david63 wrote: ↑
Fri Jan 31, 2020 6:48 pm
The bottom line here is that it is the board owner
who is responsible for complying with the law that appertains to the country that they are in and/or operate in.
Yet, any software offered to board owners, like phpBB, should provide the means to do so, or else the offering is only worth as much as the ability of the board owner to modify said software.
If one has to modify or extend the software in question, one pretty soon comes into areas, where one can't guarantee that the whole construct will work as intended.
John connor wrote: ↑
Fri Jan 31, 2020 10:18 pm
I wonder. Do Europeans have to comply with COPPA?
As of wikipedia, COPPA only affects persons and legal entities who are under U.S. jurisdiction, and it is a law posing restrictions on the.
GDPR, by design, is a law that grants rights to EU citizens and imposes restrictions. These rights EU citizens get shall be upheld by everyone who offers their service in the EU (or even EU citizens living abroad). If one wouldn't want to comply to that laws, by merit of being not under EU justidiction, should find means to exclude EU citizens from their service. Which of course is technically difficult, for geo-blocking IPs would hinder non-EU users currently residing in the EU (or using a EU based ISP) while proxy-servers provide means for EU citizens to cericumvent a geo-block...
In any case, the base functions of phpBB, like creating logs with IP adresses, should undergo some reevaluation. What is the merit of logging the IPs in question, indefinately ?
Should an anonymisation of IP addresses be a core functionallity and turned on by default - just so that people who use the board out of the box aren't liable ? I mean, if someone wants it, and understands it, it can be turned on, but a faily high number of people probably wouldn't care if the IPs were in the logs or not.