-
Actually had a look deeper into my emails I found this.
Dear Partner,
Over the past year we've shared how we are preparing to meet the requirements of the GDPR, the new data protection law coming into force on May 25, 2018. The GDPR affects European and non-European businesses using online advertising and measurement solutions when their sites and apps are accessed by users in the European Economic Area (EEA).
Today we are sharing more about our preparations for the GDPR, including our updated EU User Consent Policy, changes to our contract terms, and changes to our products, to help both you and Google meet the new requirements.
Updated EU User Consent Policy
Google's EU User Consent Policy is being updated to reflect the new legal requirements of the GDPR. It sets out your responsibilities for making disclosures to, and obtaining consents from, end users of your sites and apps in the EEA. The policy is incorporated into the contracts for most Google ads and measurement products globally.
Contract changes
We have been rolling out updates to our contractual terms for many products since last August, reflecting Google’s status as either data processor or data controller under the new law (see full classification of our Ads products). The new GDPR terms will supplement your current contract with Google and will come into force on May 25, 2018.
In the cases of DoubleClick for Publishers (DFP), DoubleClick Ad Exchange (AdX), AdMob, and AdSense, Google and its customers operate as independent controllers of personal data that is handled in these services. These new terms provide clarity over our respective responsibilities when handling that data and give both you and Google protections around that controller status. We are committing through these terms to comply with our obligations under GDPR when we use any personal data in connection with these services, and the terms require you to make the same commitment.
Shortly, we will introduce controller-controller terms for DFP and AdX for customers who have online terms.
By May 25, 2018 we will also introduce new terms for AdSense and AdMob for customers who have online terms.
If you use Google Analytics (GA), Attribution, Optimize, Tag Manager or Data Studio, whether the free or paid versions, Google operates as a processor of personal data that is handled in the service. Data processing terms for these products are already available for your acceptance (Admin → Account Settings pages). If you are an EEA client of Google Analytics, data processing will be included in your terms shortly. GA customers based outside the EEA and all GA 360 customers may accept the terms from within GA.
Product changes
To comply, and support your compliance with GDPR, we are:
Launching a solution to support publishers that want to show only non-personalized ads.
Launching new controls for DFP/AdX programmatic transactions, AdSense for Content, AdSense for Games, and AdMob to allow you to control which third parties measure and serve ads for EEA users on your sites and apps. We’ll send you more information about these tools in the coming weeks.
Taking steps to limit the processing of personal information for children under the GDPR Age of Consent in individual member states.
Launching new controls for Google Analytics customers to manage the retention and deletion of their data.
Exploring consent solutions for publishers, including working with industry groups like IAB Europe.
Find out more
You can refer to privacy.google.com/businesses to learn more about Google’s data privacy policies and approach, as well as view our data processing terms and data controller terms.
If you have any questions about this update, please don't hesitate to reach out to your account team or contact us through the Help Center. We will continue to share further information on our plans in the coming weeks.
Thanks,
The Google Teamhttps://www.blog.google/topics/google-europe/gdpr-europe-data-protection-rules/
https://www.google.com/about/company/user-consent-policy.html - old
https://www.google.com/about/company/consentstaging.html - new
https://privacy.google.com/businesses/controllerterms/
https://privacy.google.com/businesses/adsservices/ -
Cloudflare have announced a public DNS service: https://1.1.1.1
Promises to be fast and they delete everything every 24 hours and make a big song and dance about privacy.
I’ve set up PiHole to use it as the upstream DNS. Was previously using 8.8.8.8
-
https://disconnect.me and https://nordvpn.com/ are competing alternatives?
Which one should I get? Will it mean I can go back to looking up "white tyre bike porn" without fear of public ridicule?
-
It does seem fast (based on observations rather than measurements...)
https://blog.cloudflare.com/announcing-1111/ [a bit more info about it]
Oddly I can't access the https://1.1.1.1/ address from here at work
-
I’ve mentioned disconnect.me a few times. I have their 'premium' VPN and really rate it.
It doesn’t have some of the more advanced VPN features that Nord and others have, but I use it primarily for the tracker blocking aspect. I get really fast speeds, 60 or so Mbit/s on my 80/20 fttc connection.
As ever, it depends what you want a VPN for, check https://thatoneprivacysite.net/ for thoughts and reviews.
