NOTICE GDPR

Discussion in 'Site Help and Suggestions' started by ASSEMbler, May 24, 2018.

  1. ASSEMbler

    ASSEMbler Administrator Staff Member

    Joined:
    Mar 13, 2004
    Messages:
    19,394
    Likes Received:
    995
    Assemblergames.com is a U.S. based entity with a U.S. located server, and is therefore is not part of the European Union. The GDPR regulations have no effect on us, as the EU has no jurisdiction here, and we do not target EU citizens. If you reside in the E.U., and are concerned about the site not being GDPR compliant, please refrain from using the site after 5/25/2018.

    The "EU" and "UK" prefixes have been removed from the marketplace, therefore any future EU or UK user use is incidental and not intentional and therefore no CDPR compliance is required.
     
    windwakr, Cat man and Shane Battye like this.
  2. GoodTofuFriday

    GoodTofuFriday Site Supporter 2015,2016,2017

    Joined:
    Sep 2, 2013
    Messages:
    499
    Likes Received:
    198
    As an IT Administrator who needs to follow GDPR for his business, i can tell you that this notice isnt enough to comply with GDPR. This website is accessable to the EU, so youll either need to comply or to geoblock / georestrict the EU from makong accounts, and formally close any accounts currently utilized in the EU.
     
    f2bnp, Hiccup, skarpo01 and 5 others like this.
  3. pstrick1

    pstrick1 Site Supporter

    Joined:
    Aug 6, 2007
    Messages:
    686
    Likes Received:
    150
    There's no way something like that would hold up in court.
    Just being able to access a server from a certain country doesn't give that country jurisdiction over the server. That's absurd.

    If the EU has a problem, they can block this site. What else are they going to do? Kevin and this site are not subject to the laws of the EU.
     
  4. GoodTofuFriday

    GoodTofuFriday Site Supporter 2015,2016,2017

    Joined:
    Sep 2, 2013
    Messages:
    499
    Likes Received:
    198
    So every website with servers in the US, but users in the EU are changing their terms of service for fun?

    You are accountable for breaking law no matter where your origin is. This includes online. Its why the US copyright law can apply to music and movies outside of the US. Of course the country where said person lives needs to cooperate.
    In this case, the US will be cooperating with GDPR where applicable. This includes AssemblerGames.

    What you personally feel on the matter, and what the letter of the law is are two different things. Do not mix them up.
     
    f2bnp, Hiccup, stayhye and 1 other person like this.
  5. pstrick1

    pstrick1 Site Supporter

    Joined:
    Aug 6, 2007
    Messages:
    686
    Likes Received:
    150
    I haven't really been following the news on this law.

    It seems really weird to me that this law could apply to companies with no physical presence in the EU. Is the US ratifying some portion of the law, or agreeing to enforce it?
    How could one in the USA be punished for violating this law? If there's no punishment, the law is worthless, right?

    https://en.wikipedia.org/wiki/Bilateral_copyright_agreements_of_the_United_States
    A lot of work went into making copyright somewhat global. It didn't happen because the US unilaterally declared it to be so.
     
  6. TriMesh

    TriMesh Site Supporter 2013-2017

    Joined:
    Jul 3, 2008
    Messages:
    2,337
    Likes Received:
    767
    The short answer is that the US has for a long time aggressively pursued the idea of extraterritorial jurisdiction over sites that are located outside the US but serve users in the US. This has been mostly aimed at porn and gambling sites.

    Having set that precedent, it's now very hard for the US to argue against the same logic when it's advanced by the EU.
     
  7. la-li-lu-le-lo

    la-li-lu-le-lo ラリルレロ

    Joined:
    Feb 8, 2006
    Messages:
    5,670
    Likes Received:
    255
    What regulations does ASSEMblergames not comply with? Let me guess: the answer is no answer.
     
    Hiccup likes this.
  8. ASSEMbler

    ASSEMbler Administrator Staff Member

    Joined:
    Mar 13, 2004
    Messages:
    19,394
    Likes Received:
    995
    It's just more E.U. nonsense we pay no attention to here.

    [​IMG]
     
    TerdFerguson likes this.
  9. Bad_Ad84

    Bad_Ad84 The Tick

    Joined:
    May 26, 2011
    Messages:
    8,580
    Likes Received:
    1,348
    GDPR applies to businesses. A private indivual with a forum it doesn't apply.

    Depends how you have assembler games registered etc I guess.
     
  10. la-li-lu-le-lo

    la-li-lu-le-lo ラリルレロ

    Joined:
    Feb 8, 2006
    Messages:
    5,670
    Likes Received:
    255
    I don't know much about GDPR, but from what I understand it mostly has to do with protecting users' privacy. So yeah, "nonsense". Personally, I think the US should adopt something similar.
     
  11. abveost

    abveost Robust Member

    Joined:
    Dec 15, 2014
    Messages:
    282
    Likes Received:
    46
    You clearly misunderstand the post. It's not about complying. It's about saying compliance isn't required because the site isn't subject to US jurisdiction. I'm sure the site is accessible from all sorts of places with crazy laws it's not subject to.
     
  12. Bad_Ad84

    Bad_Ad84 The Tick

    Joined:
    May 26, 2011
    Messages:
    8,580
    Likes Received:
    1,348
    Yeah, thing is it doesn't matter. Look at the shit storm ICANN are having trying to comply.

    Basically, if you do business or use eu users data then you have to comply. Much like mentioned above, this sort of precedent was set by the US anyway with global enforcement.

