-
Link Mauve
jonasw, for you! https://shop.spreadshirt.com/imfreedom/
-
Seve/SouL
That's super cool
-
edhelas
so vintage tech t-shirts <3
-
pep.
For more motivation
-
jonasw
Link Mauve, I’ll take the ruffle shirt, thanks
-
moparisthebest
Wow is their logo mostly commas now?
-
jonasw
hah
-
ta
and a flying rat as mascott
-
nyco
Hey board, I am sorry, I am in a long meeting, I won't be able to join our weekly
-
MattJ
nyco, noted, thanks
-
Guus
o/
-
Guus
Martin's not here, I think?
-
Guus
ralphm?
-
Guus
I guess it's just you and me, MattJ
-
Guus
MattJ, is there anything you want to discuss, our shall we skip this week?
-
Guus
Is there anyone else that was waiting for a board meeting to bring something up?
-
MattJ
Here
-
MattJ
(sorry, was distracted a moment)
-
MattJ
I'm fine with skipping
-
Guus
okay - until the next time, then.
-
Guus
adieu
-
Anu
What is everyone else’s GDPR plan?
-
MattJ
Hide
-
MattJ
After burying all the data in the back yard
-
mrdoctorwho
I can't believe this thing got accepted
-
Anu
haha
-
Zash
Step 1: Don't be a company. Step 2: ??? Step 3: PROFI.. wait no
-
Anu
I’ve decide to just just block the EU
-
Zash
Thanks for encouraging our internal market.
-
Anu
The need for a data protection officer who is basically a lawyer killed it for me
-
mrdoctorwho
what if they use proxy and then sue you for storing their data?
-
Anu
Nah you can still get the source and compile it
-
Anu
im just not distributing it directly myself in the app store
-
Zash
This really shouldn't be an issue for client authors. Except mobile push cloud notifications...
-
Anu
Yup push
-
Anu
and crash logging
-
Anu
But regardless the burden is on you to prove you are compliant to regulators
-
Anu
thus the DPO
-
mrdoctorwho
it's the first time I'm happy I don't live in the EU
-
Anu
i spend a lot of time in europe
-
Holger
Well I don't think there's a requirement to have a DPO for a push service.
-
Anu
I believe there is, yes. You are processing data and the token can be combined with other info to uniquely identify a user so it is PII
-
Anu
also you need to set up a register and document data processing and retention policies etc
-
MattJ
mrdoctorwho, depends on your perspective. As a user, isn't GDPR great?
-
Anu
For me personally I felt it was safest to just let people compile it it they want it and block EU users from push
-
daniel
MattJ: depends. Time will tell if those ad tracking firms will go out of business
-
Anu
They won’t because they can afford to meet the letter of the law
-
daniel
Thus far I haven't experienced any differences from a user's perspective
-
daniel
Anu: it's complicated
-
Anu
If you have the money and development resources, its totally doable
-
daniel
They'd have to ask for consent
-
daniel
And that essentially breaks their business model
-
Anu
the two biggest advertisers are google and facebook
-
Anu
Both will be fine
-
daniel
Only if you are a costumer of them. And consented to them tracking you
-
daniel
But yes those companies will have fewer issues than the traditional ad companies
-
jonasw
daniel, actually, I’ve seen quite a few spamy things which asked for consent
-
Holger
Anu: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=EN#d1e3732-1-1
-
daniel
jonasw: sure they can try. But I don't think a lot of people will klick yes
-
Holger
Anu: I would've thought neither (a) nor (b) nor (c) applies.
-
Anu
funny thing, ive works with mobile advertisers they were already doing things that were illegal the US. I dont think a eu law change with modify that
-
jonasw
daniel, exactly
-
Link Mauve
Anu, we’re preparing to attack both Google and Facebook (and a few other ones), see https://gafam.laquadrature.net/ (use a translator if you don’t read French).
-
SamWhited
I'm loving it from a users perspective, all the companies that can't be bothered to even try to protect user data or that were selling it and don't want to admit it are shutting down or putting up notices about how itm'
-
Anu
I spend time in France, im familiar with gafam (a term ive never seen used outside btw)
-
SamWhited
…it's no 'onger available in the EU
-
SamWhited
*sigh* stupid phone keyboard.
