Hi, can somebody tag the admins as there is no otherwise email or legal address to write to for the forum. I did send one email but I’m not banking on that being responded to or taken on.
So, I would like my account, all data (posts, threads, replies) removed completely as well as all traces of my name / username from this site.
Unfortunately I’ve found that as of late, there is a political bias. When that enters the discussion, one side is very much allowed to speak and the other is having posts removed and that is not fair, open discussion. Posts are also being removed, when ‘problem sentences’ could be removed (proper moderation) as opposed to removing entire responses, crippling discussion or record of discussion how it happened. I am not okay with this and as a result, I want nothing to do with the forum and none of my other potentially valuable history on here to be left to exist either. You either want it all, moderate is fairly / properly or you have none of it.
Please feel free to provide the owner / admin email / contact. If no response within a week I will contact the host company of the website and have legal correspondence sent.
Unfortunate that it has come to this. The forum risks lowering itself to the likes of the MR Forums.
I’m not familiar with GDPR, so forgive my question: Does it control forums across the web where someone joins a site, subject to its terms of service, voluntarily contributes to the service, and then can demand removal of their data? Then if site does not comply, there is a course for legal action to enforce removal that data? Is this how GDPR works?
It’s not lazy moderation. Removing the post is the correct response. Moderation by editing creates a fleet of ethical issues. Keep in mind that if a prior post from another user was the initial problem and needs to be removed, then your post, and others, may be collateral damage because they are without subsequently without context.
Finally, a GPDR request, even on a solid software platform like this, still requires some additional work beyond creating the data bundle. The Admins have to fit this forum in between their real jobs. Moreover, they have 30 days to comply.
Is EU’s GDPR enforceable worldwide, eg enforceable on this forum? And it is legally certain anyone can demand their own posts removed as is requested here? As a courtesy perhaps yes, but legally under penalty of prosecution?
We have a lawyer in our midst. Be good to be enlightened.
Yes, GDPR applies worldwide. Hence why several newspapers in the US still block EU IP addresses from accessing their sites because they either can’t or don’t want to deal with it.
The reality is that as a small forum, it is unlikely that any EU or UK data protection supervisory authority would spend any time on it. That wouldn’t stop someone taking personal claims of failure to comply with the law, but it would likely be very expensive.
I believe you but how does a EU “law” be enforceable worldwide? Seems like over reach to me unless Federal government has a treaty or something. States and cities are not legally allowed to enter into treaties per the US constitution which grants that power to the federal government. I never heard of any treaties but probably my bad.
I have always figured those newspapers and TV stations in USA were just doing it out of misinterpreting the “law” or out of an abundance of risk aversion.
GDPR… There are so many sources out there and available to everybody. This won’t lead to anything good. Is everything somebody has written personal data? No. What is personal data? (From the EC itself) Do I have the right to have everything deleted (even non-personal data) on GDPR claims? No, I only have the right to have my personal data deleted. There are boundaries. Can I ask a company to delete my personal data? (From the EC itself)
As far as I am aware, it is practice that upon a GDPR deletion request in forums/communities that fall under GDPR, the name is being stripped from all of his/her posts (“deleted user” = anonymization ) and the account itself will be deleted. And that should be it.
Is GDPR relevant for a private website in the U.S somebody has paid for out of his pocket with no business involved? I doubt it. FAQ - GDPR.eu
Be it as it may. I already have have crossed some lines here… This topic makes me sad. I am grateful to have this community. It is not something I take for granted. Sometimes, we should remember that this server is not running on its own…
GDPR leads to some fun mind-bending, but the answer to your basic question is yes - the U.S. has treaties to trade with the EU, and the EU in turn has decided that its citizens, whilst physically located in the EU, will be protected from actors outside the EU. There’s various laws that work like this but GDPR is the most fun.
As a U.S. business, it would be your decision as to whether you trade with (and by extension collect personal data on) EU citizens, but as soon as you do you are subject to the relevant EU laws that apply. Hence why some websites simply choose not to engage with EU citizens.
@Christian’s answer above is more detailed, but of course a key point is that it is a choice a business or website makes. No-one is forcing a non-EU business to trade or make its services available in the EU, and no-one is forcing any business to collect personal data. (To be clear, I am making no comment on this forum itself, I am speaking generally about the decisions a business must make when not physically confined by geography.)
When you look at this just in theory (ignore the actual countries), it’s not an unreasonable law and it wasn’t particularly pioneering. It’s basically saying “whilst you’re not physically located here, you are trading with my citizens and in exchange for access to this market I require you to take X steps.” We already did this at physical borders, it just feels weird for GDPR because we’re talking about digital space and personal data.
Actually, it’s rather complex. Removing all your posts will invariably break chains of threads.
Perhaps a more favourable response would be to ask them to remove you and anonymise any posts you made. You’ve made valuable contributions on the forum and removing them would disadvantage forum users who were part of discussions with you.
And that might also be sufficient, considering the EU’s definition of personal data?
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;