The EU GDPR Explained

and article 11

and article 3

And article 69

why make a video on something which might come earliest in 2019 and not even have the same wording anymore

and the internet rule 34

Max ACtion agreed

And now facebook is telling the EU to cancel GDPR or they will leave, best news I have herd out of GDPR :)

D. Brandtair wrong. It was already put in place and they gave all the companies a 2 year head start before they would enforce it.

Dukez Venom yes so in litteral form i said nothing wrong. It was announced back then.

D. Brandtair no attack towards you my man. Im just saying its even worse then how you described. Have a nice day ^^

SandyStarchild actually they had two years to comply with it

Just making excuses

@Tradjick, you really are clueless aren't you.
This is not an overreach, it's protection. It shouldn't even be a regulation, it should just happen as it is.

Tradjick it isn't that difficult to be compliant with GPDR when building a new startup. For any company it shouldn't be a problem to get compliant within two years. It is expensive when enterprises forget about it until one month before it goes into full effect.

+Tradjick - Far be it from me to jump to over-hasty conclusions, but if a company is having serious trouble dealing with fairly straightforward legislation like this, I'm not sure I want that company to possess my private data in the first place...

Greetings from Poland, the land of Po

Article 13 TL;DR:
Companies must inform you of what data they're collecting, why, how they intend to use it, your right to revoke consent, your right to have a say in how your data is used and some other things.
I've simplified the article below, but it's the rough gist of it that most people should be able to understand and doesn't contain all of the details:
Part 1 is about data **collection**:
Companies collecting personal data on you must inform you about:
- Information on who is collecting the data and how to contact them
- The contact information of the data protection officer, where applicable
- The purpose behind collecting the data
- Who will use the data
Part 1 also details stuff about moving your data, safeguards and more.
Part 2 is about data **processing**:
Companies must:
- Inform you about how long your data is stored
- Inform you about the fact that you have a right:
¤ to request access to your data
¤ to request that your data be corrected
¤ to request that your data be deleted
¤ to restrict how the company is allowed to process your data (as in "You can't use my phone number for...")
¤ to object to the company processing your data at all
¤ to object to the company moving your data elsewhere
¤ to complain to appropriate authorities
- Inform you about whether the data is required as part of a contract
- Inform you about whether you're obligated to provide the data, as well as any consequences if you fail to do so.
- Inform you about whether your data will be processed by an automated system and the end goal of the processing.
Part 3 is about using your data in **new ways**:
If companies want to use data collected on you previously for a new purpose, they must inform you of this new purpose before using your data.
Part 4:
If you've already been informed of all of this, the company doesn't need to inform you again.

Gonzalo Fresu I live in the land of the free so the EU can piss off with their rules

i don't think he mean that article 13, just google #DeleteArt13

Adam Siekierski Pooland?

Agreed, the privacy improvements are incredibly great and not honored enough by some people imho

Agreed. I've long been saying that the EU is by far the best world organisation when it comes to protecting private individuals, and this is the most high-profile piece of legislation to prove that point yet.

Use spam filters, Tor and other means if you want your “privacy”. Get educated, stop being a noob. This new stupid reinforced law will only help criminals to blend in and to prepare the new attacks against EU citizen. The lawyers would also profit since they can attack the small companies and private business owners by picking on something in their declared privacy policy. Now a doctor isn’t allowed to address the patient by name without permission. A tourist isn’t allowed to take a picture in a public place unless he gets a consent of everyone who accidentally gets into the frame (good luck with that). You guys are crazy! EU reminds me of Soviet Union. And we know its fate.
P. S. Learn to use the shift key to type capital letters. Umschalten in German.

+Scorpy_ - Care to explain exactly how criminals will be aided by this regulation, why lawyers (who would act on the behalf of private individuals in this case) getting a legal edge over companies is on balance a bad thing, or indeed what makes the EU remind you of the USSR? Just asking, because if we're just going to be spewing one-line statements, the credibility of those statements will rather depend on how thick a sample of air they _appear_ to have been pulled from, lacking any other evidence on which their merit could be judged. Your statements seem to me to come from rather thin air, so could you enlighten us with some logical arguments or statistical evidence that gives them at least a little merit? If not, most people would simply say you were "wrong"...

