Tech news for everyone
On Twitter a nice thread of services blocking EU users so they can “comply” with GDPR (General Data Protection Regulation) so that they don’t need to change how they manage and keep data. This may work for them but it also shows users in other markets that the sites just don’t want to comply with what should be basics on data protection. Long story short the services on the list should not be trusted at all by any users in any country.
This entire thread. If a service you use is shutting down, or filtering out, EU users ahead of the #GDPR, then it's a good indication that they're doing things that you probably don't want them to do with your data in the first place. #privacy https://t.co/KwxQcTR4Ay
— Alasdair Allan (@aallan) May 11, 2018
Here are a few examples of services that are just blocking users instead of following some basic rules on keeping data safe and giving users basic rights to content they created.
Online game Ragnarok shutting down servers for European users, because of GDPR. https://t.co/bq0qyslIgp
— @mikko (@mikko) May 5, 2018
Unrollme to stop serving European customers, because of GDPR. https://t.co/tYrmsXlHvS pic.twitter.com/j4W0cBBHYR
— @mikko (@mikko) May 5, 2018
SMNC online game to shut down, blaming GDPR. https://t.co/R6XPTJR2Y2
— @mikko (@mikko) May 5, 2018
Steel Root is the first security company that I know that’s blocking access to their site from EU, because of GDPR. https://t.co/9HxmGzycHl
— @mikko (@mikko) May 5, 2018
The rules are simple, and easy to follow if you take a bit of time to see how your service works and stores data.
The new GDPR explicitly says that you must use plain language, not a giant pile of legalese.
If you are going to collect personally identifiable information (name, email, phone, etc), then you must have explicit consent.
You must notify data subjects of a data breach within 72 hours of you becoming aware of it.
Upon request, and at no charge, you must provide a data subject a copy of the personal data you have stored about them.
People have the right to leave your website and have you not store personally identifiable information about them. Provided, of course, that doesn’t violate any other laws.
Data must be in a commonly used and machine-readable format upon user request.
Only ask for data you actually need.
![Capital One asks users to not use a password manager for “security reasons” [Updated]](https://techrundown.com/wp-content/uploads/2018/10/40779175-15159592378193836_origin.png)
