Picture taken in Sansar at the Conference Stage Experience
What is GDPR?
GDPR stands for General Data Protection Regulation and it is a new data protection law in the European Union (EU), which comes into force on May 25th 2018. The aim of GDPR is to give citizens of the EU control over their personal data, and change the approach of organizations across the world towards data privacy. This includes both identifying data like names and addresses as well as anonymous data like computer IP addresses. The GDPR applies to data collected about EU citizens from anywhere in the world. As a consequence, a website with any EU visitors or customers must comply with the GDPR, which means virtually all businesses that want to sell products or services to the European market.
How does this affect you, as a Second Life or Sansar Resident?
I have spoken to the Information Security Director at Linden Lab, Maya Linden, and she has related to me that the Lab is currently preparing for GDPR compliance and will have an announcement about that very soon.
She has also unofficially shared the following information with me, but has requested to wait for the official blog for further information:
Behind the scene, we are preparing for GDPR compliance by adjusting our security and privacy practices accordingly. Here are some high level actions that are direct result of our commitment to residents’ privacy and security:
- Align policies to GDPR and other regulations and demonstrate our commitment to our customers and users.
- Train each of Linden Lab employees and contractors on all privacy and security expectations with changing laws and policies.
- Embed privacy by design in all our systems and processes.
- Manage third-party risks – more guidance on this in our official blog.
Once the Lab makes their official announcement, I will link to it from this post.
UPDATE: Linden Lab has released a statement about GDPR, read it here: General Data Protection Regulation (GDPR) and Linden Lab
How does this affect you, as a visitor of my blog?
Hosting and Platform:
This blog is a self-hosted wordpress blog, which is hosted on GoDaddy‘s servers. To my knowledge, both WordPress and GoDaddy themselves don’t collect any information about my blog’s visitors, however, I still wanted to share their Privacy Policies:
A Wordpress Plugin is a piece of software containing a group of functions that can be added to a self-hosted WordPress website, to extend functionality or add new features. I use a number of Plugins on my site to monitor site statistics and also use forms or polls that may collect personal data from my visitors. Here is a list of the Plugins I use on this site that may collect data from visitors, and also a link to their Privacy Policies.
- Jetpack -This is the main plugin on my site that collects the most data. Jetpack is owned by Automattic and they are preparing for GDPR compliance. Jetpack is the plugin that collects log files for analytics, which consists of geographic location, browser type, date/time stamp, referring/exit pages, number of clicks and other info like that, which is not personally identifiable. The personally identifiable information it collects are names, email addresses and IP addresses if you fill out the contact form on my website, leave a comment on any of my posts, or subscribe to my blog via email . You can read Jetpack’s Privacy Information page at this link.
- Akismet – Akismet is a comment spam filtering plugin. It collects IP addresses from those that leave comments on this blog. It is also owned by Automattic and they are preparing for GDPR compliance.
- Polldaddy – The polls I run on this blog are all through Polldaddy. Polldaddy collects IP addresses from those that answer the polls so they are not able to vote more than once. It is also owned by Automattic and they are preparing for GDPR compliance.
- Google – Google’s use of the DART cookie enables it to serve ads to users based on their internet history. DART uses “non personally identifiable information” and does NOT track personal information about you. For more information about this or to opt out of the use of the DART cookie, visit Google Advertising Privacy & Terms.