Highlighted

New Cookie & Privacy Statements

Adobe Community Professional ,
Jun 02, 2018

Copy link to clipboard

Copied

Does your current cookie policy cover everything it should?  Especially now with the new GDPR regs in effect,  this is a good time for everyone with a website to re-evaluate their cookie & privacy statements.

Cookie policy | Requirements | GDPR | ePrivacy | 2018 | Example | Privacy Policy | Facebook | Linked...

While visiting a web-zine owned by Ziff Davis, I noticed they have beefed-up their cookie policy to cover just about everything.   

Ziff Davis, LLC Cookie Policy » Ziff Davis » Leaders in Tech, Gaming, Healthcare & Shopping

Nancy O'Shea, ACP
Alt-Web.com

Views

694

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

New Cookie & Privacy Statements

Adobe Community Professional ,
Jun 02, 2018

Copy link to clipboard

Copied

Does your current cookie policy cover everything it should?  Especially now with the new GDPR regs in effect,  this is a good time for everyone with a website to re-evaluate their cookie & privacy statements.

Cookie policy | Requirements | GDPR | ePrivacy | 2018 | Example | Privacy Policy | Facebook | Linked...

While visiting a web-zine owned by Ziff Davis, I noticed they have beefed-up their cookie policy to cover just about everything.   

Ziff Davis, LLC Cookie Policy » Ziff Davis » Leaders in Tech, Gaming, Healthcare & Shopping

Nancy O'Shea, ACP
Alt-Web.com

Views

695

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 02, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

I don't think Ive ever used cookies but Ive been frantically updating quite a few websites with new Privacy Policy page to meet the GDPR regulations plus converting over to https from http over that last 5-6 weeks. Some of my clients, as usual, are just burying their head in the sand and doing nothing.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

It is not just cookies and site data privacy that is subject to the new regulations, but everything to do with a persons private data and its use.

If someone is sending out email newsletters, then the GDPR applies.

If someone is just collecting user names, (that can be traced to the user) then the law applies.

If someone is sharing data, (even within a company) then the law applies.

If someone is selling physical products or digital products, the law applies.

If it is possible to track what a user is doing with a program, (using a particular feature) the law applies.

The GDPR covers just about everything and applies to every country, not just the EU. It may not be law in every country, but if anyone is dealing with anyone in the EU it may as well be, (one person or millions of people, it makes no difference).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

pziecina  wrote

It is not just cookies and site data privacy that is subject to the new regulations, but everything to do with a persons private data and its use.

If someone is sending out email newsletters, then the GDPR applies.

If someone is just collecting user names, (that can be traced to the user) then the law applies.

If someone is sharing data, (even within a company) then the law applies.

If someone is selling physical products or digital products, the law applies.

If it is possible to track what a user is doing with a program, (using a particular feature) the law applies.

The GDPR covers just about everything and applies to every country, not just the EU. It may not be law in every country, but if anyone is dealing with anyone in the EU it may as well be, (one person or millions of people, it makes no difference).

I know that, believe me, Ive had several clients who have had their solicitors. lawyers on the case for weeks, sending me all kind of interpretations about personal data, some the user wont even understand, its written in 'alien' language.

I just wonder how that leaves me as a develope r- very often I track activity on my clinets website because the client calls me and says I have not had anything from paypal in forty days and forty nights or I havent had any email through for over a year, WTF is going on, answer my question now! As a developer I need to track activity so I cant respond to my clients requests.

Obviously forty days and forty nights and over a year is not quite true it might be longer

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

All I would suggest to anyone, is to treat all data as strictly personal to the user, do nothing with it unless strictly necessary, (e.g. complete the requirerments for the clients contact reasons), make certain it is securerly stored/protected and don't even think about using it for anything the user has not agreed too, (even then think twice about doing so).

