LawsHosting
Verified User
Well, a few features are missing from Enhanced, so I guess it's an EOL skin........Maybe the previous main skin Enhanced may still be actively maintained, I don't think that one would have these external sources.
Well, a few features are missing from Enhanced, so I guess it's an EOL skin........Maybe the previous main skin Enhanced may still be actively maintained, I don't think that one would have these external sources.
Hi! To be honest, I see major issues with how this was handled:As mentioned in the ticket - regular license would be required to make this a priority thing and an exception. If you were not planning to have a license of DA - feedback.directadmin.com is the best place for this.
It wouldn't, note that all licenses come with full 30-days money-back guarantee, so if you don't get what's been promised in that time - you'd just get the money back Anyway, I'm just a tech guy, so I wouldn't like to go into the discussion of the 'selling point'...4. The way it was mentioned that buying a pricier license might or might not help sounds to me like playing the tiny footnote game. Whether and when I would get something for the upgrade would be left open.
It would most like be best to pick a company in the EU that makes a control panel. They will most likely be completely compliant. They also will be in tune with your needs more.Hi! To be honest, I see major issues with how this was handled:
1. The first reply of the support was a copy and paste reply which implied the linked thread was not read and there was no value provided by the reply. I can live with that but nothing I would pay for.
2. Then, as we discussed here and as I mentioned in the ticket, this is not a typical 'feedback'. I would see it as a critical bug or a misconception in the architecture. Actually, posting this public could cause issues to customers in specific countries.
3. To me it seems like it was tried to sell this as a feature request a customer should be happy to have about as it's nice to have but optional. As far as I know and with respect to the current development in our industry, this is very likely not a nice to have feature but simply a legal/compliance function a software has to have. Otherwise it's very likely a violation of GDPR and an issue for in-industry-valued audits. So either it's existing or it's a major issue (with risking chances to risk) and I'm sure this is a risk nobody wants to take nowadays.
4. The way it was mentioned that buying a pricier license might or might not help sounds to me like playing the tiny footnote game. Whether and when I would get something for the upgrade would be left open. I'm sure it's not meant like this but for sure it was another red flag as I know it from less professional companies and I'm sure, DirectAdmin is in no way on the same level as such companies. On the other ahnd it shouldn't communicate like this then.
I could link several references about this but it would be written in my first language so I doubt it would make sense for this forum. A short research should quickly explain what's the issue behind all of this and why it's very risky to implement it like this in a platform/website with sensitive content and a changing industry; taking account of Schrems I, Schrems II, Schrems III (?), the fact that Privacy Shield is dead and further court decisions and opinions of national and EU-wide regulatory authorities.
I hope my feedback might shed some light on this topic from my point of view and why I have to disagree on this.
Best Regards,
As logical as this may sound, the GPDR provides in rules for non-EU company's that do (or want to do) business within the EU to obey the GPDR rules. As seen from Facebook and Google, they can get high fines when violating those rules. Also smaller companies have to take that into consideration. So either comply or don't do business here in the EU, bluntly said.It would most like be best to pick a company in the EU that makes a control panel.
I filter all my home network via The Pi Hole on a Raspberry Pi, so all that b/s gets blocked.... But, I digress..... Off-topic......If you grep 'google' in assets/apps.js in evolution you'll even find references to pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Not sure what to think about that...
Is optional feature in “customize evoltion skin”, which is turned off by default, and lets you enable it and add your own ad the main reason why you dislike it? We’re open for suggestions, just like we listened to a customer who asked for such an optional function.I filter all my home network via The Pi Hole on a Raspberry Pi, so all that b/s gets blocked.... But, I digress..... Off-topic......
And people wonder why I dislike the Evo theme....
Yes, but this is not widely accepted as some believe it impact the other countries sovereignty.rules for non-EU companies that do (or want to do) business within the EU to obey the GPDR rules.
Sure big guys are the worst and will be a target. I hope Cloudflare and Firefox gets it soon.Facebook and Google
Me too I love it.I filter all my home network via The Pi Hole on a Raspberry Pi
In general I would not use CDN I would put in the actual source.How would you suggest to leave both sides happy?
