vBulletin and GDPR

Discussion in 'vBulletin' started by zappaDPJ, May 16, 2018.

Tags:
  1. zappaDPJ

    zappaDPJ Administrator

    6,414
    1,342
    +4,824
    I'm starting to think GDPR might be the final nail in the vb4/5 coffin.

    There are still a lot of forum owners running those versions. What have you been able to do to comply with GDPR other than update your policies?
     
  2. BirdOPrey5

    BirdOPrey5 #Awesome

    4,126
    912
    +1,674
    I haven't done a damn thing (on my forums) because I am not a subject of the EU.
     
    • Like Like x 2
    • Funny Funny x 1
    • Winner Winner x 1
    • List
  3. feldon30

    feldon30 Adherent

    383
    132
    +405
  4. Brad

    Brad Meh

    6,094
    1,177
    +1,305
    Still go back to watch this and laugh :)

    Sadly RT has the best version. No idea if they run ads.

     
    • Like Like x 1
    • Funny Funny x 1
    • List
  5. feldon30

    feldon30 Adherent

    383
    132
    +405
    "You all have never worked a day in your lives."
     
  6. MarkFL

    MarkFL La Villa Strangiato

    1,135
    522
    +1,647
    Same here. They can come get me. :)
     
    • Like Like x 2
    • Winner Winner x 1
    • List
  7. we_are_borg

    we_are_borg Moderator

    4,725
    807
    +1,863
    Well they won’t, but they can order banks not to do business with you. Meaning that you can’t pay or collect money from European countries.
     
  8. MarkFL

    MarkFL La Villa Strangiato

    1,135
    522
    +1,647
    We don't take money from anyone. We offer free math help, and no premium memberships, no ads. Just a bunch of nerds helping students. :)
     
  9. we_are_borg

    we_are_borg Moderator

    4,725
    807
    +1,863
    Well people outside of the EU can only be fined in three ways i know off. The first is that you cant do any payment or receive any money from the EU. Second is that when convicted that an arest warrant will go out, so when you travel to EU well you get the idea, maybe countries that have treaties with EU to. The third is that some how if you live in a country that have a treaty that the EU can ask to up hold the punishment from EU in your country.

    I know they have these options but never heard they used this in these sort of cases.
     
  10. BirdOPrey5

    BirdOPrey5 #Awesome

    4,126
    912
    +1,674
    1) If EU people can't get money to me then they have the problem, not me. I don't need their money.
    2) LOL
    3) Bigger LOL.

    Why does the EU think they can dictate how I do things when I neither live nor have a presence (beyond a website accessible to the world) in an EU nation? If the EU doesn't want its citizens using my website then they can censor the internet so my sites aren't accessible - which is coming by the way. My grandfather didn't get shot by Nazi's 73 years ago so his grandkids would have to yield to the whims of a German chancellor. I hope Trump starts charging the EU for America's protection because Europeans would stop wondering why America has to spend so much on defense instead of healthcare or whatever pet project of the year for without a country like the United States and its military budget to protect them from Russia and others would happily take over with no fear of US retaliation.
     
  11. we_are_borg

    we_are_borg Moderator

    4,725
    807
    +1,863
    Well we do need need you there is always some one else or some one better. But what you forget is that it counts both ways if you want something from EU soil you have bad luck at that point. Else who cares what country does what.
    As for 2 and 3 that's how it can work but like i said never heard anything being used but if you visit the EU and you have an arrest warrant against you you can be transferred to that EU country to under go the punishment you where convicted to. This would be the same thing if i did something in the US if i set foot on US soil i could be arrested. Three is when you have a international arrest warrant against you if you travel to a country that has an extradition treaty you can be transferred to the country in question this is being used often in some cases even the US uses this trick because people do not expect it.

    We can ask the same question why do we need to follow US rules like COPPA or DMCA its US law not EU law. Same with POTUS atm he does not want the deal with Iran but he expect us that our companies on EU soil obey the US law and don't do business with them.

    And this thread toke to long because we have now Nazi's in it, please leave them out has nothing to do with the GDPR or with law or treaties.
     
    Last edited: May 17, 2018
  12. BirdOPrey5

    BirdOPrey5 #Awesome

    4,126
    912
    +1,674
    You probably follow the laws because you're not 100% sure if your country wouldn't extradite you. But it's a good question. Why do you follow those laws?
     
  13. djbaxter

    djbaxter Tazmanian Veteran

    10,483
    917
    +457
    What is it you think vBulletin should be doing, or vBulletin forums should be doing, other than updating their policies? As I read it, primarily all GDPR requires is an update to privacy policies and cookie policies specifying what data is collected, how that data is used, and how users can have personal identifying data removed is requested.