As for developers, if the client is not interested, (even if they are) keep any and all correspondence with the client regarding GDPR. At least that way you have a 'paper' trail.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

Some clients havent even contacted me in regards to GDPR. Its not my job to run their business for them so unless they specifically  ask or enquire about what they should be doing in regards to their website, l dont get involved.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

osgood_  wrote

Some clients havent even contacted me in regards to GDPR. Its not my job to run their business for them so unless they specifically  ask or enquire about what they should be doing in regards to their website, l dont get involved.

You may want to have a quick word with your solicitor about your responsibilities under the 'sale of goods act', (does cover web sites) with respect to the GDPR, if you have a maintanence contract with clients.

I don't know if it would apply if you are just adding 'products', but better safe than sorry. I have only ever heard of a couple of cases where the client has argued that the site was not fit for purpose, (which includes complying with any legal requirements), and they were settled 'out of court'.

I feel sorry for anyone coming into the profession, especially as a sole trader now, as there are now legal requirerments, (current and planned) that they must know about.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
Adobe Community Professional ,
Jun 03, 2018

Copy link to clipboard

Copied

Indeed, this seems to me to be the responsibility of the service provider who is developing, or has developed, a system for collecting and managing information from third parties, as well as informing its clients about both administrative and technical obligations, which they must respect.

here in france we have the CNIL which is quite present on the subject... and which provides a lot of legal texts and practical sheets...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

Site not fit for purpose......just run most through the w3c validator. Im sure one could make a case for anything if the dog gets the bone.

As far as lm concerned the responsibilty for what the client wants included in regards to content, privacy and security is down to them.

If they are running a company, no matter how big or small they should be fully aware of the new regualtions just as they should be aware of their tax and employee obligations. I mean who has not had about a billion emails regarding personal data over the last few months.........ring any bells or is it a case of turning a blind eye.

Of course if lm working on a new project l'll mention the issues but for any old client website lm not going to open up a can of worms unless they approach me because l spend half my time these days explaining the situation which no one wants to pay for and l dont want to go in with 'hey l have something very important to tell you client but it will cost you 150 quid regardless of if you take my advice or not.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/B+i+r+n+o+u  wrote

here in france we have the CNIL which is quite present on the subject... and which provides a lot of legal texts and practical sheets...

The problem in the U/K, (and probably many other contries) is that even the government does not give clear guidance on legal requirements when it comes to GDPR and accessibility, (the next big legal requirerment).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
Adobe Community Professional ,
Jun 03, 2018

Copy link to clipboard

Copied

I know that it is a different country, and perhaps differents laws... but have a look at https://www.cnil.fr/

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

osgood_  wrote

... because l spend half my time these days explaining the situation which no one wants to pay for and l dont want to go in with 'hey l have something very important to tell you client but it will cost you 150 quid regardless of if you take my advice or not.

Sounds like something a legal expert would do though. LOL

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/B+i+r+n+o+u  wrote

I know that it is a different country, and perhaps differents laws... but have a look at https://www.cnil.fr/

The law applies to the entire EU, and anyone doing buisness with anyone in the EU.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
Adobe Community Professional ,
Jun 03, 2018

Copy link to clipboard

Copied

so this part can interest you

In return for the disappearance of the completion of administrative procedures with the CNIL, the administrations, companies and associations processing personal data, but also their service providers and subcontractors, are now fully responsible for the protection of data that they deal.

It is their responsibility to ensure compliance with the GDPR of their personal data processing throughout their life cycle and to be able to demonstrate compliance.

it's locate on the page

https://www.cnil.fr/fr/le-rgpd-cest-maintenant-les-changements-retenir-et-les-outils-pour-bien-se-pr...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

Exactly, lm a web developer. I dont want to become a care assistamt too.

