Date   

locked Re: EU General Data Protection Regulation

 

On 8 Apr 2018, at 15:47, Ford Amateur Astronomy Club <info@...> wrote:

The fact that Groups.io is hosted outside the EU means nothing as they plan on aggressively perusing any and all companies to make their point. The question is will they go afer Groups.io or the group owner.

Hi Liam,

I’m interested in what evidence you have seen that this is so? I am involved in a number of UK/EU government roundtable departmental meetings (connected with intellectual property) in which the GDPR has come up as a discussion point. I have not heard anything from the EU officials side that they 'plan on aggressively pursuing any and all companies’ as you say.

As a side note, the fact that the UK is leaving the EU won’t make any difference to anything (as far as the UK is concerned) as the EU acquis as it stands will be implemented into UK law (regulations such as the GDPR have direct effect anyway and directives will have been transposed into UK statute).

kind regards

Nick
__

dUNMUR | member of the Association of Photographers


moderated Re: yet another "Likes" request: see all my "Likes" #suggestion

 

Related to that, I would also like to be able to see the Likes by another member. So the feature would display all "Likes" by any member, myself or another member, similar to displaying all posts by that member.
--
J

 

Messages are the sole opinion of the author, especially the fishy ones.

I wish I could shut up, but I can't, and I won't. - Desmond Tutu


moderated yet another "Likes" request: see all my "Likes" #suggestion

 

It would be nice to be able to get a list of all posts I have "Liked." Among other things, it would serve as a sort of bookmark function.
--
J

 

Messages are the sole opinion of the author, especially the fishy ones.

I wish I could shut up, but I can't, and I won't. - Desmond Tutu


moderated Re: Encouraging Enterprise Memberships

Tom H
 

I have a few Google Classic Sites and I sympathise with Sharon's fear that their "upgrade" to New Sites could prove destructive. I'm a newcomer to Groups.io but I can mention some features that differentiate them.

Website builder vs Discussion Forum
100 MB vs 1GB free
Tight relationship with many Google products, including free Google Drive 15GB and Photos.
Page templates such as Web page, Announcements, Lists.
Many widgets.
Page trees, sub-page listings.
Auto or manual navigation menu design.
Page comments optional.
Page permissions inherited from site or set at page level.
All members of a Google Group can be granted a level of permissions on Site or Page and a level on Drive folder(s) or file.

They are two very different animals.


moderated Like/Unlike vis-a-vis moderated and locked topics

 

Messages within moderated topics can be Liked and Unliked, but not messages within locked topics. Is there a reason for the latter? I would like to see allowing locked topic messages to be Liked (and Unliked) as well.
--
J

 

Messages are the sole opinion of the author, especially the fishy ones.

I wish I could shut up, but I can't, and I won't. - Desmond Tutu


moderated Re: Encouraging Enterprise Memberships

 

Sharon,

The one feature that would encourage my cohousing community to take a
paid subscription would be a wiki that is as easy to use as Google
Sites is.
I know you've commented on Groups.io's Wiki feature many times in GMF, but for the purposes of this request it would be helpful if you could enumerate in just what ways Groups.io's Wiki isn't as easy to use as Google Sites.

Recall that Mark said previously to you that he has no familiarity with Google sites. Neither do I and likely neither do many other readers here.

Totally computer resistant people started entering information
regularly and clearly. ...
--literally everything with a number attached.
It almost sounds like you're talking about a database, or some kind of amalgam of a wiki and a database. For tabular data consider Groups.io's Database feature.

But a good wiki is worth its weight in gold.
I'll concur with that!

Shal


locked Re: EU General Data Protection Regulation

Gerald Boutin <groupsio@...>
 

Users agree to certain Terms when using groups.io. This includes a Privacy Policy.
https://groups.io/static/tos

Here's a portion of the Privacy Policy. Perhaps this will help clarify some of the ongoing discussions.
Your Choices

You can visit the Site without providing any Personal Data. If you choose not to provide any Personal Data, you may not be able to use certain Services.

Exclusions

This Privacy Policy does not apply to any Personal Data collected by Groups.io other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to Groups.io through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Groups.io shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

--
Gerald


moderated Encouraging Enterprise Memberships

Sharon Villines
 

The one feature that would encourage my cohousing community to take a paid subscription would be a wiki that is as easy to use as Google Sites is.

I started the wiki years ago when our facilities team was not even happy using email. They loved it. Totally computer resistant people started entering information regularly and clearly. It records all the details about the facilities and services for a 43 unit residential community — descriptions, serial numbers, repair records, vendors, reports from vendors, costs, internet settings --literally everything with a number attached.

We were up against the space limits with no option to even pay for more storage. I deleted all the revisions so we can stay a bit longer. but they are also changing their format and will soon stop supporting the original format — I haven’t spent the time required to figure out what they are doing.

But a good wiki is worth its weight in gold.

