Fast Lane! Posted October 5, 2019 Posted October 5, 2019 How are things looking for compliance on IPB? This is pretty huge... and takes effect on Jan 1, 2020 (3 months). Right up there or worse than GDPR. Under CCPA individuals can sue companies for CCPA violations. So far more unbounded costs. https://www.cnbc.com/2019/10/05/california-consumer-privacy-act-ccpa-could-cost-companies-55-billion.html
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 More information on compliance. Wowsers. Seems like many if not the majority of sites will fall under CCPA. https://www.dickinson-wright.com/news-alerts/californias-data-privacy-law
Joel R Posted October 6, 2019 Posted October 6, 2019 8 hours ago, Fast Lane! said: More information on compliance. Wowsers. Seems like many if not the majority of sites will fall under CCPA. https://www.dickinson-wright.com/news-alerts/californias-data-privacy-law From the same link that you posted: Not all business qualify. To fall within the scope of the CCPA, the business must also meet one of the additional three criteria: Have $25 million or more in annual revenue; or Possess the personal data of more than 50,000 “consumers, households, or devices” or Earn more than half of its annual revenue selling consumers’ personal data.
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 2 hours ago, Joel R said: From the same link that you posted: Not all business qualify. To fall within the scope of the CCPA, the business must also meet one of the additional three criteria: Have $25 million or more in annual revenue; or Possess the personal data of more than 50,000 “consumers, households, or devices” or Earn more than half of its annual revenue selling consumers’ personal data. Check Google analytics. I'll bet that many people had a least 50k user's last year. That's easy to do. Doesn't have to be registered members (collecting IP address alone on your server, or data via Google Analytics is enough to qualify). Also, since advertising ads from AdSense or frankly ad any provider includes collecting data and sharing it with a 3rd party, then if you received more than 50% of your revenue from advertising (and are based in CA) then you also fall under CCPA. I would bet the lion share of forum owners have more than 50% of their revenue from advertising. If you made $100 last year and $50.01 was from ads then you qualify. Any revenue over a penny counts. It's super easy to fall under CCPA. Even for small sites.
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 As an aside. IPB itself surely falls under CCPA under clause 2. If you go to Analytics and check user location by country and then by state, I bet you had more than 50k users in the last year. Again, not registered members or paying customers. Just user's. Guests included. That means you now fall under CCPA and any CA user's has rights under CCPA they can impose on you.
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 What data does the CCPA cover? The California law takes a broader approach to what constitutes sensitive data than the GDPR. For example, olfactory information is covered, as well as browsing history and records of a visitor's interactions with a website or application. Here’s what AB 375 considers “personal information”: Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier IP address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers Characteristics of protected classifications under California or federal law Commercial information including records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies Biometric information Internet or other electronic network activity information including, but not limited to, browsing history, search history and information regarding a consumer’s interaction with a website, application or advertisement Geolocation data Audio, electronic, visual, thermal, olfactory or similar information Professional or employment-related information Education information, defined as information that is not publicly available personally identifiable information (PII) as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities and aptitudes What happens if my company is not in compliance with the CCPA? Companies have 30 days to comply with the law once regulators notify them of a violation. If the issue isn't resolved, there's a fine of up to $7,500 per record. "If you think about how many records are affected in a breach, it really increases very quickly," says Debra Farber, senior director for privacy strategy at BigID. Since the bill was put together and passed in just a week, it will probably see some amendments, she adds. "Things like the fine amounts are likely to change." There's also another potential financial risk, Farber says. "The bill provides for an individual's right to sue, for the first time " she says. "And it allows class action lawsuits for damages." Again, there's a 30-day window that starts when the consumers give written notice to a company that they believe their privacy rights have been violated. "If it's not cured, and the attorney general declines to prosecute, then they can bring a class action suit," Farber says. "And it's not just around breaches." So if an IPB board makes $20 bucks a year and resides in CA, and has 15 CA members, and fails to comply with CCPA then the fine is $7500 x 15 = $112,500.
tonyv Posted October 6, 2019 Posted October 6, 2019 With all the GDPR FUD that was out there I wonder how many admins here have felt the hammer fall and been sanctioned by the EU. Has anyone here been served with a lawsuit yet? I like PGE's approach after its equipment was blamed for the wildfires: Shut off power in areas where risk of fire is high on a given day. I think that's great. Open the wallet and pay for a generator...or be without power on those days.
Adriano Faria Posted October 6, 2019 Posted October 6, 2019 Internet is becoming a real PITA with all these boring regulations! Glad I’m not from Eu or CA. 🤣
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 6 minutes ago, Adriano Faria said: Internet is becoming a real PITA with all these boring regulations! Glad I’m not from Eu or CA. 🤣 Kinda doesn't matter. If you have a CA user (even if they are traveling in FL) you fall under CCPA. It's crazy but that's how it's written.
Adriano Faria Posted October 6, 2019 Posted October 6, 2019 It’s an admin’s problem. Not mine, as a user.
tonyv Posted October 6, 2019 Posted October 6, 2019 Isn't CA great? You could go there and be hit by a drunk illegal alien with no license and no insurance and have no recourse, or you be running a little website and be here on the support community forums sweating some Californian's cookies while he's away from home in Florida. Too much, lol
TheWorldNewsMedia.org Posted October 6, 2019 Posted October 6, 2019 You just have to wonder if the big guys... FB, Twitter, LinkedIn etc.. are behind this knowing it will cause even 25% of their small time competitors to just dry up? As someone mentioned before... the risk/reward of owning a website/forum versus just being a user on some larger corporate owned one is changing fast. Reconsidering this whole venture now with my 16,000 users.....
