Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Friday June 01 2018, @12:56AM   Printer-friendly
from the will-it-also-reduce-spam-across-the-pond? dept.

Wilbur Ross, the US commerce secretary has penned an opinion piece about GDPR in the Financial Times[Paywalled, but a search on quoted text is fruitful. -Ed.]

In short, GDPR is unclear -- "guidance on GDPR implementation is too vague" -- will create barriers to trade -- "serious, unclear legal obligations for both private and public sector entities, including the US government", could threaten public welfare on both sides of the Atlantic, delay the approval of new life-saving drugs and prevent the effective treatment of epidemics like Ebola.

[...] We do not have a clear understanding of what is required to comply, the commerce secretary sighs.

And then Whois.

GDPR also raises concern for law enforcement and intellectual property rights by restricting access to publicly available internet domain-name registration data. We anticipate companies will either stop providing "Whois" lookup services outright, or make it hard to access information. That could stop law enforcement from ascertaining who is behind websites that propagate terrorist information, sponsor malicious botnets or steal IP addresses.

Finally, secretary Ross dropped an interesting note, about the US Postal Service no less. Tantamount is that "the new rules will prevent EU postal operators from providing the personal data on individuals it needs to process inbound mail."

Assuming the commerce secretary isn't talking about name and address: what other personal information is required?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by quietus on Friday June 01 2018, @08:42AM (6 children)

    by quietus (6328) on Friday June 01 2018, @08:42AM (#687155) Journal

    Forbes.com now claims to conform to GPDR.

    On its welcome screen, If you click the "Continue to site" button, you consent to Forbes' use of all kinds of tracking techniques. If you click on the "More information" button, however, you suddenly get to select which cookies you'll be willing to allow (required, functional, advertising).

    If you only select the required cookies, there's a button "Advanced settings" where you again have to out-select the other types of cookies (functional, advertising). Submit your preferences and you get a screen stating We are processing your request to optin/opt-out of receiving targeted ads. Your web activity will no longer be used for targeted advertising by the companies. That takes quite a while (a few minutes). Then you're presented with a screen

    We really want you to experience the full power of Forbes.com. To do so, we ask our visitors to consent to cookies so that we can provide a personalized experience. We hope you reconsider and opt-in. If you’d like to change your preferences click here.

    .

    Clicking on the button underneath, however, transports you back to the second screen from the start, stating that some opt-outs failed due to timeout, and please try again.

    You can repeat that endlessly, apparently; and each time about two-hundred-thirty (230) requests are sent out.

    I imagine there's a big smirking grin on the face of some javascript programmer in Forbes.com' IT department.

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Friday June 01 2018, @10:20AM (3 children)

    by Anonymous Coward on Friday June 01 2018, @10:20AM (#687176)

    I imagine there's a big smirking grin on the face of some javascript programmer in Forbes.com' IT department.

    Malicious compliance is still compliance. I expect we'll see more of this, assuming the 40% EU advertising falloff figure I saw the other day was legit.

    • (Score: 3, Interesting) by Anonymous Coward on Friday June 01 2018, @10:47AM

      by Anonymous Coward on Friday June 01 2018, @10:47AM (#687182)

      Malicious compliance is still compliance.

      Not in Europe. Our regulators get really pissed off at stuff like that, and they're likely to hit you with a bigger fine than if you just didn't do anything. AFAIK, most regulations have provisions that allow for dropping that particular (sledge)hammer.

      If they don't get their shit together, Forbes may be in for some hilarious revelations. Well, hilarious for me. :D

    • (Score: 1, Informative) by Anonymous Coward on Friday June 01 2018, @10:16PM (1 child)

      by Anonymous Coward on Friday June 01 2018, @10:16PM (#687474)

      But an opt-out system is not compliant, malicious or not. Quoting recital 32 [gdpr-info.eu], which provides rationale for article 7 [gdpr-info.eu]:

      Consent should be given by a clear affirmative act [..] This could include ticking a box when visiting an internet website, choosing technical settings for information society services [..] Silence, pre-ticked boxes or inactivity should not therefore constitute consent

      • (Score: 0) by Anonymous Coward on Saturday June 02 2018, @04:39PM

        by Anonymous Coward on Saturday June 02 2018, @04:39PM (#687727)

        > Silence, pre-ticked boxes or inactivity should not therefore constitute consent

        #MeToo

  • (Score: 3, Insightful) by Justin Case on Friday June 01 2018, @01:02PM

    by Justin Case (4239) on Friday June 01 2018, @01:02PM (#687216) Journal

    On its welcome screen

    Anyone who believes there is such a thing as a "welcome screen" doesn't understand how the web works.

    Which, I grant you, is just about everybody, including over half of "web developers".

  • (Score: 0) by Anonymous Coward on Friday June 01 2018, @04:16PM

    by Anonymous Coward on Friday June 01 2018, @04:16PM (#687294)

    Or, websites could just look for and respect the "DoNotTrack" setting that browsers can be configured to send these days. It would be much easier overall for both sides. But, no... we have to choose the hard, complicated, "bad" way. :(