Sharon
----
Sharon Villines, Washington DC

"Design is the first sign of human intention." William McDonough


locked Re: EU General Data Protection Regulation

 

Liam,

As part of this, one of the items an EU resident can ask for is to see
all their personal data you hold which includes any conversations or
emails they have been involved in.
This seems reasonable with regard to "personal" data, if that is defined as data which has a reasonable expectation of privacy. There can be no such expectation when posting to a group such as beta, with public archives. I would argue that even groups with "private" archives involve a purposeful dissemination of information (among the group members) and so also cannot have a strict expectation of privacy. At least not in the sense one normally means for a two-party communication.

However, IANAL and not even an EU resident, so my opinion on that counts for less than nothing.

Fortunately though, at least with respect to message postings, it is easy to comply with a retrieval request (so long as web delivery is permissible) - just provide the "All Posts By This Member" link. In your case that's:
https://beta.groups.io/g/main/search?q=posterid:174318

Maybe something similar can be devised for other content areas. Messages sent to the +owner address are also recorded, but I don't know how you would deliver them to the requesting member.

For messages sent to me off-list (at my personal email addresses) I'd have to decide between the effort required to find and deliver them, versus simply deleting them and asserting that I did not retain them.

They also have the "right to be forgotten" ...
Yup, that is harder. I like Chris' idea of just removing their display name and other meta-data from the content, thereby anonymizing it. But that may not cut it, and no doubt Chris has identified the bug-a-boo: personal info within the content.

Shal


locked Re: EU General Data Protection Regulation

Chris Jones
 

On Sun, Apr 8, 2018 at 08:56 am, Ford Amateur Astronomy Club wrote:
How many times has the EU won against companies like Google and others.
Not difficult when Google, Facebook and the like have offices in the EU. Whether Groups.io does I don't know.

The question of posts on Groups may be easily soluble. If I change my Display Name then all past posts change to the new name. All it would need would be for ex members' Display Names to be set to a default of Ex Member. If members put unnecessary personal information in posts then they only have themselves to blame!

Chris


locked Re: EU General Data Protection Regulation

Ford Amateur Astronomy Club
 

The statement that the EU has no jurisdiction outside the US is inaccurate. How many times has the EU won against companies like Google and others. They also prevent mergers of US companies that do business in the EU as they fail to meet the EU regulations regarding competitive regulations. The US has the FOIA (Freedom Of Information Act) regulations with is similar to the GDPR requirements to provide all related data on request as does the HIPPA regulations for the health industry. The EU are not reinventing the wheel here they are just extending regulations they have had in various forms in different EU countries into an EU wide regulation for all. 

I can see the US doing something similar in the near future, the US are sometimes slow to adopt such changes but they get there eventually

The press has regulations that protect them from such regulations but they have others they are required to comply with. They would not have to comply with the right to be forgotten but may have to meet the need to turn over all data. that's yet to been clarified, we will find out if a news entity gets hit but my guess is they wont be included.


locked Re: EU General Data Protection Regulation

Ford Amateur Astronomy Club
 

Actually they do. I'm Irish but in the US and many US companies are gearing up for GDPR and being ready to deal with the regulations.

US legal teams are gearing up on the regulations for two reasons. To guide their clients in being prepared and to try to defend their clients if needed,

The smart entities are getting ready now. Those that think it wont apply to them are resisting until they see they see the EU win this in court.

The regulations basically say this is what you have to do to do business with the EU or if you store data belonging to an EU resident.

I think they already have some companies or entities in mind and they will go after them hard and make an example to prove their point that no matter where you are they will get you. When the first non EU company will get hit, many will scramble to be compliant to the regulations

It is also important to know that the US senate has approved HR 1865 FOSTA which makes the hosting company is now deemed equally responsible for the content hosted on their systems which means if a Groups.io group is in breach of any regulation or hosting data that is subject to legal or regulatory action the host, being Grouos.io, and even their hosting service are also deemed responsible. This basically means if a group owner is pursued with legal or regulatory action then Groups.io and their hosting service can also be sued


locked Re: EU General Data Protection Regulation

Chris Jones
 

On Sun, Apr 8, 2018 at 08:03 am, Ford Amateur Astronomy Club wrote:
If someone leaves the group and they are an EU resident they can submit a request for all their data which includes email, posts, chats, images, links and personal data and you have a short time to comply. They can also do this wile still members.
They also have the "right to be forgotten" which means all that data you have that they ever sent or stored on the group or any PII (personally identifiable information) such as email, name, address, phone number , SSN , drivers license or anything that can be linked to them........you must delete from your group. This includes from backups or other archives.

This also applies to data in the cloud. Nowhere is safe.
The above sounds rather apocolyptic. Let me get this right; taking what you have written they can require posts such as this one to be removed, even if it contains no personal information. Is that correct? Or can they expect it to be returned to them? I take it then, if I write to a newspaper and it prints the letter, the same rules apply, perhaps?

