1. Home
  2. Categories
  3. Side Bar WTF
  4. The Official GDPR Lawsuit thread

The Official GDPR Lawsuit thread

  • dfdub

    @Benjamin-Hall
    That's a nice rant, but not really a reply to my posts.

    And while I agree with you to some degree, using this rant as an argument for homeschooling requires assuming that the accountability problem isn't fixable and that burnt-out parents don't exist.

    0 Benjamin Hall 1 Reply
  • Benjamin Hall

    @dfdub it's not a rant for anything. Merely pointing out that shoving everyone through a horribly broken system hurts lots of kids. I see a role for many different systems--no need for a one size fits none public-only mandate. Public, private, charter, home, co-op, etc. There's a place for all of them

    6
  • boomzilla
    ♿ (Parody)

    @Captain said in The Official GDPR Lawsuit thread:

    @AyGeePlus said in The Official GDPR Lawsuit thread:

    'We won but we're mad about it' doesn't make sense anywhere.

    Doesn't make sense, but tell that to all the cons who got their precious PATRIOT Act and now listen to conspiracy theories on the radio.

    Hey, that's not fair. We also get them on cable just like the libs.

    6 djls45 1 Reply
  • djls45

    @boomzilla said in The Official GDPR Lawsuit thread:

    @Captain said in The Official GDPR Lawsuit thread:

    @AyGeePlus said in The Official GDPR Lawsuit thread:

    'We won but we're mad about it' doesn't make sense anywhere.

    Doesn't make sense, but tell that to all the cons who got their precious PATRIOT Act and now listen to conspiracy theories on the radio.

    Hey, that's not fair. We also get them on cable just like the libs.

    Haha, LOL! Joke's on the rest of you! I don't have cable. :tinfoil-hat: 🍹

    6
  • Rhywden

    @djls45 said in The Official GDPR Lawsuit thread:

    @Rhywden said in The Official GDPR Lawsuit thread:

    @Gąska The point is that this argument about "choice" is a really bad one because the one person for whom the choice actually matters doesn't get to choose in your scenario.

    So please don't act as if it's a good argument that you're choosing for someone else.

    Um, isn't that the whole role of parenthood? To choose things that are (hopefully) beneficial for someone else?

    Yes, but then don't try to paint it as "now you have a choice!" because the one who is the subject of said choice actually doesn't get to choose.

    It's a bit weird - because the end effect will always be that someone else did the choice for the kid.

    0 boomzilla hungrier 2 Replies
  • boomzilla
    ♿ (Parody)

    @Rhywden said in The Official GDPR Lawsuit thread:

    @djls45 said in The Official GDPR Lawsuit thread:

    @Rhywden said in The Official GDPR Lawsuit thread:

    @Gąska The point is that this argument about "choice" is a really bad one because the one person for whom the choice actually matters doesn't get to choose in your scenario.

    So please don't act as if it's a good argument that you're choosing for someone else.

    Um, isn't that the whole role of parenthood? To choose things that are (hopefully) beneficial for someone else?

    Yes, but then don't try to paint it as "now you have a choice!" because the one who is the subject of said choice actually doesn't get to choose.

    No, that's silly. Obviously he was was referring to the parents as "you."

    It's a bit weird - because the end effect will always be that someone else did the choice for the kid.

    I'm not seeing what's weird here. Yes, it's a parent's duty to make lots of choices for kids.

    8
  • hungrier

    @Rhywden Well yeah, that's a big part of parenting. Kids would choose to eat candy for dinner and watch Annoying Orange instead of learning math.

    5 Rhywden 1 Reply
  • Rhywden

    @hungrier Yeah, but we don't sell it as a big plus that the parents get to choose between, say, a banana or an apple.

    0 Mason_Wheeler boomzilla 2 Replies
  • Mason_Wheeler

    @Rhywden You don't have to commit to exclusively bananas or apples.

    3 Rhywden 1 Reply
  • Rhywden

    @Mason_Wheeler You're kind of missing the point there.

    0 djls45 1 Reply
  • djls45

    @Rhywden So, to the point, then:
    Why do you think children should be allowed to make their own decisions concerning their education?

    Or, are you just complaining about people calling for students' choice when they really mean parents' choice? In which case, whose strawman are you burning?

    6
  • boomzilla
    ♿ (Parody)

    @Rhywden said in The Official GDPR Lawsuit thread:

    @hungrier Yeah, but we don't sell it as a big plus that the parents get to choose between, say, a banana or an apple.

    But we do when it's between a banana and a Twinkie.

