« Linden Lab Partners With Top Twitch Streamer to Promote Sansar VR | Main | Real Life Portraits of Second Life Avatars Are Paradoxically More Lifelike »

Monday, April 16, 2018

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Jane

"The GDPR makes you liable if your upstream provider (such as Second Life, your vendor system, webhost, cloud storage provider, email provider) breaks the rules or misuses your data." (third paragraph)

Can you explain this further? Are you saying that if, for example, Second Life breaks the rules, it makes ME liable?

madeline blackbart

"This means that "greeters" which automatically add avatars to a mailing list are now illegal.""You can no longer hold marketing databases like "mailing lists" without EXPLICIT (opt-in) consent"
And thank god for that. It's been FAR FARRRR to ridiculous to remove yourself from mailing lists and spam lists in SL for FAR to long. I've been trying to remove my old main from these subscriber lists of all the (MANY) places that spam me with notices each day hoping I can use it again. People literally go out of their way to hide where the unsubscriber is. Some even go so far as to put them in areas that you can't reach without being booted from immediately by a bot. Some of these of course it's my fault that I added myself to them but if I want to remove myself I should have the option. It's dubious at best and a poor reflection on your store if you make it so it's hard,if not impossible,to remove myself from that list. Definitely doesn't make me want to shop there again. Making this illegal will be beneficial to even those NOT in Europe since it's easier to just remove everyone from a list then try to figure out whose from Europe and whose not.

Mike Dickson

It's a bigger deal for grids since they are generally the "Data Processor" in this case. But yes if a business is collecting and storing data about individual users as well they they too will need to have a way to both insure opt-in and a way to remove the data should an EU resident request that. In particular these requirements are especially problematic for the decentralized hypergrid. It would be interesting to see how this would be handled in the courts if a request for a takedown was made to a "home grid" and information about an individual was spread all over the HG destinations they touched. As the "owner" of the account I can see the courts making the home grid responsible for fulfilling the request...

David Cartier

Linden Lab no longer has a physical presence within the European Union and I seem to recall that Linden Research is a Delaware corporation, so, except for those physically within an EU nation, I don't believe the majority of SL business owners need to worry at all about compliance with these particular EU regulations. Our laws - here in the US at least - are quite different and take precedence. Nobody is going to have to go banning EU residents or anything draconian like that.

Han Held

Mike Dickson wrote:
> In particular these requirements are especially problematic for the decentralized hypergrid.

Han Held replies:

The EU's attitude towards GDPR compliance takes the number of employees and the type of data into account.

I just did a quick google and found this tidbit about "enterprises" (is a home hobby even a enterprise? If you're not raising or exchanging funds it's doubtful that you'd be considered an enterprise):

"The GDPR broadly expects all small and medium-sized enterprises (SMEs) to comply in full with the Regulation, but it makes some exceptions for organisations that have fewer than 250 employees.

The Regulation acknowledges that many SMEs pose a smaller risk to the privacy of data subjects than larger organisations. For example, Article 30 of the Regulation states that organisations with fewer than 250 employees are not required to maintain a record of processing activities under its responsibility, unless “the processing it carries out is likely to result in a risk to the rights and freedoms of data subjects, the processing is not occasional, or the processing includes special categories of data […] or personal data relating to criminal convictions and offences”."

https://www.itgovernance.eu/blog/en/does-the-gdpr-apply-to-me


If you run a grid from home DO YOUR OWN research, but when you do so you'll likely come to the some conclusion that I have. You don't make money, you have less than 350 employees then you're probably fine.

Of course, I'm not a lawyer
But then again, I'm also not Chicken Little (for a change!)

Nalates Urriah

Has anyone figured out how they will enforce this on non-EU residents?

As of 2013, there were 152 million bloggers...

How many are figuring out how totalitarian the nanny state is and how fast they are eating our freedoms in an effort to supposedly protect us?

The UK took guns. They were told criminals would use other weapons. Now the London mayor wants to control knives because London's murder rate exceeds NYC's. The nanny state's thinking doesn't work.

ShenanigansSL

@David Cartier
"Linden Lab no longer has a physical presence within the European Union and I seem to recall that Linden Research is a Delaware corporation, so, except for those physically within an EU nation, I don't believe the majority of SL business owners need to worry at all about compliance with these particular EU regulations."

However, they still have to abide by EU laws - I get charged 20% VAT (think sales tax) on my membership and tier payments simply because I live in the EU. With it's various cases against Google and Microsoft - it's not a stretch to believe the EU might decide that Linden Lab is responsible especially as data stored in scripts in greeters is on Linden servers.

Ultimately, I think it will mean that the greeters that add you to a mail list without a choice in the matter will disappear and to be on the safe side, it took me 10 minutes to add a "Privacy Policy" for our venue covering the regulations.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Your Information

(Name is required. Email address will not be displayed with the comment.)

Wagner James Au VR MMO blog New World Notes
Sinespace Unity MMO
Ample Avi  SL avatars
SL fashion blog Cajsa Gidge
my site ... ... ...