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 6 minutes ago, TheWorldNewsMedia.org said: You just have to wonder if the big guys... FB, Twitter, LinkedIn etc.. are behind this knowing it will cause even 25% of their small time competitors to just dry up? As someone mentioned before... the risk/reward of owning a website/forum versus just being a user on some larger corporate owned one is changing fast. Reconsidering this whole venture now with my 16,000 users..... Anyone know if it actually passed or not yet? Yes over a year ago. It was approved by the legislator and signed into law by the governor. It goes into effect Jan 1. All the talk of changes are just about amendments.
Fast Lane! Posted October 6, 2019 Author Posted October 6, 2019 13 minutes ago, TheWorldNewsMedia.org said: You just have to wonder if the big guys... FB, Twitter, LinkedIn etc.. are behind this knowing it will cause even 25% of their small time competitors to just dry up? As someone mentioned before... the risk/reward of owning a website/forum versus just being a user on some larger corporate owned one is changing fast. Reconsidering this whole venture now with my 16,000 users..... It's not how many registered users you have. It's how many users including gusts visit your site in a whole year. If one person visits from their phone, work computer and laptop then that counts as 3 (since it's devices or users). Ultimately we needs solution from IPB of some sort or it will be a major turn off for people running the IPB suite. Given the complexity of being compliant and that it basically effects everyone, I'm sure they will do something -- I hope. Eager to see their response to this thread.
TheWorldNewsMedia.org Posted October 6, 2019 Posted October 6, 2019 Wowzers is right! I think this just might be the death knell for my once great internet aspirations. Why risk MASSIVE fines or even lawsuits to earn $100/month? Now... just invest in the big guys... since they are only going to get bigger now after this. Imagine all the hours of every user across all the IPS sites.... now imagine 30% quit due to this draconian law...... millions of eyeball hours now going back Facebook, Twitter etc... who have the lawyers to fight this sort of law. Big guys win... little guys lose.... same old story.
TheWorldNewsMedia.org Posted October 6, 2019 Posted October 6, 2019 This is serious stuff.... This article has a lot of information about the current status of this law and possible amendments, workarounds. Crossing our fingers... https://www.theballeronabudget.com/what-is-the-ccpa-and-how-will-it-affect-your-online-income/
TheWorldNewsMedia.org Posted October 6, 2019 Posted October 6, 2019 Ironic that foreign communist states weren't able to censor our website... but California basically closes it down by making the risk/reward of using ads to monetize a website a no-brainer. Remember when the "Internet" had the promise of democracy built into it? Now it has become the enabler of monopolies, mobs and state censorship. Truly sad.
TheWorldNewsMedia.org Posted October 6, 2019 Posted October 6, 2019 I have started a thread to the larger public (beyond Invision Community) about this threat: List of Websites that will be closing down on 12/31/2019 if the CCPA is not amended. https://www.theworldnewsmedia.org/topic/85387-list-of-websites-that-will-be-closing-down-on-december-31-2019-if-california-doesnt-amend-the-ccpa/?tab=comments#comment-135676
Adriano Faria Posted October 7, 2019 Posted October 7, 2019 11 hours ago, Fast Lane! said: Ultimately we needs solution from IPB of some sort or it will be a major turn off for people running the IPB suite What exactly do you expect IPS can do at a software level?
Fast Lane! Posted October 7, 2019 Author Posted October 7, 2019 5 hours ago, Adriano Faria said: What exactly do you expect IPS can do at a software level? Add features to support compliance. If you read what's required there are several items that are fairly technical in nature and can only be done at the core suite level. Many are the same as what they added for GDPR. Some are new. IPB made a huge deal about adding tools to support GDPR so I expect they will repeat this for CCPA. It's in their own interest as lack of support would likely scare both new and existing clients away from even running a forum.
bfarber Posted October 7, 2019 Posted October 7, 2019 Frankly, most of the protections very strongly mirror GDPR so I'm not seeing a lot of non-compliant functionality in place right now. That said, I've ensured this is raised to the attention of those responsibility for reviewing and ensuring legal compliance so that it can be thoroughly vetted and checked. Thanks!
Fast Lane! Posted October 7, 2019 Author Posted October 7, 2019 3 minutes ago, bfarber said: Frankly, most of the protections very strongly mirror GDPR so I'm not seeing a lot of non-compliant functionality in place right now. That said, I've ensured this is raised to the attention of those responsibility for reviewing and ensuring legal compliance so that it can be thoroughly vetted and checked. Thanks! Thanks. I think there are changes to the current GDPR tools you have that will go a long way.
SJ77 Posted October 8, 2019 Posted October 8, 2019 I don't even know what this is yet... BUT OMG am I tired of stupid regulations. PLEASE GO AWAY with this stuff big gov! .. Let me guess, EU again? UGH EDIT: Great!! CALI-FREAKING-FORNIA!!! I should have known AHAHAHAHAH And Guess where I live, yup... California and YES I have enough users to fall into this. FML!!!! So tired of this crap! Why can't we just have a website without constant problems???
tonyv Posted October 8, 2019 Posted October 8, 2019 3 hours ago, SJ77 said: I don't even know what this is yet... BUT OMG am I tired of stupid regulations. PLEASE GO AWAY with this stuff big gov! .. Let me guess, EU again? UGH EDIT: Great!! CALI-FREAKING-FORNIA!!! I should have known AHAHAHAHAH And Guess where I live, yup... California and YES I have enough users to fall into this. FML!!!! So tired of this crap! Why can't we just have a website without constant problems??? Everything will be okay 🍺
SJ77 Posted October 8, 2019 Posted October 8, 2019 11 minutes ago, tonyv said: Everything will be okay 🍺 Thanks Man!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.