Europe has issued a new unified set of rules about privacy.
http://europa.eu/rapid/press-release_MEMO-18-387_en.htm
There are millions of web sites with "private" information. Some
show for example a link to uncles, siblings or nephews. If the
web site is in Europe, then the web site can be sued. Prepare to
see disappear millions of web sites...
On 24/05/18 15:28, Denis Beauregard wrote:
Europe has issued a new unified set of rules about privacy.
http://europa.eu/rapid/press-release_MEMO-18-387_en.htm
There are millions of web sites with "private" information. Some
show for example a link to uncles, siblings or nephews. If the
web site is in Europe, then the web site can be sued. Prepare to
see disappear millions of web sites...
It's a good deal more nuanced than that.
1. GDPR only applies to persons resident in the EU. To be resident
there one has to be alive. My understanding is that it has /always/
been best practice not to put details of living people onto genealogical >sites without their permission. At the very least this is a matter of
common courtesy.
2. It doesn't apply to statutory information. That includes civil >registration data.
3. The first recourse of an EU resident is to contact the site to
require a take-down of the data. That's not the same as sueing.
4. If the site doesn't respond it's up to the relevant local data
regulator to take action. If they're not satisfied with the response
they can issue fines. That's not the same as being sued either.
5. It doesn't matter where the web-site is located, it matters where the
data subject is resident.
That's a brief overview of the issues raised in Denis's post. There's a
lot of other detail such as defining Data Controllers, Data Processors
and their roles and responsibilities.
To quite a large extent the provisions of the regulation were present in
the previous directive and in individual countries' legislation. The >difference between a directive and a regulation in the EU is that the
former has to be enacted by local legislation while the latter is
EU-wide legislation in itself. The regulation, however, closes a number
of loopholes (e.g. you can't make provision of a service conditional on
the provision of excessive data or on the provider's being able to use
data more widely than needed to provide the service) and it increases
fines to a level that should grab the attention of the boards of even
the largest corporations.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 77:42:13 |
Calls: | 6,658 |
Calls today: | 4 |
Files: | 12,203 |
Messages: | 5,332,838 |
Posted today: | 1 |