Computers & Electronics

What is up with all of the privacy update emails of late?

  • Last Updated:
  • May 29th, 2018 6:57 pm
[OP]
Deal Addict
Nov 3, 2008
1555 posts
312 upvotes

What is up with all of the privacy update emails of late?

Lately I have gotten so many emails regarding privacy policy updates. Is there new rules going into effect?
17 replies
Member
User avatar
Oct 6, 2006
340 posts
156 upvotes
European Union passed a law that has to deal with EU citizens' right to know what the data that any site is collecting is being used for.. plus websites have to explicitly ask the user for consent to collect data from said user

This applies to all EU citizens worldwide. Any company found guilty or non complaint can face severe fines.

So a sole of the companies built it into their privacy policies, changed site headings add and so on.

This is like cliff notes of what the law actually is.
:twisted: May your wallet R.I.P :twisted:
Deal Fanatic
User avatar
Mar 28, 2005
5037 posts
715 upvotes
Ontario / Quebec
Was about time a strong law like that came into effect.
I wish it was global - I'm sick and tired of being the "product" many of these companies peddle.
Deal Addict
User avatar
Apr 18, 2009
3330 posts
617 upvotes
Toronto
can the EU go after a forum in canada for fines?

i dunno of a good example....cant use rfd coz its owned by yellowpages which has a wider presence

maybe lets take ncix (assuming they are still alive), if they dont comply, how can EU go after ncix for fines when ncix is outside of EU?
Deal Fanatic
User avatar
Mar 28, 2005
5037 posts
715 upvotes
Ontario / Quebec
NCIX, as an example, could just block access to their site from any IP address located within the EU.
That's what some US companies have done until they figure out how to handle this.

I'm a member of a few European forums and they are all handling this in stride.
There is a lot of misinformation floating around out there about this law - if a company handled your personal information like I think they should have - there is nothing different a company actually has to do other than update their privacy policy to reflect what the law states (and what they sjould have been doing all along)

The only item in the law I think a lot of companies and forums run afoul on is their automatic opt-in.
That is no longer allowed - a user has opt-in and provide concent rather than the user having to opt-out.

In summery what I read:

1. Request for consent must be obvious - not buried in fine print on some back page
2. "Pre-tick" (or automatic opt-in) can no longer ne used
3. Cannot ask for additional personal information to access additional features
4. Users are able to access their personal information that a site has on record
5. Users can have any personal data that is wrong, corrected
6. Users can have any personal data deleted unless the company can prove that it's absolutely needed
7. Data has to be kept safe
8. Any date breaches require notification to the users and authorities within days/weeks (I think it was max 2 weeks) of being found out
Sr. Member
Nov 6, 2015
686 posts
283 upvotes
Guelph, ON
krs wrote:
May 27th, 2018 10:55 am
Was about time a strong law like that came into effect.
I wish it was global - I'm sick and tired of being the "product" many of these companies peddle.
That's the price you pay for "free" services. The alternative is to pay $$ to somebody.
Deal Addict
User avatar
Apr 18, 2009
3330 posts
617 upvotes
Toronto
krs wrote:
May 27th, 2018 11:48 am
NCIX, as an example, could just block access to their site from any IP address located within the EU.
That's what some US companies have done until they figure out how to handle this.

I'm a member of a few European forums and they are all handling this in stride.
There is a lot of misinformation floating around out there about this law - if a company handled your personal information like I think they should have - there is nothing different a company actually has to do other than update their privacy policy to reflect what the law states (and what they sjould have been doing all along)

The only item in the law I think a lot of companies and forums run afoul on is their automatic opt-in.
That is no longer allowed - a user has opt-in and provide concent rather than the user having to opt-out.

In summery what I read:

1. Request for consent must be obvious - not buried in fine print on some back page
2. "Pre-tick" (or automatic opt-in) can no longer ne used
3. Cannot ask for additional personal information to access additional features
4. Users are able to access their personal information that a site has on record
5. Users can have any personal data that is wrong, corrected
6. Users can have any personal data deleted unless the company can prove that it's absolutely needed
7. Data has to be kept safe
8. Any date breaches require notification to the users and authorities within days/weeks (I think it was max 2 weeks) of being found out
i guess my question is, lets say NCIX decides to be a prick and not do anything about it (not even blocking EU IP addresses). how is the EU able to chase after NCIX for fines in the first place?

and will china sites like aliexpress give a crap about all this?
Sr. Member
Dec 14, 2004
731 posts
60 upvotes
Waterloo
chroma_cg wrote:
May 27th, 2018 11:08 am
can the EU go after a forum in canada for fines?

i dunno of a good example....cant use rfd coz its owned by yellowpages which has a wider presence

maybe lets take ncix (assuming they are still alive), if they dont comply, how can EU go after ncix for fines when ncix is outside of EU?
Potentially yes. Country of incorporation has nothing to do with applicability of the law. If you are collecting personally identifiable data it is likely that you have to take some sort of action. Even lawyers are still trying to figure out what compliance means on a case by case basis.
Newbie
Apr 17, 2018
4 posts
Ontario
chroma_cg wrote:
May 27th, 2018 1:19 pm
i guess my question is, lets say NCIX decides to be a prick and not do anything about it (not even blocking EU IP addresses). how is the EU able to chase after NCIX for fines in the first place?

and will china sites like aliexpress give a crap about all this?
NCIX no longer exists.
Deal Fanatic
User avatar
Nov 21, 2002
8274 posts
1386 upvotes
Winnipeg
mre wrote:
May 27th, 2018 1:44 pm
Potentially yes. Country of incorporation has nothing to do with applicability of the law. If you are collecting personally identifiable data it is likely that you have to take some sort of action. Even lawyers are still trying to figure out what compliance means on a case by case basis.
could they? I wager probably not if ncix does not offer services to the eu or globally or in any way targets eu members. That way ncix its not in violation of international law and couldn't be enforced.If it says only ships to us and canada and mexico for instance then sol. Technically the key word is "eu member" and "can only be enforced if applies to international law"
Kinda like when the site says does not ship to quebec etc.
http://www.thesuburban.com/news/city_ne ... 965b1.html

In that situation it was to avoid viloating Quebec language law by simply not doing business with them.
Deal Fanatic
User avatar
Mar 28, 2005
5037 posts
715 upvotes
Ontario / Quebec
Yeah,

Lit Bain et au-delà

just doesn't have the same ring to it Face With Tears Of Joy

Top