    I don't see this as specific to vBulletin in any way.

    Have you looked at the Xenforo GDPR update?
     
  14. Alfa1

    Alfa1 Moderator

    3,573
    1,202
    +2,499
    I completely agree with you. At the same time the US has been imposing US laws on EU citizens at least since GWB signed the patriot act into law. In this perspective it took the EU quite long to start imposing laws the other way around. I strongly disagree with any country that imposes their laws on citizens of another country.

    \
    This is explained by the WP29 guidelines on consent and transparency. it details exactly what should and should not be there in terms of functionality.
    http://ec.europa.eu/newsroom/article29/news.cfm?item_type=1360

    Some highlights:
    1. explicitly ask for consent in terms of rules and privacy.
    2. when changes occur ask for renewed consent.
    3. log who agreed to exactly what and when. This implies versioning or another way of showing what was agreed to.
    4. export personal data.
    5. show what personal data you have.
    6. tools for the right to be forgotten.
    7. if any automatic profiling is used (infractions, warnings, automatic demotions, crowd moderation, etc) people have a right to be informed.
    The above are some highlights as I understand them. While I do have a background in legal work and I have consulted a lawyer on the GDPR, I am in no means a lawyer nor do I have any expertise on the matter. There are more points of interest to consider.
     
    • Like Like x 1
    • Agree Agree x 1
    • Informative! Informative! x 1
    • List
  15. BirdOPrey5

    BirdOPrey5 #Awesome

    4,126
    912
    +1,674
    I don't know what GWB signed into law you follow. An argument can be made for COPPA it's for protecting children- in general decent people across the world want to protect children, though had I not been a US citizen I wouldn't have felt compelled to follow it to the letter so long as I was confident I was protecting children. DMCA I again suppose EU wants equivalent protections for IP created by its citizens.
     
  16. djbaxter

    djbaxter Tazmanian Veteran

    10,483
    917
    +457
    Xenforo's take:

    Upcoming changes for GDPR compliance in XF1 and XF2 | XenForo community

    If you block registrations from the EU, you can ignore their GDPR legislation, at least until your country creates its own version.

    If you don't, you can I suppose still ignore GDPR if you want to argue that the GDPR has no jurisdiction for the locale where your forum is hosted and owned. Of course, you may have to put up with a lot of bitching and moaning from overseas members.
     
  17. zappaDPJ

    zappaDPJ Administrator

    6,414
    1,342
    +4,824
    It's become specific to vBulletin insofar as it is now the only forum platform I'm aware of that doesn't have the functionality (in-built or as an add-on) required to fully implement the regulations.

    I have seen the xenForo GDPR update, it appears to contain most if not all the functions needed to be compliant.

    As @Alpha1 detailed above, these regulations require more than just a policy statement, they require site owners to implement positive action opt-ins, event records and other functionality currently not present in any of the vBulletin versions. That said it may be possible to use custom fields to provide some minimal level of compliance.

    What I'm really interested in is to hear from vBulletin forum owners who have had to implement GPDR. I fully understand why forum owners residing outside of the EU are ignoring GPDR but unfortunately some of us can't. The stakes are too high, even for someone running a small hobby forum.

    If your site is compromised or a disgruntled user to makes a valid complaint to the regulator you are taking a step into the unknown which may well amount to nothing but could in theory be quite damaging financially, especially so if your forum is commercial in nature.
     
  18. Paul M

    Paul M Dr Pepper Addict

    3,757
    1,127
    +2,085
    I'll just say again.

    I really dont think anyone is going to care about a few little hobby forums.
    Just the same as the cookie consent thing a few years ago, its not worth their time and effort.

    This is aimed at big sites, like your facebooks of the world.
     
    • Like Like x 2
    • Agree Agree x 1
    • List
  19. we_are_borg

    we_are_borg Moderator

    4,725
    807
    +1,863
    The only problem being with this is that users of our site are the once that can report you when you do not follow GDPR.
     
  20. zappaDPJ

    zappaDPJ Administrator

    6,414
    1,342
    +4,824
    I'd argue that it's aimed at everyone collecting personal data but I agree the main focus in terms of enforcement and sanctions is likely to be on the larger data holders.

    I think it's worth pointing out that the regulations contain a long list of sanctions which range from warnings and reprimands to financial penalties. I suspect small hobby sites would have to do something pretty bad to get more than a warning or reprimand.
     
Verification:
Draft saved Draft deleted
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.