I see your point and it's a good one but for me it's unclear when 'as soon as possible' means. It could be more than 30 days. Of course the 'damage' would be negligible.It wouldn't, note that all licenses come with full 30-days money-back guarantee, so if you don't get what's been promised in that time - you'd just get the money back
It's about the situation that you expose customer or site visitor information to third parties who can process or leak this further for own or third party interests. Actually I think the IT industry is one of the few ones where you can do stuff with data without even knowing what others will do with your customer/site visitor data. If you would do the same in other industries, good luck (yes, insurances are an exception to this ). This is the point that changed. Regarding ebay: I didn't check their site but there are several aspects to check to make a proper statement, e. g. if they did adopt the 'new' court decision of Schrems II already, if a public site is as security-wise relevant as a control panel, which juristdiction they have to keep in mind, etc. Furthermore there are many companies which don't or didn't mind about specific laws, especially GDPR. So it's hard to make a proper statement here without doing a very time-consuming in-detail review of the page, privacy policy, etc. Regardless of that, I'm sure that they did document this behavior properly, including the risks and pros/cons to make a proper decision.I'm not saying it's a good or a bad thing, but I wonder why would this be a violation of GDPR?
To me this is very intuitive, at least in this case: You want to collect some kind of data for yourself or to pass it to third parties, thus you have to make sure what happens with the data. That's quite a basic concept and anything else is to the least morally quite interesting because you simply can't know the impact you cause for others.The GDPR is kind of an odd element in the online community and often feels counterintuitive.
Even with user content (which is the 'weakest' kind of permit to process this data compliant with GDPR), I don't see a good argument why it's implemented like this. I highly doubt it has a noticable performance speed and I can't think of a different argument for this. On the other hand there are several reasons against doing it like this.The bottom line is that you shouldn't serve content from outside EU/USA content without the users consent.
From a company such as DA, I would think it would be good to at least state to keep monitoring the situation, and take appropriate action when possible, e.g. when many companies are doing something similar, for its EU customers. All major USA based companies are doing something with GDPR.
So either comply or don't do business here in the EU, bluntly said.
If it does open/require a connection to a third party server, provides some sort of additional context or if it's used for some kind of tracking, it's relevant. It doesn't matter if it's a script, an image or whatever. At the end it raises the same concerns and questions to answer. They might be just easier to answer, depending on what you deliver.Images might be not that interesting for privacy
No, I have to disagree on this (see above regarding my example with toxic items/product liability). Just because it's legal in your country, it's not legal to export it like this.Yes, but this is not widely accepted as some believe it impact the other countries sovereignty. This is a form of tyranny by an outside government. If the EU citizen needs privacy they need to pick an EU company, that's the only sure way to be safe. Which goes back to my post
and is stated right here.
That's it and it's the very same for any other resource/asset I might have missed/don't know about.In general I would not use CDN I would put in the actual source.
Even if we want to have ads and it's a requirement for someone, I think DirectAdmin has no native way to provide ToS, privacy policies, cookie banner, a way to report problematic ads, document this properly etc. I think for such a feature, there are other features missing which are important to do realize this properly. Of course you can use DirectAdmin with other softwares and fulfill these feature gaps by using different softwares together but then: Does a bigger company who deals with this properly really want to use different softwares or customize DirectAdmin AND has a need for ads? I think I never have seen this in practice and it's unlikely that this is some kind of hidden champion feature.Related to Ads I found that really strange in the Control panel. No other panel has this and IMHO ads have no place in a control panel. It should be totally removed. People who want Ads can figure that out on there own website.
Totally agree.good thing out of it is GDPR; it forces everyone to think about privacy;
It all already there now. The genie has been out of the bottle for a long time.get hacked, and your data is on the streets
Totally agree look at all the people who post on here that still run PHP 5 or have centos 6. I can't make them upgrade. They should to the world a favor and upgrade until they do we can only hope to punish the hackers when caught.don't update their software
Totally get it. We let them do it. We (all of us) let Privacy go. Yes we have to take it back. I just dont need a government for some other place to tell me what or how to do it. As I said on a whole it's a good thing. Just dont come to my house and tell me what food to eat...tech giants who own so much data which we have never seen before.
That is the thing it's not a DA issue it's an EU citizen issue. Not that I can speak for them and they dont want me to as they are Canadian. The EU business owner or citizen has been told by their government what to do. So do it. Don't ask me or anyone else to do it for you.I highly doubt DA would say goodbye to the customer
Not sure this matters. The EU law is law if you live in the EU you must be assimilated.The trade off is hugely out of proportion. All it requires is being aware of where you load resources from while developing. Once you do this it is easy to keep everything local. Using a cdn or google fonts and such is just a quick shortcut to what can be done with only a little more effort.
I assume this would work but I dont know the law of your country.Personally I have already downloaded some Google fonts and use them locally, really it's not that difficult. There is a tool for it: https://google-webfonts-helper.herokuapp.com/fonts
Same thing would apply to the few other external resources I would assume.
No we don't do business. I can't be responsible for you... you have to be responsible for you.you have to respect the local laws.