The fact that Groups.io is hosted outside the EU means nothing as they plan on aggressively perusing any and all companies to make their point. The question is will they go afer Groups.io or the group owner.

Well they can try; the EU has no jurisdiction outside the EU borders; it can try but I don't think it will succeed. At the risk of upsetting the many US citizens on this forum the US has come in for a lot of criticism for trying that trick. US law finishes at its border as well.

Are the points you mentioned specifically in the GDPR, or are they in  some "Guidance Note" prepared by someone trying to make sure that everything is gold plated as a "backside" protecting device?

Chris (in UK!)


locked Re: EU General Data Protection Regulation

Ford Amateur Astronomy Club
 

This is 100% incorrect. They can and will peruse anyone worldwide. They have stated this in the GDPR regulations


locked Re: EU General Data Protection Regulation

Ford Amateur Astronomy Club
 

In my work I specialize in information intelligence, legal and regulatory and I can tell you GDPR is and will be a PITA.
There are a few aspects related to GDPR that are vital to know as a data manager or data owner such as Group owner or Grouos.io owner.

First of all it becomes active in 46 days
Any group that processes or holds personal data of EU residents must comply no matter where in the world they are, this includes Groups.io
Non Compliance can result in 20 million euro or 4% of annual turnover, whichever is higher.

As part of this, one of the items an EU resident can ask for is to see all their personal data you hold which includes any conversations or emails they have been involved in.
The personal data can only be retained for a limited amount of time based on the reason you are holding it. 
Any personal data you do hold needs to be protected. Transparency on how its protected is also important so that needs to be documented.
A method to monitor any possibility of data breaches and reporting of such data breaches needs to be swift and transparent.


Here is the hard part.......... :)

If someone leaves the group and they are an EU resident they can submit a request for all their data which includes email, posts, chats, images, links and personal data and you have a short time to comply. They can also do this wile still members.
They also have the "right to be forgotten" which means all that data you have that they ever sent or stored on the group or any PII (personally identifiable information) such as email, name, address, phone number , SSN , drivers license or anything that can be linked to them........you must delete from your group. This includes from backups or other archives.

This also applies to data in the cloud. Nowhere is safe.

The fact that Groups.io is hosted outside the EU means nothing as they plan on aggressively perusing any and all companies to make their point. The question is will they go afer Groups.io or the group owner.


Liam


locked Re: EU General Data Protection Regulation

 

Marina,

I think Chris and Jeremy have already pointed out that this issue concerns both sides: group owner and provider. This seems plausible to me. As far as groups.io is cconcerned, each group already has the privacy policy declaration on the bottom of the site, so I suppose Mark as provider is aware of that. Concerning the coming EU-regulations I´m pretty sure he has legal counselling for his side of the issue.

But as a European group owner I want to be on the safe side as far as my obligations here are concerned, especially since I do send out and receive personal questionnaires from prospective members which contain sensitive data. In our guidelines we already had a sort of privacy policy statement, but in the face of these new EU regulations I consider this not sufficient any more.

So I have just installed our own privacy policy regulations into my group´s files.

I used a free generator, created by lawyers, which poses a few questions concerning the type of declaration you need. This generator then creates the declaration covering your special issues.

I don´t know if in Italy the same is possible. If you spoke German I could send you the link to the generator.
Victoria


moderated Re: show "Likes" in search results #suggestion

Arno Martens
 

Cannot see how to edit my post.

The typo of omitting the "s" at odds could lead to misinterpretation of the whole sentence.
"I like that as there sometimes is a bewildering amount of replies and odds are that the post with multiple likes may be closer to what is wanted."
Arno


moderated Re: Categories for groups -- idea suggestion

Tom H
 

Google's site: filter is very useful. I've used it for years to search an Invision forum that has a weak search tool. Here's a search for "categories" in this group:
https://www.google.ca/search?q=categories+site:beta.groups.io


locked Re: EU General Data Protection Regulation

Marina
 

On Sat, Apr 7, 2018 at 01:44 pm, Chris Jones wrote:


Having said all that Groups.io is outside the EU, and the EU's writ stops at
the border.
I am not so sure about that.
I moved to IO a Yahoo group whose members are primarily EU citizens. The new group stores members' names and e-mail addresses plus all posts from previous Yahoo group, including those sent by members who have left the group.
My practical question is: what should I do to avoid legal problems?
I wasn't aware of this issue when I moved over my old group, otherwise I would have opted out of the message archive transfer.
I'd like to hear from other EU group owners who moved to IO and learn how they are dealing with this problem.

Marina


moderated Re: Site updates #changelog

 

On Sat, Apr 7, 2018 at 5:31 AM, Bruce Bowman <bruce.bowman@...> wrote:

Mark -- Don't forget to update the Help to reflect this. https://groups.io/static/help#changeemail

Thank you. Fixed.


Mark 

13601 - 13620 of 30071