people playing: 59, servers online: 22, games played: 142,195,129 Top Player: HiPower

  Toribash Community » Toribash » Suggestions & Ideas
Register FAQ General Rules Community
Reply
 
Thread Tools Display Modes
Old 1 Week Ago   #1
Tuna
<º))))><
 
7th Dan Black Belt
Join Date: Aug 2012
Posts: 1,546
Clan: Evolution



GDPR Compliance.
I think it's slightly troubling that toribash has not become compliant with the EU's General Data Protection Regulations.

Some of the regulations include, but are not limited to:
  1. The right of erasure. All individuals must be granted the "right to be forgotten". All data on an individual must be erased. You have one month to respond to an erasure request.
  2. The right of access. Individuals have the right to access their personal data. You also have a month to respond to such a request.
  3. The right to be informed. You must provide individuals with information including: your purposes for processing their personal data, your retention periods for that personal data, and who it will be shared with.
  4. You must ensure that you have appropriate security measures in place to protect the personal data you hold. which falls nicely in with Dinis' suggestion for HTTPS.
  5. You have a duty to notify the relevant supervisory authority within 72 hours of becoming aware of a breach, and to notify the affected users.

For a more comprehensive guide on GDPR please visit the ICO's website.

Issues I see with these forums becoming compliant:

Seeing that vBulletin version 4.x.x is no longer supported, it is safe to assume that vB3.8.2, the version toribash is currently running, is also unsupported. So my bet is that the easiest way for the forums to become compliant would be updating to vB5.
Further reading: here.
Dude.
Tuna is offline   Reply With Quote
Old 1 Week Ago   #2
-sir
Sample Text
If you want to access your data or have it deleted, contact [email protected]
sir is offline   Reply With Quote
Old 1 Week Ago   #3
…Solax
 
2nd Dan Black Belt
Join Date: Aug 2009
Posts: 11,033



Originally Posted by sir View Post
If you want to access your data or have it deleted, contact [email protected]

So that addresses points 1 and 2. Any plans for 3 through 5?
Solax is offline   Reply With Quote
Old 1 Week Ago   #4
Kore
Hardkore
 
Black Belt
Join Date: Mar 2014
Posts: 2,259



3 seems more like a statement more than anything, a sticky thread somewhere will probably be the outcome.

Obviously number 4 is more difficult, but the SSL suggestion seems like a good start.

5 should probably have a more efficient system in place, instead of the whole mess with Tbashboii
(: lmod || Unemployed :)
Kore is offline   Reply With Quote
Old 6 Days Ago   #5
>Smaguris
ub3r
 
Master Belt
Join Date: Jan 2014
Posts: 2,764
Clan: Adventure



Considering it's based in Europe, it also doesn't comply with EU data protection laws, more specifically ePrivacy directive's article 5(3) which states that before storing cookies on user's device you're required to receive informed consent. There are currently 29 cookies in use on this webpage and I've never been asked for consent, even if I visit it on different machines for the first time.

It also doesn't comply with distance selling regulations, which state that if any type of goods are sold on the website, it must provide a user with business details (such as contact name, address, etc.). That also falls under other laws, such as Companies Act in UK.
-----
GDPR is just the tip of an iceberg is what I'm trying to say. This website clearly doesn't try to follow rules and regulations

Last edited by Smaguris; 6 Days Ago at 02:42 AM.. Reason: <24 hour edit/bump
Smaguris is offline   Reply With Quote
Old 6 Days Ago   #6
Tuna
<º))))><
 
7th Dan Black Belt
Join Date: Aug 2012
Posts: 1,546
Clan: Evolution



Originally Posted by Kore View Post
3 seems more like a statement more than anything, a sticky thread somewhere will probably be the outcome.

Since afaik toribash doesn't use any user information for the sake of targeted advertisement, a simple outline of cookies should suffice. Along with an updated Privacy Policy.
Originally Posted by Wayne Luke, Technical Support Lead.
vBulletin 4 is end of life and will not be receiving updates for for GDPR compliance. With the software, you can already create custom profile fields and require that they are answered at registration and/or login. You can use the phrase system to update the rules of your site and link to your privacy policy. You can also add a privacy policy under the Site Name / URL / Contact Details section of the site.

In addition to the above, vBulletin 5 is receiving a GDPR compliance sub-system with GEO-Location and Guest compliance support in the next version to be released. The Mobile Apps are also being updated to work with GDPR when used with vBulletin 5.

a little more on why updating to vB5 would be worth while, since anything under is EOL.

Originally Posted by Kore View Post
Obviously number 4 is more difficult, but the SSL suggestion seems like a good start.

I think along with HTTPS implementation, which is free these days with Let's Encrypt, Two Factor Authentication(2FA) could be a good thing to look into. Again AFAIK that comes with vB5.

Originally Posted by Smaguris View Post
It also doesn't comply with distance selling regulations, which state that if any type of goods are sold on the website, it must provide a user with business details (such as contact name, address, etc.). That also falls under other laws, such as Companies Act in UK.

Not entirely sure if it's up to date, but the business details can be found here. and also due to the ToS all tc/items are property of nabi. I wonder if that negates anything? (I wouldn't know since I'm no expert haha)

I believe it would be an unreasonable expectation for tb/nabistudios to be fully compliant with every law. But I do think it could start going in the right direction. With a focus on security and user privacy. Also the ToS could do with a bit more...
Dude.

Last edited by Tuna; 6 Days Ago at 03:01 AM..
Tuna is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 03:18 PM.




Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
ragdoll fighting game physics fighting game ragdoll fighting physics funmotion joints martial arts karate pc mac free game turn based game