GDPR compliance

[sourceninja]

Can you comment on Anandtech's stance and/or what has been done to comply with the new GDPR regulations that are coming to us next month?

 

[corkyg]

For clarification, OP refers to the General Data Protection Regulation to be imposed by the European Union.

 

[esquared]

I sent a message to the people who can answer.

 

[jpishgar]

Hey there,

Our teams are conducting a review of the necessary steps to take to be in compliance on GDPR, and we expect we'll get there. Historically, AT has taken a solid stance against allowing any personally identifying information on the forums, so we're in a better position than some other communities out there might be.

-JP

 

[sourceninja]

This is more of a personal curiosity for me. I'm just interested in how forums are dealing with the law, specifically the right to be forgotten (and the impacts on a forum) and the right to data portability (this one could be a tough one). Having gone though this with my company I have become curious how other types of services are tackling this regulation. Personally identifiable information is very loosely defined in the regulation and an argument could be made that even a username could fall into that category. However I think that the right to be forgotten probably doesn't apply to a forum, so that may not be an issue. The right to data portability is interesting though.

I'm interested in seeing how this gets tackled in many online communities.

 

[DigDog]

don't confuse data that you volunteer with data that a data controller requires of you. Does AT have any data on YOU ? data on "sourceninja" is not the same as data on your actual legal person. You need to be able to be identified (not your avatar) as legal person through data for it to be affected by GDPR.

the definition of "data" is what you need to look at .