Scorpy_ congrats. I don't think I've ever witnessed such a collection of absolute bullshit in a comment before.
Tourists can't take photos in public places, get fucked. GDPR affects companies. Not individuals.
You as an individual are free to take images of whomever you so wish providing you're not breaking any other law. GDPR doesn't even factor into it.
As for your doctor addressing you by name, again more bullshit. You've given him your details and medical info to use in diagnosing you, using your name to refer to you is expected legitimate usage of said information.
Seriously go and read the bloody thing instead of spouting complete shite in a comments section.

BOSTASH Maybe...

BOSTASH Linus torvalds, not Linus Sebastian

yes linus made linux. just not linus from linus tech tips and he didn't do it alone.

Yes. Linus Torvald

No Linus did not make Linux if he our Linus made Linux it would be more popular

That gave a good perspective how fast the internet could be.

True:
linustechtips.com/main/topic/931387-gdpr-brings-massive-speed-improvement-to-websites/

Not if you run pihole/ublock/ghostery by default, lol
has always been fast.

Yeah now comes the part where they sensor alternate media and ban memes...

and because everything is redacted...

I can tell you a secret: In Germany we already have a law similar to Article 13, however guess what happened, nobody cared! And that's the exact same thing that will happen with art.13: Nobody cares, memes still get posted.

R But the new law will do this with a algorithm and if something copyrighted is found on a platform like youtube, the platform has to pay for it. That's why they are forced to censor the content before showing it to the public.

And how should this algorithm work exactly? Crawl the entire web every time someone uploads something?

TOmeiTO OW post a link to where in the legislation it even remotely suggests that.
Here's article 13 in full from the source itself.
eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC
Information and access to personal data
Article 13
Information to be provided where personal data are collected from the data subject
1. Where personal data relating to a data subject are collected from the data subject, the controller shall, at the time
when personal data are obtained, provide the data subject with all of the following information:
(a) the identity and the contact details of the controller and, where applicable, of the controller's representative;
(b) the contact details of the data protection officer, where applicable;
(c) the purposes of the processing for which the personal data are intended as well as the legal basis for the processing;
(d) where the processing is based on point (f) of Article 6(1), the legitimate interests pursued by the controller or by a
third party;
(e) the recipients or categories of recipients of the personal data, if any;
(f) where applicable, the fact that the controller intends to transfer personal data to a third country or international
organisation and the existence or absence of an adequacy decision by the Commission, or in the case of transfers
referred to in Article 46 or 47, or the second subparagraph of Article 49(1), reference to the appropriate or suitable
safeguards and the means by which to obtain a copy of them or where they have been made available.
2. In addition to the information referred to in paragraph 1, the controller shall, at the time when personal data are
obtained, provide the data subject with the following further information necessary to ensure fair and transparent
processing:
(a) the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that
period;
(b) the existence of the right to request from the controller access to and rectification or erasure of personal data or
restriction of processing concerning the data subject or to object to processing as well as the right to data
portability;
(c) where the processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to
withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
(d) the right to lodge a complaint with a supervisory authority;
(e) whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter
into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible
consequences of failure to provide such data;
(f) the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in
those cases, meaningful information about the logic involved, as well as the significance and the envisaged
consequences of such processing for the data subject.
3. Where the controller intends to further process the personal data for a purpose other than that for which the
personal data were collected, the controller shall provide the data subject prior to that further processing with
information on that other purpose and with any relevant further information as referred to in paragraph 2.
4. Paragraphs 1, 2 and 3 shall not apply where and insofar as the data subject already has the information.

Tbh copyright should be protected. Whether a fair use quota should be introduced is something different.

While they are bad their effects are often overstated.