    But if this site isn't a business, its not a problem anyway
     
  13. DeChief

    DeChief Rustled.

    Joined:
    Jan 25, 2014
    Messages:
    1,704
    Likes Received:
    712
    Are you actually proud to be American? Not much to be proud of at the moment, to be honest dude... Not much at all.
     
    f2bnp, Traace, stayhye and 1 other person like this.
  14. Arcadia

    Arcadia Robust Member

    Joined:
    Aug 24, 2016
    Messages:
    259
    Likes Received:
    128
    Considering the US pushes foreign governments and companies to comply to US law (eg The Pirate Bay) it's karma that US companies (not saying you have a company, so it may not be applicable to you) have to comply to EU law now. Especially since this is an effort to secure the rights of ordinary citizens.
     
  15. Muramasa

    Muramasa Rising Member

    Joined:
    Aug 9, 2014
    Messages:
    60
    Likes Received:
    33
    I'm still not sure exactly how the EU plans to enforce this against U.S. companies that have no presence in the EU. I know that the law is worded in such a way that gives it jurisdiction anywhere European data is but that doesn't mean anything if they can't enforce it.

    So if the EU finds Assemblergames to be out of compliance what will they do? I imagine the first step will be to try and make contact. Assemblergames doesn't have a representative in the EU so they would have to reach out to him directly. Failing that they could issue a fine for him. But what then? The only way to collect that fine is to reach out the the U.S and ask that they enforce the fine on AssemblerGames. At this point there are no treaties promising enforcement and much of the GDPR goes directly against U.S law. So now let's say that the U.S does agree to drop a fine on Assembler. Assembler can fight it based on U.S law. I would love to see the judge that says that they are in fact subjects of European law. What does that leave the EU? At that point they can try to pressure the U.S to enforce EU law. If the U.S doesn't want to comply they will retaliate with similar things.

    Really GDPR is going to be a mess for years. Even the regulatory agencies in europe aren't ready to enforce it and in many cases nobody knows what enforcement means yet. Through out this process there will be several companies pushing the envelope on this. I've already heard of some U.S. companies that have come up with legal strategies that they believe will tie it up for 10 years or more in the U.S. As well you will have Google and Facebook fighting parts of it in the EU as we get started. Realistically AssemblerGames won't even be a target of this.
     
  16. skarpo01

    skarpo01 Peppy Member

    Joined:
    Jul 1, 2011
    Messages:
    352
    Likes Received:
    142
    I work in data protection and cyber security, been working on GDPR for the past two years. My 2 cents on this topic for those of you who are interested:

    The GDPR does apply to the USA as well. As a matter of fact it applies worldwide to any company/officially registered entity that processes E.U citizen personal data, regardless of geographical location in the world. If a company is located in Cambodia and if that company processes E.U citizen personal data, that company will have to comply with the GDPR. Also just FYI, you cannot restrict the provision of a service to evade compliance with the GDPR, any E.U individual using that service will have the right under the GDPR to file a complaint about that with the data protection regulator in their country.

    If Assemblergames is registered as an official business/entity, it is your responsibility as the ''controller'' of the data to implement appropriate technical and organisational measures to safeguard the personal data that is being processed on your forum. The way you do this is first and foremost by indicating on the privacy policy what information you collect, for what purposes you collect it and what is your legal ground/legitimate interests to collect that data + a bunch of other stuff such as the data retention period. For marketing purposes, consent should be sought after and opt-ins and opt-outs should be provided to the individuals sharing their data.

    I am not going to dive into the details but I would like to remind anyone reading this that GDPR is worldwide and it concerns E.U citizen personal data, whether it be in the USA, Japan or Antarctica or anywhere else in the world. The good thing with regards to the USA is that there is currently an agreement in place for the processing of E.U citizen data within the USA, this agreement is called the Privacy Shield.
     
    Last edited: May 25, 2018
  17. Muramasa

    Muramasa Rising Member

    Joined:
    Aug 9, 2014
    Messages:
    60
    Likes Received:
    33
    You are correct that the law as written is setup to reach any where the data is located. However that only matters as far as the law is practically able to reach. As for the Privacy Shield that is strictly a voluntary agreement. If you don't agree to abide by Privacy shield then I'm not sure what enforcement could come through it.
     
  18. skarpo01

    skarpo01 Peppy Member

    Joined:
    Jul 1, 2011
    Messages:
    352
    Likes Received:
    142
    You are correct in one way, but take the example of Cambridge Analytica and the recent data breaches in the world. I can assure you that in those cases, the legal reach does not matter because the reputational damage alone can shut down any business.

    The regulation is not taken seriously yet but I can assure you this will change as soon as the regulatory bodies for data protection start to issue fines to companies around the world. I can tell you that the fines are heavy.
     
    DeChief likes this.
  19. keropi

    keropi Familiar Face

    Joined:
    Feb 2, 2011
    Messages:
    1,071
    Likes Received:
    70
    Just like skarpo01 says, I've been getting GDPR email notifications from every site/service that I am registered no matter where in the world it is based.
    I don't want to really comment on ASSEMbler's "solution" , the quotes I use are enough. Just another bad site decision that unfortunately contributes to the site's steady decline ... sad but true....
     
  20. DeChief

    DeChief Rustled.

    Joined:
    Jan 25, 2014
    Messages:
    1,704
    Likes Received:
    712
    Looks like you're fucked, Kev.
     

Share This Page