive.

[killwater]

Well, I'm the pragmatic type. If I'm alone and a group of thugs is threatening me, I'll temporarily befriend a rival group of thugs if there is any hope that I will end better off. Evil won't be any more oppressed if I just let the first group of thugs beat me up. By playing the two evils against each other, I can wait it out until maybe one day, enough people will be willing to fight them both (or the one that's left). Currently, most people seem ignorant of either threat.

In such a case you are just becoming a part of the second group. And you will help them beat other innocent people to advance your personal position. James is right in his judgement of this situation.

[Ters]

That sort of "pragmatism" has been responsible for some of the greatest evil that humankind has ever known being allowed to thrive.

As opposed to those who just let the thugs walk over them? I see no third group of "good guys" to join. But there is a hope of stopping one of the two evildoers, and using influence to lessen the other. Nobody has proposed another way out of this situation.

[jamespetts]

As opposed to those who just let the thugs walk over them? I see no third group of "good guys" to join. But there is a hope of stopping one of the two evildoers, and using influence to lessen the other. Nobody has proposed another way out of this situation.

You don't have to join a group. It is a fundamental error to see the world in terms only of groups. I am afraid that this is a serious and very dangerous oversimplification of reality. You can perfectly well oppose all evil without siding with any evil.

[Ters]

I only used the word join after killwater wrote that you can't interact with others without becoming part of their group. Perhaps I shouldn't have, because that's not quite how I see it. On the other hand, isn't two or more people working towards a common goal a group? How do you hope to fight evil governments without anyone else helping out?

[killwater]

I only used the word join after killwater wrote that you can't interact with others without becoming part of their group.

Well I was referring to you writing of "befriending the rival group of thugs if there is any hope that I will end better off". Befriending is quite a peculiar type of interaction suggesting more than just hiding behind someones back.
And unfortunately in such situations it is like that - let me cite the classic from 2001: "You're either with us or against us". This was addressed to friends - particularly allies of one of the mightiest nations ever.
In soviet union if you did not join the best economic system ever you were arrested, beaten and imprisoned or simply executed...

[Ters]

Well I was referring to you writing of "befriending the rival group of thugs if there is any hope that I will end better off". Befriending is quite a peculiar type of interaction suggesting more than just hiding behind someones back.
And unfortunately in such situations it is like that - let me cite the classic from 2001: "You're either with us or against us". This was addressed to friends - particularly allies of one of the mightiest nations ever.
In soviet union if you did not join the best economic system ever you were arrested, beaten and imprisoned or simply executed...

It is rather naive to think that a group of thugs would help me without something in return. But I was making a rather simplistic argument against a rather simplistic statement. In reality, there are lots of aspects to consider, and things are not black and white. No decision without drawbacks. Some choices might also seem wise at the time, but not in hindsight. Unfortunately, one cannot wait for the hindsight to make a decision. One has to make the best of the situation given the options and knowledge at the time. Sometimes even hindsight can not tell whether a choice was right. We have no idea of knowing how things would have turned out if the United Kingdom (and eventually the other Western Allies) didn't put their hatred against the Soviet union on hold for a few years. Nor may we ever know the consequences of not introducing GDPR, to try to bring this back to the topic at hand, rather that some unanticipated derailment about hyperbolic metaphors/analogs in unwittingly brought up.

[jamespetts]

Nobody (other than you) was suggesting that any interaction with a person means joining a group, nor that "things are black and white" (whatever exactly you mean by that). The point is rather that your purported justification of serious malevolence (viz/ that it might somehow deal with some other malevolence) is invalid at the most fundamental level, since, by definition, no malevolence can ever be justified. Since you have not purported to raise any argument to the effect that the authoritarian extremism constituted by the GDPR is not, in fact, malevolent, it is perfectly proper to reject entirely your defence of this totalitarian edifice.

A generalised assertion that life is complicated, that one does not have perfect hindsight, or that things are unpredictable (or any combination thereof) is logically incapable of being an argument that any specific thing is not malevolent, or indeed, for or against any specific thing at all.

[Isaac.Eiland-Hall]

My humble opinion on this subject is that, at this time, I think it's probably okay if we "fly under the radar" and not worry too much about it. I would recommend we all keep an ear open, though, for any news about organizations that resemble ours to know if we're in the clear or if we should worry about it.

[An_dz]

In any case I'm already working on a page for it. It's almost complete just working on the last wording and checking if I missed anything.

[An_dz]

https://www.simutrans.com/privacypolicy/

Here's our privacy policy, I'll later add links here on the forums and on our main pages.