-
Ge0rG
Anu: is https://monal.im/blog/gdpr-removing-monal-from-the-eu/ your plan?
-
Anu
yup
-
Ge0rG
That's... unfortunate.
-
Anu
At least until things clear up, id rather not get in trouble while in europe
-
Ge0rG
I was just going to recomment Monal to my iOSy family members.
-
Anu
sorry :(
-
Anu
I dont know what chat secure will do, ive asked chris
-
Anu
Hes going to have to deal with the same issues
-
Ge0rG
Everybody is going to.
-
Anu
yup
-
mrdoctorwho
MattJ: yes and no, I mainly agree with daniel
-
Anu
He might have more resources than me since I think he’s funded by something
-
Ge0rG
We should add that to our next GDPR meeting. pep., winfried: Cloud-Notify / Push servers are sufficiently on-topic
-
Ge0rG
Anu: I'm not convinced he has a regular project funding
-
Anu
ah
-
Ge0rG
Anu: ChatSecure development has slowed down in the last year or so, from what I can see.
-
Ge0rG
on iOS. And I'm not sure anything at all is happening on Android. They wanted to migrate to the Conversations code base.
-
daniel
i either used to or still has. i'm not really sure. i think it ran out at the end of last year✎ -
Anu
What sucks about GDPR is I am prepping the next monal version with OMEMO and push
-
daniel
he either used to or still has. i'm not really sure. i think it ran out at the end of last year ✏
-
Anu
both on iOS and mac
-
Anu
Mac will have the binary on the website outside of the App Store so people could just grab it there and there isn’t a push requirement
-
Anu
Hah I should put text there asking EU users to not download it like in the old days where you could download the US version of netscape with better encryption or the international one
-
Ge0rG
Anu: is there a specific reason for you pulling out, or just lack of time to ensure overall compliance?
-
Anu
lack of financial means to ensure compliance on a regular basis.
-
Anu
Its hard to do with a non commercial, free app
-
Anu
GDPR is designed for institutions that can afford it. I dont know how everyone else will deal with it
-
Ge0rG
Somehow we will.
-
Ge0rG
BigCorps are paying millions to consultants to ensure compliance.
-
Anu
Yes, I do it as my day job
-
moparisthebest
Anu, yea if you don't target EU citizens you don't need to comply with the GDPR so I'd just do that 'EU users must not download this'
-
Anu
well no
-
Anu
Its anything that MAY be used by a EU natural person
-
moparisthebest
no it's not, looking for link...
-
moparisthebest
https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/application-regulation/who-does-data-protection-law-apply_en
-
moparisthebest
Provided your company doesn't specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR.
-
Anu
i think we are in agreement on that part, thats why im removing it from EU app store
-
Ge0rG
Anu: will it also be auto-uninstalled from EU iPhones? :P
-
Anu
Nah since people can also just side load it if they want it
-
Ge0rG
I thought you need XCode and what not to sideload an ipa
-
Anu
there are a few ways to do it. Most of my users are enterprise users
-
Anu
They can deal with it
-
Anu
@Ge0rG, how do you plan on handling GDPR with yax.im?
-
Ge0rG
Anu: I'll extend the data processing policy according to what we figure out in the XSF GDPR meetings, and will hope nobody sues me.
-
Anu
GDPR comes into effect next week, going down to the wire :)
-
Ge0rG
Yeah.
-
Anu
Do we know if federation is legal anymore
-
Zash
Email isn't going to go away.
-
Ge0rG
Anu: we don't *know* anything. We only make informed speculations
-
jonasw
s/informed/uninformed/
-
Ge0rG
jonasw: only speaking for yourself
-
jonasw
also, this creates a loop leading to unununununununununinformed
-
jonasw
(and more)
-
Anu
Haha
-
Ge0rG
while (regex.matches()) do { regex.apply() }
-
Ge0rG
infinite loop of jonasw
-
pep.
> Ge0rG> We should add that to our next GDPR meeting. pep., winfried: Cloud-Notify / Push servers are sufficiently on-topic Gotcha
-
Anu
i would say xep-0080 and anything else that deals with lat/long
-
Ge0rG
Anu: I don't see how that's principally different from user content
-
Anu
true