    2 Luhmann 1 Reply
  • Luhmann
    BINNED

    @boomzilla
    Probably because Twinkies are fake food

    1 jinpa 1 Reply
  • topspin
    BINNED

    @levicki you can also survive the zombie apocalypse on twinkies.

    https://www.youtube.com/watch?v=-7bHmuJ5iZQ

    4
  • izzion
    I survived the hour long Uno hand

    @levicki said in The Official GDPR Lawsuit thread:

    @Luhmann said in The Official GDPR Lawsuit thread:

    @boomzilla
    Probably because Twinkies are fake food

    Hey, but I saw John McClane survive Nakatomi terrorist attack and kick a lot of ass after he ate a 1,000 year old Twinkie! 🚎

    Are you suggesting that Twinkies are the official food of Christmas? 🤔

    2
  • jinpa

    @Luhmann said in The Official GDPR Lawsuit thread:

    @boomzilla
    Probably because Twinkies are fake food

    You say that like it's a bad thing.

    0
  • I

    It still bewilders me that GDPR can be enforced outside of the European Union. It's not law anywhere else in the world, and by using a foreign based service, you technically agree to be bound by the governing law of both your own country and the country where the service is hosted. Unless the service provider has a physical or corporate presence within the EU, then how can they be penalized for breaking the law of a foreign country.

    North Korea has many laws which are broken by every foreign national every day, I mean, I don't have a state approved haircut (although I hear "Bald" is allowed, so I'll be in compliance soon), I watch forbidden western media, and always forget to pledge my allegiance to the leader. How come I'm not being extradited to a North Korean internment camp?

    What jurisdiction does the EU have over countries like the US, Canada, Australia and NZ? Even if their citizens are residing there?

    Update: No, apparently I was wrong. Going bald is punishable by death in North Korea. Better get myself a wig LOL.

    2 Vixen Rhywden topspin 3 Replies
  • Vixen

    @idzy said in The Official GDPR Lawsuit thread:

    Update: No, apparently I was wrong. Going bald is punishable by death in North Korea.

    Anyone else suddenly have the urge to find a djinn and wisht that everymale in that country that is is a position of power was always bald?

    2
  • Rhywden

    @idzy said in The Official GDPR Lawsuit thread:

    It still bewilders me that GDPR can be enforced outside of the European Union. It's not law anywhere else in the world, and by using a foreign based service, you technically agree to be bound by the governing law of both your own country and the country where the service is hosted. Unless the service provider has a physical or corporate presence within the EU, then how can they be penalized for breaking the law of a foreign country.

    That's the wonders of commercial law: If you offer a service to someone you're bound to the laws of the country the recipient resides in. You got it the wrong way around.

    I also have to wonder why you're only now wondering about this: "Content not available in this country" has been a thing for decades now.

    Also: The GDPR is comparatively harmless to what your Chinese Overlords make you bow down to. I mean, the GDPR is basically: "Don't pull a fast one with personal data and everything will be fine."

    2 hungrier ObjectMike I Unperverted Vixen 5 Replies
  • hungrier

    @Rhywden "And also force visitors to acknowledge that they're being cookied every timethey visit your site"

    2 Gąska I dfdub 3 Replies
  • topspin
    BINNED

    @idzy said in The Official GDPR Lawsuit thread:

    How come I'm not being extradited to a North Korean internment camp?

    Lack of extradition treaties.

    3
  • ObjectMike
    Trolleybus Mechanic

    @Rhywden said in The Official GDPR Lawsuit thread:

    I also have to wonder why you're only now wondering about this: "Content not available in this country" has been a thing for decades now.

    I'm pretty sure almost all, if not all, of those types of restrictions are based on contracts with the media companies and their markets.

    2 Gąska 1 Reply
  • Gąska
    Banned

    @hungrier said in The Official GDPR Lawsuit thread:

    @Rhywden "And also force visitors to acknowledge that they're being cookied every timethey visit your site"

    Actually, this one predates GDPR by almost a decade. What GDPR added is "force visitors to acknowledge that you send all data about their activity to the 27845 third-party ad providers".

    I'm still bewildered by just how many third-party entities a single website deals with.

    9 hungrier 1 Reply
  • Gąska
    Banned

    @mikehurley said in The Official GDPR Lawsuit thread:

    @Rhywden said in The Official GDPR Lawsuit thread:

    I also have to wonder why you're only now wondering about this: "Content not available in this country" has been a thing for decades now.