To a certain extent l agree with you both in regards to new project proposals but l dont have maintenance contracts which guarantee a regular income, my clients just approach me when they need something done, so the responsibility in those cases is all theirs.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 1
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

I only take that to mean if the subcontrator is approached by the client that the sub contractor must not hold onto data provider by the client for longer than is required to fulfill what the client asked the subcontrator to do with it. So if a company provides a mailing list to a mailing house the mailing house must take responsibility to see that the data is used correctly in accordance to the clients instructions and is then disposed of according to the clients wishes.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
Adobe Community Professional ,
Jun 03, 2018

Copy link to clipboard

Copied

I understand your point ... thought... what is the subcontractor's share of responsibility for setting up the data management system, choosing the host service that will host them, and advising its client.

after all, the client comes to the developer to set up the services... the client will certainly be responsible for the management and use of the data collected, but then to what extent does he rely on the subcontractor who sets up the necessary tools?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

osgood_  wrote

So if a company provides a mailing list to a mailing house the mailing house must take responsibility to see that the data is used correctly in accordance to the clients instructions and is then disposed of according to the clients wishes.

That's the biggest change with GDPR when compared to the old 'data protection regs'. The person(s) on the mailing list must first give their permission to be included in the mailing list, (opt in not opt out) and agree to what their data may be used for, and even if it can be passed to a 3rd party.

The old practice of passing info to a 3rd party that 'may' have a product or service that you 'may' be interested in, is no longer allowed. Now you must give permission for that 3rd party to contact you, and the product/service must be relevant.

(No more ordering Aspirin over the web and getting offers for viagra )

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

I expect the sub contractor to give the client advice on their understanding of what needs to be done, that could vary from sub contractor to sub contractor. Is it the sub contractors responsiblity to approach the client in a situation where the work has been completed prior to the new regulations coming into effect and there  is no ongoing maintenance agreement in place or is it the clients responsibilty to contact the sub contractor and ask for advice or specifically request action is taken

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

That's just one of the problems with the new regulations, who is responsible for what.

Unlike many if not most requirerments for websites in the past, which only applied to sites built after the regulation comes into force. The GDPR applies to all sites irrespective of when they where built, even if the site is 25 years old, the law applies.

I suspect that the decission of who is responsible for what, will only be decided by a judge when the first test case comes to court.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

Ok its simple. Site was built 3 years ago. Sub contractor  has since died, are they going to dig them up and take them to court or is it the responsibility of the website owner who is still alive to approach another contractor.

Website is only updated every six months. Is it the responsibility of sub contractor  to mention it to the client the next time its updated or is it the respondibility of the website owner to contact the sub contractor sooner.

Is it soley the responsibility of the web site owner to make sure their website complies with the regulation, yes l personally think it is.

Is it your responsibility to pay your  taxes on time or should you blame your accountant for not informing you of the situation. Sorry this is so clear cut its not even worth debating when you look at it from a sensible point of view.

Anyone in busines, who runs a business must make sure they comply with the law its not the responsibilty of anyone else to inform them or tell them to do so.

I also dont believe a company will incurr an immediate penalty or fine. In most cases, especially small companies, will be given a timeframe to make sure their website adheres to the regulations.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

osgood_  wrote

Is it soley the responsibility of the web site owner to make sure their website complies with the regulation, yes l personally think it is.

It would be nice if the law was so simple.

In many countries, (inc. the u/k) it is an offence to assist anyone in breaking the law. So is the developer assisting the website owner if the site does not comply with any legal requirerments?

As for everything else, wait for the test case to go to court.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

pziecina  wrote

osgood_   wrote

So is the developer assisting the website owner if the site does not comply with any legal requirerments?

In new projects, as from the 25th May I would say the developer has a duty to inform the client of the new regualtions and hope that they would comply with them. I mean its not that difficult to knock up a Privacy Policy page and transfer the website onto a secure server - https. All website hosting should be https as standard now. I cant even get my head around why http is even being sold, its FKG riduculous. Low level SSL certificates, such as 'Lets Encrypt', cost nothing and that is good enough to secure data being sent via forms etc Obviously if youre taking dosh you need a much more robust solution.

In the case of websites completed before the regulations, even if work is ongoing on those websites, its up to the client to specifically request the website be upgraded to comply with the regulations, its not up to the developer to contact them. They might mention it of course when the next update is due to take place. If the client then says nah forget it, does the developer then walk away from the job or have they fufilled there duty by making the client aware of the regulations?

