Recent Topics

General Data Protection Regulation (GDPR, resp. DSGVO) - planned features?

Started by on Jul 26, 2017 – Contents updated: Nov 08, 2017

Jul 26, 2017 22:07    

Hello,

on 25th of May 2018 I - like others who .e.g. own a b2e blog/forum etc. - have to fulfill the GDPR. Two of the relevant principles are: Portability and Delivering Information about stored private data.
In case a member of the community asks for all her personal data stored, I should be able to deliver the information within short. I have to by GDPR. Now it would be great to have a feature that extracts all member related data, printed in a structured form an - in case the information is extensive also zipped. GDPR demands full information. To do this manually would be very time intensive, esp. if there will be several requests.

If a member wants to quit she has the right to take away all her data stored, also all published posts or drafts. To answer to such requests a feature would be great - because all who lives in EU have to execute such requests. Also in these cases a feature (analogous to those mentioned above) would be great.

The ability to act according to GDPR is necessary to prevent oneself from high penalties.

In hope
Will

PS: I am sorry that I can not contribute such features. I am a user no developer. But I can join a group who tries to cope the challenges by GDPR.

Jul 27, 2017 09:17

I though the cookies consent was annoying, then now we have this :(

This regulation goes a bit far from just data export features, so making b2evolution fully compliant would require a huge effort.

There is a lot of documentation on this subject. These documents summarize the key points of the regulation:

Also a checklist for organization compliance:

I would like to find a pure technical compliance checklist. If you find more info about it, please share.

Thank you.

Jul 27, 2017 09:40

@fplanque @mgsolipa - gdpr and eu-privacy (that is planned to go live also on May 25th 2018) cause huge efforts and work to stay save. I'll keep my eyes on this and share if I find a technical compliance checklist. (I fear, that for the first there will come up only aproximate lists. The practice (also in cases of legal proceedings) will show the real far-reaching consequences.
@mgsolipa thanks for sharing the links

Jul 27, 2017 10:02

Before a technical list it's important to find a legal scope of exactly who is required to provide the info. It may not apply to every individual blogger.

Reminder: 90% of the sites that display a "EU cookie consent" warning are not actually required to do so. Session/login cookies do not need to be disclaimed.

Jul 27, 2017 10:53

@fplanque attached you'll find the last proposal to the EU Policy Regulation - There will be some minor adaptions to business demands, but in its core it will stay this way. The proposal contains background information and further insights to what is included by this regulation.

the cookie banner will probably no longer be needed in future, because e.g. browser will - according to the principle of Privacy by Design - block all cookies by default and the user has to activate each she accepts. But as you pointed out, session cookies will not be affected. Third Party Cookies will stay in focus and some plugins in b2e may use additional Cookies (YouTube, Facebook … ). But Cookie Consent is only a part of the regulations.

Every blog/ forum owner who e.g. allows registration faces the challenges of these regulations.

Offering b2e as compatible with GDPR and EU-Privacy (2018) could really become a USP (All have to, but those who come up with first will take it. Many others will hesitantly adapt regulation only after some collusions that will force this.)


Attachments:

Nov 08, 2017 10:45

hello @mgsolipa and @fplanque,

want to ask again towards GDPR and ways b2evolution will deliver processes to handle accordingly.

Greetings, Will


Form is loading...

multiblog – This forum is powered by b2evolution CMS, a complete engine for your website.