    I'm pretty sure almost all, if not all, of those types of restrictions are based on contracts with the media companies and their markets.

    Yes and no. That each country needs a separate distribution agreement is indeed due to how media companies function internally. But that it's the consumer's country that matters and not the provider's, is a result of international agreement about jurisdiction in e-commerce.

    1
  • hungrier

    @Gąska said in The Official GDPR Lawsuit thread:

    Actually, this one predates GDPR by almost a decade.

    🤔

    I recall seeing browser cookie warnings way back in the early days of the internet, before browser makers realized that was annoying af and stopped doing it. Then after that nothing until a couple years ago when GDPR hit.

    0 Gąska 1 Reply
  • Gąska
    Banned

    @hungrier it was different in Europe.

    0
  • I

    @Rhywden said in The Official GDPR Lawsuit thread:

    the GDPR is basically: "Don't pull a fast one with personal data and everything will be fine."

    Technically yes, and personally I agree with the legislation.

    However from a corporate compliance perspective it's a nightmare, cause you need to track down every "unofficial / skunk-works" project that the sales team have whipped up using Google Forms, that Access Database that one of the director's kids made, legacy systems that have long been forgotten, huge lists of email addresses in a text file on someone's laptop that the Marketing people copy-paste into whatever spam sending service they use. And that's just what I can remember off the top of my head from our GDPR compliance audit.

    That plus the fact that lots of 3rd party software doesn't really support "delete", cause they were too lazy to deal with all the cascades, so the record is only logically deleted. is that still considered purged? Probably not.

    Our ERP system logs every change, who made it, and what the values were changed from and to. So it's not really possible to purge that data without risking breaking a critical line of business application, and the vendor want to charge an arm and a leg for an as yet incomplete upgrade which they claim will do it.

    2 Gąska 1 Reply
  • Gąska
    Banned

    @idzy said in The Official GDPR Lawsuit thread:

    However from a corporate compliance perspective it's a nightmare, cause you need to track down every "unofficial / skunk-works" project that the sales team have whipped up using Google Forms, that Access Database that one of the director's kids made, legacy systems that have long been forgotten, huge lists of email addresses in a text file on someone's laptop that the Marketing people copy-paste into whatever spam sending service they use. And that's just what I can remember off the top of my head from our GDPR compliance audit.

    OMG we have to do things the right way now! Can you believe that!

    9 I 1 Reply
  • I

    @Gąska said in The Official GDPR Lawsuit thread:

    OMG we have to do things the right way now! Can you believe that!

    Hey, I'm not on the board of directors. If I were, none of these shenanigans would have happened in the first place. But when you've got no oversight into what the other thousand or so people in the company have been doing for years before you even started working there, it's not so simple. Plus our management have a fairly libertarian philosophy when it comes to IT policy. They have concluded that any sort of enforcement is an impediment to productivity, so it's something best avoided if you want a decent bonus.

    0 Gąska 1 Reply
  • Gąska
    Banned

    @idzy so you realize doing those things was wrong. I don't understand, then, why you consider making the corporations clean up their mess to be a bad thing. Being hard is not a valid excuse not to do something you (as a company) ought to have done ages ago anyway.

    2 I 1 Reply
  • I

    @Gąska said in The Official GDPR Lawsuit thread:

    I don't understand, then, why you consider making the corporations clean up their mess to be a bad thing

    1. Because I was nominated to lead the project, making me implicitly responsible for any future fu*kups, and the fines for noncompliance are astronomical.

    2. It was a difficult job, with a tight deadline as our leadership wasn't aware of the magnitude of the problems we had, so started quite late.

    3. We have a physical and corporate presence in the EU, so whether or not it's enforceable overseas is a moot point. We needed & need to ensure ongoing compliance.
      I still find compliance issues every week, as we've have had a small number of purge requests from certain customers.

    4. I'm a developer / project manager, not a sysadmin, so the process of liaising with the operations guys is lengthy and often causes friction, because I'm asking them to do things which are moderately difficult, and require them to be completed as a matter of urgency. Sometimes this necessitates pulling rank to get things done, and I'm not someone who likes confrontation. I can do it if I have to, but it's not my natural persona.

    3 Luhmann dkf Rhywden Steve_The_Cynic 4 Replies
  • Luhmann
    BINNED

    @idzy
    So you hate GDPR because of shitty managlement made you head of a shit project that is bound for shit town. Got it.
    Welcome to IT by the way.

    14
  • I

    @Rhywden said in The Official GDPR Lawsuit thread:

    I also have to wonder why you're only now wondering about this: "Content not available in this country" has been a thing for decades now.