Disconnect like any VPN done well, will stop your ISP from being able to see that you look at “white tyre bike porn” and the tracker blocking aspect will stop you getting ads suggesting that you might like “tri-spok bike porn” because you viewed the aforementioned white tyres etc etc.
There is still a lifetime offer at $49 if you go here disconnect.me/offer
-
On the subject of VPNs, has anyone considered the implications of the recent Cloud Act (an article here), and how it might (at least theoretically) make VPNs based in the US more of a security concern. Disconnect.me is based in the US, and so is PIA (which I use at the moment).
-
Regarding PIA, you can choose where to exit, so surely this just applies to the US servers? For instance, I use it but set to the Netherlands.
-
Oddly I can't access the https://1.1.1.1/ address from here at work
Your work are sink-holing 1.1.1.1. You will find that 1.0.0.1 will probably work instead (and can be shortened to 1.1 in a lot of systems).
-
Not sure if it's in relation to using Private Internet Access VPN but I'm getting some really annoying captchas at the moment just trying to login to sites.
Those ones where you have to identify all of the vehicles/signs/etc and they keep bringing up new pictures until you're done, think I went through 4 or so of them last night before it accepted they were correct. I wonder if sites get paid to implement them, I assume that they are being used for verifying self driving cars recognition.
-
I believe it relates to where the company is based rather than the particular exit point. So, any company that is based in the US (such as PIA and disconnect.me among others) will be obliged to comply with US laws. The EFF article I posted uses an example of how that might work in practice for accessing Slack messages, and that is the intention of the 'Jurisdiction' field in the VPN listing that @JonD posted.
-
check https://thatoneprivacysite.net/ for thoughts and reviews.
Impressive link.
Ta -
reCAPTURA is all Google, and has been criticised by some as a source of unpaid labour. They are using people around the world to help them transcribe books, addresses, and newspapers (and street view stuff) without compensation.
I have been known in my pettier moments to do them wrong, as a somewhat futile attempt to stick two fingers up to them. Being google though, they probably learn just as much from me doing them wrong. Ho hum. -
I'm on PIA and get quite a few captchas. I've always assumed that the website in question had recognised that I was using a VPN (maybe based on an IP lookup list), and therefore was applying an extra level of security in case I was some kind of 'malicious actor'. And some services I can't access at all while on my VPN (e.g. one of my online banking accounts).
-
Click on every square containing a vital organ
-
Have read that, and a couple of similar ones, but it seems that EFF are struggling to see clear implications, just that all the things are now screwed and open to foreign (to US) eyes.
I have never really anticipated that by using a VPN I am escaping the NSA (and therefore GCHQ). I use one to defeat most if not all ad/malware issues surrounding tracking, to screw with ISP collection of internet connection records as per U.K. government and also to prevent snooping of my internet use when on public WiFi connections.
It depends why you want/need to use one.
If I wanted to wave goodbye to NSA and 5 eyes, I’d be using multiple nested VPN’s, TOR, operating systems such as TAILS, and more besides. Wilders Security Forums have some interesting reading.
-
You mean free to website to use? that I don’t know, but I’d imagine so yes. Yeah it works well for what it’s designed to do, stopping bots etc, which is in Google’s interest, they want people to do them and not be pissed off by them. Google have lots to gain by sites/people using recaptcha
-
Click on every group photo containing a Chinese dissident
-
I have been known in my pettier moments to do them wrong, as a somewhat futile attempt to stick two fingers up to them. Being google though, they probably learn just as much from me doing them wrong. Ho hum.
They generally serve them multiple times (to multiple different people obviously) and will probably keep serving them (or stick them infront of a trusted human) if there isn't enough consensus.
Most of the time I never get one when I see the "I am not a robot" clickbox but I sometimes get two different reCAPTUREs and I guess one is a dubious one and one is a known good one - the idea being they can trust my answer more on the dubious one if I get the known good one correct.
branwen
skydancer
Clockwise
Well_is_it
starfish&coffee
boristrump
JonD
aggi
graunch
hippy
Greenbank-
Post a reply
About
Encrypt all the things!
Posted by
@Velocio
We're working hard at becoming GDPR compliant at work. Looking want and how we keep people's data.
Anyone know if Facebook, Google etc have to comply too?