Jump to content

Talk:General Data Protection Regulation/Archives/2019

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia


I've started contributing to the GDPR fines and notices page. Would it be appropriate to add a link to this page under the Sanctions section? And if so, what would be the appropriate text for such a reference? — Preceding unsigned comment added by Rkranendonk (talkcontribs) 14:18, 24 June 2019 (UTC)

Criticism: Social Engineering Vulnerability

According to https://www.theregister.co.uk/2019/08/09/gdpr_identity_thief/ it appears that there is at least anecdotal evidence that GDPR has made it *easier* for (possibly malicious) 3rd parties to extract private information from online services. This may be worth starting a "Criticism" section, as this is a vulnerability apparently worsened by GDPR. Tantek (talk) 23:29, 16 August 2019 (UTC)

Drop tools section

The tools section feels like spam/advertising. It's just an arbitrary list of 4 software tools. I think it should be removed, but didn't want to edit the article without asking.

If anyone else agrees, I'd vouch for removing it.

Grocko1 (talk) 11:34, 23 August 2019 (UTC)

I removed all. Actually, there are tools that might be more "objective", namely those provided by the authorities (we use one in Germany that is provided by the French office for data protection; and which is favored here in Bavaria). But I would have to research that area before I'd feel confident to add them here on WP. --User:Haraldmmueller 13:50, 30 August 2019 (UTC)

Hello, where do I find a map for age of consent in the EU?

Which is issued by Ingrida Milkaite and Eva Lievens at Ghent University. [1] --TaleofTalisman (talk) 22:27, 12 September 2019 (UTC)

Here's are my list that limits younger people to gain access data in European Union:

EU country Age required
 Belgium 13
 Denmark 13
 Estonia 13
 Finland 13
 Latvia 13
 Malta 13
 Portugal 13 (16 for Google accounts)
 Sweden 13
 United Kingdom 13
 Austria 14
 Bulgaria 14
 Cyprus 14
 Italy 14
 Lithuania 14
 Spain 14
 Czech Republic 15 (same as age of consent)
 France 15 (same as age of consent)
 Croatia 16
 Germany 16
 Greece 16 (15 for age of consent)
 Hungary 16
 Ireland 16
 Luxembourg 16
 Netherlands 16
 Poland 16
 Romania 16
 Slovakia 16
 Slovenia 16 (15 for age of consent)

However, San Marino is not member of the European Union and/or European Economic Area. Instead, the minimum age of consent is 16 for Google accounts.

Source: [2]

--TaleofTalisman (talk) 08:13, 24 September 2019 (UTC)

Missing Basic Explanation of Applicability

Sometimes it's instructive to hear how some random person off the street views an endeavor. I came here wondering why US citizens have to comply with EU laws? And there's no explanation in the article, or did I miss it? It's a simple matter but I bet many people will have the same question. Friendly Person (talk) 22:51, 4 October 2019 (UTC)

But there is. See the paragraph under "Impact" on "international law" and the "Brussels effect"; and, additionally, the paragraph on "extraterritorial effects". That's about what can be said (unless you are a US citizen in the EU - then of course you have to comply with national, as well as EU law of the state where you are). --User:Haraldmmueller 20:18, 5 October 2019 (UTC)

"B2B Marketing" original research?

Someone added that section - with only links to GDPR articles, but no secondary source. This alone is not really ok. However, "B2B" implies that both (or all) involved parties are not persons, but "businesses" - so prima facie, the GDPR should not at all be relevant for B2B. So why would one claim this, and support it with paragraphs from the GDPR, which only refer to "natural persons"? I argue that this section should be removed, unless some proff can be given that GDPR professionals (lawyers) regards B2B in the context of the GDPR. --User:Haraldmmueller 10:00, 18 May 2018 (UTC)

... has been removed. Thanks! --User:Haraldmmueller 17:02, 14 October 2019 (UTC)

Extraterritorial effects, again

https://mirrors.tuna.tsinghua.edu.cn/ (see bottom:根据相关法律法规,本站不对欧盟用户提供服务。)

Tsinghua mirror site declared it will not serve EU citizens, despite it's an open source mirror site + doesn't make any explicit data requests. (This line was quietly added, no appearance in https://mirrors.tuna.tsinghua.edu.cn/news/)

From the article: Article 48 states that any judgement of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may not be recognized or enforceable in any manner unless based on an international agreement, like a mutual legal assistance treaty in force between the requesting third (non-EU) country and the EU or a member state.

Does that mean for any country/region which legal system is not mutually-endorsed with EU's, all entities there cannot simultaneously satisfy its own country's laws and GDPR effectively has EU blocking them, even if they have no intention to abuse the data?