    Doesn't everyone use a VPN these days. Even my non-techie friends all have nord on their laptops, tablets and phones.

    0 Gąska 1 Reply
  • Gąska
    Banned

    @idzy said in The Official GDPR Lawsuit thread:

    Even my non-techie friends all have nord on their laptops, tablets and phones.

    Did you tell them afterwards? :trollface:

    4 I 1 Reply
  • I

    @hungrier said in The Official GDPR Lawsuit thread:

    "And also force visitors to acknowledge that they're being cookied every timethey visit your site"

    I cannot stand that. Ironically, most of the time they've already set the cookie(s) by the time you see that popup, so it's completely pointless.
    Plus your Google Analytics ever-cookie has already been sent to the Mountain View chocolate factory before the page even renders.

    1
  • I

    @Gąska said in The Official GDPR Lawsuit thread:

    Did you tell them afterwards?

    Tell them what? There's nothing illegal about it in Australia. If that particular service is compromised or tapped, I don't know about it, and it's extremely well advertised here in the traditional media. They even have ads on most cable channels here.

    Update: OK guess I'm not up with the news. Seems they were hacked. But not in any way that would really compromise some average joe who's downloading torrents and watching US only you-tube videos.
    An ephemeral private key for a single server in Finland was stolen. Who even uses a Finnish endpoint in the first place? HTTPS gives some level of defense in depth, and piecing together torrent downloads, or MPEG-Dash streams isn't easy, and wouldn't be particularly interesting to anyone.

    0
  • dkf
    Discourse touched me in a no-no place

    @idzy said in The Official GDPR Lawsuit thread:

    @Gąska said in The Official GDPR Lawsuit thread:

    I don't understand, then, why you consider making the corporations clean up their mess to be a bad thing

    1. Because I was nominated to lead the project, making me implicitly responsible for any future fu*kups, and the fines for noncompliance are astronomical.

    But would you be the one paying them, and if so, were you also given better compensation given this additional risk exposure you have? If the answer is yes+no, congratulations, you've been nominated as the patsy.

    5 I 1 Reply
  • Rhywden

    @idzy said in The Official GDPR Lawsuit thread:

    1. It was a difficult job, with a tight deadline as our leadership wasn't aware of the magnitude of the problems we had, so started quite late.

    That happens if you don't pay attention for years.

    0 I 1 Reply
  • I

    @Rhywden Yes it does. I joined the company 3 months before this project. It wasn't my oversight.

    0
  • I

    @dkf Unfortunately I have the combined curses of competence, integrity, diligence and passable interpersonal skills. A rare find in the tech biz. So they dropped this ball right in my lap.

    I'm remunerated well and been given a lot of flexibility as I have a young son, and my wife has had to go back to the US to care for a terminally ill relative. So I'm certainly not being exploited. I'm lucky I live in the inner suburbs, so my house is only a 5 minute drive to the office. But caring for a 2 y/o and working a stressful job certainly takes it out of you. He's overdue for potty training, and I just can't take that on right now. I don't want to do it to my son, but I've put an ad out for daytime nanny, it's all I can do, and cost comparable to daycare. Life gives you lemons, lets try and make some tasty lemonade, then mix it with vodka. HAPPY NEW YEAR!!!

    0
  • Steve_The_Cynic

    @idzy said in The Official GDPR Lawsuit thread:

    1. I'm a developer / project manager, not a sysadmin, so the process of liaising with the operations guys is lengthy and often causes friction, because I'm asking them to do things which are moderately difficult, and require them to be completed as a matter of urgency. Sometimes this necessitates pulling rank to get things done, and I'm not someone who likes confrontation. I can do it if I have to, but it's not my natural persona.

    Given what you describe here, I'm inclined to say that you and the job you're doing are not right for each other. I don't say this as an insult, but as a warning. It's not that the job is bad, nor that you are bad, but simply that you and the job don't fit together. Some day, one of those Ops people is going to resist beyond your ability / willingness to push back, and that will end badly for one or the other, or maybe both of you. Make sure that your manager is aware of the problems you're having with them.

    1 I 1 Reply
  • I

    @Steve_The_Cynic said in The Official GDPR Lawsuit thread:

    I don't say this as an insult, but as a warning. It's not that the job is bad, nor that you are bad, but simply that you and the job don't fit together.