I'm a pub landlord and say to a punter don't drink too much else youre get drunk and then get run over by that truck and they do is it the landlords responsible for selling the punter too much beer of is the punters responsible for not taking advice or being unaware of the dangers of drinking too much. I dont think you can balme the landlord, hes just trying to make a living.

I was violently sick the other evening after eating 4 tubs of raspbeery ripple ice cream.............of course I will be suing the company that sold it to me.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

osgood_  wrote

In the case of websites completed before the regulations, even if work is ongoing on those websites, its up to the client to specifically request the website be upgraded to comply with the regulations, its not up to the developer to contact them. They might mention it of course when the next update is due to take place. If the client then says nah forget it, does the developer then walk away from the job or have they fufilled there duty by making the client aware of the regulations?

I'm a pub landlord and say to a punter don't drink too much else youre get drunk and then get run over by that truck and they do is it the landlords responsible for selling the punter too much beer of is the punters responsible for not taking advice or being unaware of the dangers of drinking too much. I dont think you can balme the landlord, hes just trying to make a living.

In the case of the first item, the regs were published 4 years ago, so everyone concerned with the development of a new site has had time to ensure complience, (client and developer). I think both would loose the argument for not complying on that one.

As for the second item, you may be surprised to learn that it is the landlords responsibility not to serve or supply alcohol to anyone who they think may become or is intoxicated.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
LEGEND ,
Jun 03, 2018

Copy link to clipboard

Copied

pziecina  wrote

osgood_   wrote

In the case of websites completed before the regulations, even if work is ongoing on those websites, its up to the client to specifically request the website be upgraded to comply with the regulations, its not up to the developer to contact them. They might mention it of course when the next update is due to take place. If the client then says nah forget it, does the developer then walk away from the job or have they fufilled there duty by making the client aware of the regulations?

I'm a pub landlord and say to a punter don't drink too much else youre get drunk and then get run over by that truck and they do is it the landlords responsible for selling the punter too much beer of is the punters responsible for not taking advice or being unaware of the dangers of drinking too much. I dont think you can balme the landlord, hes just trying to make a living.

In the case of the first item, the regs were published 4 years ago, so everyone concerned with the development of a new site has had time to ensure complience, (client and developer). I think both would loose the argument for not complying on that one.

As for the second item, you may be surprised to learn that it is the landlords responsibility not to serve or supply alcohol to anyone who they think may become or is intoxicated.

Law doesnt become law until it is officially forcable and that wasnt until 25th May, you cant back date it.

As for landlords or people that sell alochol to those that are already drunk very few in the bigger picture are ever prosecuted for doing so, even though its law.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
Adobe Community Professional ,
Jun 03, 2018

Copy link to clipboard

Copied

may be that we should view this particular situation and context as a service to our clients. Whether they are old or new, they have trusted us and in return it would be our responsibility to inform them of the situation, if any, of the cost that a possible transformation (if necessary) could represent.

a little like, if the liquor salesman told us, listen, little guy, it seems to me you've gone well over the limit dose of stability when walking... you should revise your copy and slow down to keep your head clear

but once again, I am not talking about the law, but about the relationship of trust and the partnership we establish with our clients... advice and development have always gone hand in hand

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 03, 2018 0
osgood_ LATEST
LEGEND ,
Jun 04, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/B+i+r+n+o+u  wrote

but once again, I am not talking about the law, but about the relationship of trust and the partnership we establish with our clients... advice and development have always gone hand in hand

In cases where I feel there is a close association with a client I would certainly keep them informed. I have several of those but I also have many more clients I don't liaise with for months at a time and the association is not such a strong bond and these things generally get left until the next time they need something updating. I expect any business to be aware of their legal responsibilities....if those that I dont have such a strong bond with wish to contact me the day is always open.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 04, 2018 0