Correct dont do business. As a EU citizen dont buy the items and dont buy stuff in France. Don't punish France if they sell you something and we dont know you are from EU. You are speaking of tangible goods not privacy so not the same. On the internet I can be anyone..This is no different than with other laws/regulations, e. g. you can't simply sell toxic items in France just because it's legal in your country.
Why should they be. It not there job to interpret you countries law. That is your job.I don't see how these questions are answered for DirectAdmin docs/usage.
You dont do business... you silo yourself off and sell to the patriots that live in your country. This is no different from running a grocery store or gas station in the city you live in..If we ignore that it's about USA or Google, I think it's easier to imagine this scenario: How would you feel if you use DirectAdmin and you just notice it contacts servers in China, Russia, Ukraine, Egypt or Somalia? In fact, it's the same for USA but likely gives a more bad feeling. This should raise a warning that this might be not okay.
Correct but the other way dont buy from outside the EU. Its a choice you make not a choice someone else makes.That's the perfect summary of the issue for DirectAdmin and that's why I think it's an interesting idea to try to sell this as a feature. It's not and it won't be.
I am not exporting anything to you. You have the right to put up a big moat and not expect anything but it your job to protect yourself.Just because it's legal in your country, it's not legal to export it like this.
Well at least we agree here.That's it and it's the very same for any other resource/asset I might have missed/don't know about.
IMHO opinion that's not on them it is on you.I think DirectAdmin has no native way to provide ToS, privacy policies, cookie banner, a way to report problematic ads, document this properly etc.
I do think you wont find a solution here as it not EU created but hey thats me.
I totally get that. The thing is you need to do what's right for you and what make you sleep well at night. I dont think you are going to find all the documentation, changes and compliance here on your time table. As you said they had 5 years to do something.... I like you are giving them a fair shot but considering your one of only 3-6 people I have ever heard talk about gdpr let alone make this big of a deal over it. Not sure you will be happy here. Have you checked Plesk they have some of the best docs I have ever seen. Most all of your post are about GDPR not related to how it looks, performs, and features. Seems like you are throwing out the the baby with the bathwater but again not my call it is all you.Even if it's not about privacy, it's a bad idea for security reasons too so however you look at it, it's an issue and will become a major one. The DA team can delay this decision but I'm sure one day, they have to face this finally and make a decision.
That's right. Beside that I'm quite sure many people won't or didn't choose DirectAdmin for reasons like this. DA team will just not know it. Basically, this is the same what happened to other softwares/companies, nothing special to DA.I like you are giving them a fair shot but considering your one of only 3-6 people I have ever heard talk about gdpr let alone make this big of a deal over it.
Well, privacy and security at the moment. Simply because I don't have to review all other if this isn't given. I mean, I love some stuff of DirectAdmin but it doesn't help me with this must-have and of course I will not move anything productive to DA without having this cleared, thus I won't invest too much time.Most all of you post are about GDPR not related to how it looks, performs, and features. Seems like you are throwing out the the baby with the bathwater but again not my call it is all you.
I completely agree; on the other hand it's not about us providing new solutions to non-EU products. I'm very confident that we will see the same expectations/regulations coming in other countries, e. g. USA and China: There's a clear movement towards more security and privacy as we just saw how bad it went in the past 10 or 20 years with less complex technology. I'm quite sure we don't want to see the same happening again with more complex technologies with more devastating possible outcomes. Thus we don't have to build everything on our own.Heck the entire world might buy it.
For sure.Beside that I'm quite sure many people won't or didn't choose DirectAdmin for reasons like this. DA team will just not know it.
If you are already on a more compliant platform why are you even looking.I will not move anything productive to DA without having this cleared
Right that is my point go make your own.us providing new solutions to non-EU products.
True, but it wont fit the EU standard, the US standard, China's Standard and on and on so the EU will still need to create their own.. Privacy is about protecting others from what is yours. So you won't ever be able to rely on another entity to provide that security. You will need to build your own castle, your own moat and get your own alligators. This is my point you must protect you. Anything else is folly..I'm very confident that we will see the same expectations/regulations coming in other countries.
We destroy, ignore, put off, waste, and ruin a lot of stuff here on earth...Humans are a devastation. Some are good but on whole we only live about 90 years so it's hard to sweat the big stuff.I'm quite sure we don't want to see the same happening again with more complex technologies with more devastating possible outcomes.
I don't agree with that totally. It's untrue and harsh to call this tyranny. It has nothing to do with tyranny.This is a form of tyranny by an outside government. If the EU citizen needs privacy they need to pick an EU company, that's the only sure way to be safe. Which goes back to my post
and is stated right here.
What did I miss in my reply?Still curious about what's the pagead2 from Google is doing in the Evo skin.