    I've been round the globe for a couple of spins now, I know how to look after myself. This role is very well remunerated, and a bit of a career advancement. Having been programming since I was 6 (AmigaBasic was my first language), and one of the 90's era "hackers" (or should I say explorers), this is my passion and no Ops droid with a Cert IV in "Information Technology" will pull the rug from beneath me. Despite my groaning, I'm actually taking this project on with as much enthusiasm as I can muster, and happy to have a relatively senior role, with a lot of visibility to senior management. I'm doing this in addition to my role as principal software engineer for a rather large scale web-app, so I'm working hard, and hoping it pays off. This company is large, but still privately owned, so I'm not yet just a "number".

    0 Steve_The_Cynic 1 Reply
  • dfdub

    @hungrier said in The Official GDPR Lawsuit thread:

    And also force visitors to acknowledge that they're being cookied every timethey visit your site

    If you wanted to, you could easily fix that by just not setting tracking cookies. AFAIK, session cookies and other technical necessities don't require explicit consent.

    4 e4tmyl33t I 2 Replies
  • e4tmyl33t
    sekret PM club

    @dfdub said in The Official GDPR Lawsuit thread:

    If you wanted to, you could easily fix that by just not setting tracking cookies. AFAIK, session cookies and other technical necessities don't require explicit consent.

    But then that would piss off The Advertisers. Mustn't anger The Advertisers. The Advertisers are the alpha and the omega. The Advertisers want to see all and know all.

    6 I 1 Reply
  • I

    @dfdub said in The Official GDPR Lawsuit thread:

    technical necessities don't require explicit consent

    Please describe to the court what exactly a "technical necessity" is?

    Is it a necessity to support your revenue stream and business model? Is it part of the over-complicated JavaScript library you are using? Perhaps an advertising affiliate program, which runs their code before your page even renders?

    The law is supposed to protect privacy, and I believe that the law states that users must consent to cookies (let alone HTML5 Local storage, browser cache tricks, Flash LSOs (I think they may finally be dead, but you can never be sure), window resizing by floating point fractions of a pixel, which don't actually change the rendered size of the browser, but are retained across sessions.

    Facebook, Google, and other players who've engineered "ever-cookie" tech that the average user isn't even aware of, let alone able to erase, which tracks you across virtually every website you visit. That "Thumbs Up" icon passes what looks like encrypted data or a GUID in the GET request.

    The web is a freaking privacy nightmare, if people knew just how much data is being collected they'd promptly defenestrate their device (actually, no they wouldn't, the mob have already proven they don't value their privacy, Facebook have screwed up so many times, yet there is no decline in their user base). I really fear for my son's generation, who'll grow up in a world where this privacy invasion has always been there. I remember an internet before Facebook, where Google wasn't evil and ads were just that, ads. Not a dossier of your online life.

    2 Gąska Rhywden dfdub boomzilla 4 Replies
  • I

    @e4tmyl33t said in The Official GDPR Lawsuit thread:

    The Advertisers.

    Didn't Google already acquire all of them?

    0
  • Gąska
    Banned

    @idzy said in The Official GDPR Lawsuit thread:

    @dfdub said in The Official GDPR Lawsuit thread:

    technical necessities don't require explicit consent

    Please describe to the court what exactly a "technical necessity" is?

    RTFM. It's all there.

    Is it a necessity to support your revenue stream and business model?

    Let me get this straight. Rampant carelessness in data handling and shady business practices are okay in your book as long as... they make money?

    Is it part of the over-complicated JavaScript library you are using?

    It's JavaScript. You could easily remove it if you just wanted to.

    Perhaps an advertising affiliate program, which runs their code before your page even renders?

    See my remark about shady business practices. I seriously doubt how much cursed you are with integrity at this point.

    0 I 2 Replies
  • I

    @Gąska There was a time where Google's slogan was "Don't be evil". That is now ancient history. Business by it's very nature is based on greed, and they'll do whatever it takes to get ahead.

    0
  • I

    @Gąska You've got me all wrong. None of this is right in my book. Nor in my employer's book. But most SaaS providers online have this mentality. It's actually quite difficult to configure a HTTP Server to not push cookies before consent has been given. Yet we manage it.

    4
  • Rhywden

    @idzy said in The Official GDPR Lawsuit thread:

    @dfdub said in The Official GDPR Lawsuit thread:

    technical necessities don't require explicit consent

    Please describe to the court what exactly a "technical necessity" is?

    I'd put it in another way: As soon as you're containing/tracking personal information with a cookie it's subject to GDPR. A shopping cart does not contain personal information on its own and thus does not need consent.

    0 I dfdub 2 Replies
Log in to reply