Article 11 and Article 13 won't affect end users and content creators at all. It will only affect large websites like search engines, video sites, social media, image sharing sites and so on. You won't have to do anything differently as a content creator and if you didn't do anything illegal before, you are not doing anything illegal after. You won't have to do anything differently.
Did you read them? doesn't sound like it. eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52016PC0593 suggest you read the thing. Most people don't read it even once. Its not that long, especially article 13 is very easily understood.

jort93z There are legitimate issues with the regulation. Copyright was broken to begin with, but people typically don't care because it's not usually enforced.

EU regulations don't mean that its going to be enforced. there are many EU regulations nobody cares to enforce.

Lelouch Yagami fake

Check again

Fake again

They'll make a video on it. Next year.

Fair enough. It's all a matter of finding the right balance between privacy and practicality, and if you're completely on the practicality side of that scale, you might very well end up hating the GDPR.

I find GDPr very good as my internet experience is now better.

First of all oh no you have to click 2 or 3 buttons when you use a website you havent been on thats so much work. On the other hand mostly happens if you register at new websites because just a generic website isnt supposed to store your personal information. Third, GDPR does much more than just ask you if its okay that they store your data, now you can ask them to delete your Information or If they have any and they have to delete it if you ask them to.

It's kind of annoying when I'm trying to find a solution to something and it's the 6th site that blows a ton of boxes in my face to agree to this and that, cookies and sometimes even "subscribe via email". It's also not even about the first time I visit the website, because when I visit it on another computer, it shows all these boxes again. (Cookies aren't synchronised) . I would just like to open websites, read the text / use them, and then close them, because that's what I call internet service. At least people could opt out of these notifications on all the websites...
And how do those companies prove to me that they've truly deleted everything related to me?

Well then you shouldnt be mad about the GDPR but about those websites that they track all your data. The subscribe via email has nothing to do with the GDPR its just the website that wants you to sign up. And Ofcourse you have to do it every time you change your computer everything else would mean they exactly know who you are all of your devices and more. And for me personaly as a developer I dont have much problems with websites asking me for this and that its mostly cookies and thats fine thats how it has been for a long time. But I dont sign up for everything that asks me to do so if I dont want to i just go to another website and look if I can find it somewhere else. On the topic of how do companies prove they do deleted your information. There is no easy way to check if they did delete it. There are some ways to find out but its mostly that if you get spam from somewhere they would have to tell you where they got the information about you and if it is a site you asked to delete your stuff, well lets say they get fucked if they do it multiple times.

Most of them don't even have an accept button. It's just "by using this website you agree."

This is not the correct way of implementation. The right way allows you to opt-in only the necessary cookies for visiting the site and opting-out of any marketing or statistics they track. The website owner just did not do a good job. See just as an example the site www.cookiebot.com/ (Im not promoting it)

How does it count as code and not database info?

Kaihaas ja

Ralph Eckstein I never talked about it making sense or not. I just don't like that everyone pretended like the EU pulled a fast one an now every company is forced to comply within a week.
My point was only that there were two years to prepare for it.

Which is really sad. Especially the smaller companies should have been excluded form this law.

the eu is gonna touch thos dank memes, sir. just wait for article 13

ERROR 404 eu has to choose beetwen leaving memes and riot, if i would be eu i would choose leaving the memes bcz they have an important role in modern society.

banning memes... the EU are not men of culture aswell

Don't get me wrong, I think the EU and GDPR are great, but the upcoming censorship-like upload filters and advanced copyright laws are something I hope the EU parliament will avert.

Same

That sounds handy. I usually just double tap the right side to skip ten seconds, or press the right arrow key on a PC.

I don't think that'll last very long. The EU is the second-biggest market for most globally active companies that serve consumers, so while they might lock themselves out momentarily to avoid fines, they'd be royally shooting themselves in the foot by a long-term absence from the EU single market.

RubX watch your ass .... Like literally

You should probably deal with your own orange first

Brett Van Overstraeten that gonna be pretty hard

*Archsider Stuff* Would you care to be more specific. Also should i consider your answer as a threat ?
Furthermore please restrain from using the word literally... Like ever!
Alright, you rascal you. Run along

RubX they grow so fast