GDPR post the migration to Vanilla

It’s been pointed out by Community Manager Niamh that Canada’s data protection is on par with GDPR so it shouldn’t be an issue.

Why move our data out of Ireland, never mind EU?

This is worrying enough that I'll probably close my account. We need full transparancy on what the decision process was to move hosting outside Ireland/Europe.

Further GDPR non compliance as there is no cookie consent either. Last count, there are 15 cookies, one of which is Google Analytics.

From the horse's mouth.

https://gdpr.eu/cookies/

Cookie compliance

To comply with the regulations governing cookies under the GDPR and the ePrivacy Directive you must:

• Receive users’ consent before you use any cookies except strictly necessary cookies.
• Provide accurate and specific information about the data each cookie tracks and its purpose in plain language before consent is received.
• Document and store consent received from users.
• Allow users to access your service even if they refuse to allow the use of certain cookies
• Make it as easy for users to withdraw their consent as it was for them to give their consent in the first place.

Where is the consent?

Where can I withdraw consent?

I don't know anything about Canadian data protection laws. There was Privacy Shield in the US which isn't worth the ink on the paper and was proved inadequate some time ago. Standard Contractual Clauses seem to be going the same route. Canada being deemed to have the same data protections in place holds no comfort for me as they are one of the 5 Eyes. Any data protection laws in Canada go out the window when "national security" comes in to play in any of those 5 countries.

Migrating our data from Ireland to Canada is unjustifiable. What was so wrong with hosting in Ireland or another country in Europe?

Or listed Data Protection Officer, that I can['t] find.

To be fair, the mods would be as in the dark as we are, probably all the way up to smods. It's [possibly] the admins, the paid staff, the techincal department who have these answers.

I was wondering how safe and secure the personal details that people may have passed back and forward in p.m. are.

I would think given all the concerns raised above over the last few days that admin should at least come forward to ally any concerns people are having regarding security and gdpr.

I've tried this but don't get anything.

That'd be Cloudflare, which boards has been using for a few years now.

the more that comes out from this move the worse it gets. Brush it off. In the time it took you Niamh to type all that out you could have simply just said the data is currently stored in location.

It's possible to configure it to work with aws: https://www.cloudflare.com/en-gb/multi-cloud/aws/

i have no clue about GDPR really at all, or internet servers and all the rest of it.

i'm concerned about the draft feature you have introduced.

if i draft a reply and never hit post, where is that draft saved to? if i revisit a thread after a few days, my draft is still there ready to go.

if its still there ready to go, it must be getting stored somewhere? as in, you are storing non posted posts?

if i can delete them, they must be getting stored somewhere prior? as in, you cant delete something that has not been stored?

as i said, no clue about this!

None of which addresses the points being raised.

Whether some users don't care anyway is irrelevant. A lot do, and there is a legal obligation on site owners to facilitate choice and information for those users (and everyone on the site)

The bottom line though is that this is yet another sloppy element of this migration, and the response from Niamh (while well-intentioned I'm sure) does nothing to address it - "I don't think" (anything changed), and "as soon as we can" doesn't cut it... but it is consistent with everything else around fixing this site at the moment.

Yes, it all seems like an afterthought, like all this could have been done prior to the migration, no? Especially when there are legal and statuary obligations by boards.ie on the matter.

I think the point Kaiser (and others) are trying to make is that the implementation of the move to Vanilla should never have happened until the changeover was made compliant with all legalities.

Telling an established member of the Boards community with 20 years of activity on the site to suddenly "pack up and ship off" is exactly why so many people are annoyed about this. Many users are here decades and have spend a lot of time watching the community they created disintegrate in front of them.