GPDR: Humanity - is that all ?

[mevla]

Well, in defense of MailChimp, they are certified to the ePrivacy directive and we have a GDPR-compliant data processing contract with them. They can not do much with the data other than, say, a statistical analysis.

I might be mistaken, although individual companies do not matter. The simple fact that data is entering the USA makes it subject to inspection by authorities (NSA, etc..). The same applies to American residents whose emails and such are 'transparently' carried over to European countries and brought back to the USA during, say, daily server routines, maintenance or not.

On another topic, to echo the excellent idea that was expressed further above, an online aspect to the preset browser could be great, allowing users to browse community presets for their synths while creating in their DAWs.

[Urs]

Well, we're talking email address, maybe a name and a signup to the newsletter of a plug-in company, plus maybe the IP address during the signup process. I don't think the NSA will put anyone on a watch list because of that, hence the strtong reaction against MailChimp puzzles me a bit.

That said, even if we were to send out the newsletter on our own (which is, quite frankly, an impossible task), it is after all an unencrypted email. It takes a route through whatever hubs and ends up on a server somewhere. You need to abandon email alltogether if you don't want the NSA to know about your email address.

What I find more important about this whole thing is to tell people what information we do not process. What dots we do not connect. What stuff we simply do not store.

[Urs]

On another topic, to echo the excellent idea that was expressed further above, an online aspect to the preset browser could be great, allowing users to browse community presets for their synths while creating in their DAWs.

A plug-in which attempts an internet connection? Can of worms

[Teksonik]

Exactly. I found it odd to be paranoid of the NSA while at the same time wanting their DAW to connect to the Internet just for presets......

[mevla]

On another topic, to echo the excellent idea that was expressed further above, an online aspect to the preset browser could be great, allowing users to browse community presets for their synths while creating in their DAWs.

A plug-in which attempts an internet connection? Can of worms

More to the point and to the topic then, a plugin made by u-he that would be a can full of worms ?

[mevla]

Exactly. I found it odd to be paranoid of the NSA while at the same time wanting their DAW to connect to the Internet just for presets......

What's odd is to put everything in a same bag, really. And then to add a qualitative tag, such as 'paranoid'. I find that in doing so thoughts are pretty much limited in scope. But then again, it might just be a bad way of saying that one is not interested in the topic, by kind of asserting something vaguely felt about it.

[mevla]

It's funny that we are now starting to see companies that send out emails saying that there's nothing to do for the user and that they take the opportunity to reiterate their support for transparency. The first wave was about getting users to reconfirm their mailing list subscriptions. The second wave is about finding out what the politicians actually mean and heck, so much the better if there's no need to ask everyone to subscribe again to comply.

[lunardigs]

I'm having to wade through this morass right now with my own company.

GDPR's scope is extremely broad. It's underlying premise, which is classic, is that no one can or should protect themselves, thus the state must protect us by being involved in all our affairs--via commerce ... commerce, so important to understand this.

I would not discount that GDPR may very well be an insidious vector for censorship. This is what adroit monopolies do, they hijack the police power of the state. After all, we practice democracy and so the biggest 'n baddest groups rule, right?

My first question is who got this legislation enacted? Who lobbied for it and who authored the actual text? High profile data breaches and news headlines can be total contrivances, bought, just as we're to buy to narrative which lead us here.

My BS sensor is registering pretty high on this one.
... sorry for the vitriol.

[BMoore]

I'm having to wade through this morass right now with my own company.

GDPR's scope is extremely broad. It's underlying premise, which is classic, is that no one can or should protect themselves, thus the state must protect us by being involved in all our affairs--via commerce ... commerce, so important to understand this.

I would not discount that GDPR may very well be an insidious vector for censorship. This is what adroit monopolies do, they hijack the police power of the state. After all, we practice democracy and so the biggest 'n baddest groups rule, right?

My first question is who got this legislation enacted? Who lobbied for it and who authored the actual text? High profile data breaches and news headlines can be total contrivances, bought, just as we're to buy to narrative which lead us here.

My BS sensor is registering pretty high on this one.
... sorry for the vitriol.

What a sad world you must be living in.

[Aliens]

A plug-in which attempts an internet connection? Can of worms

More to the point and to the topic then, a plugin made by u-he that would be a can full of worms ?

U-humus

[phreaque]

U-humus

[lunardigs]

What a sad world you must be living in.

Sorry, didn't mean to make you feel sad ... for me.

[Gamma-UT]

I'm having to wade through this morass right now with my own company.

GDPR's scope is extremely broad. It's underlying premise, which is classic, is that no one can or should protect themselves, thus the state must protect us by being involved in all our affairs--via commerce ... commerce, so important to understand this.

I would not discount that GDPR may very well be an insidious vector for censorship. This is what adroit monopolies do, they hijack the police power of the state. After all, we practice democracy and so the biggest 'n baddest groups rule, right?

My first question is who got this legislation enacted? Who lobbied for it and who authored the actual text? High profile data breaches and news headlines can be total contrivances, bought, just as we're to buy to narrative which lead us here.

My BS sensor is registering pretty high on this one.
... sorry for the vitriol.

Or you could, y'know, read the actual legislation and make a determination rather than go full InfoWars on it just because it came from the gubmint. I can tell you, there are a lot of unhappy people in tech-land about the right to explanation provision and the need for corporations to be more accountable in what they do with data – and a number of legal experts on the privacy side who see it as broadly positive.

If anything the business companies was successful in watering down the right-to-explanation provision just enough to make it something that won't be used an awful lot against Facebook etc. The earlier drafts were much tighter.

[Gamma-UT]

It's funny that we are now starting to see companies that send out emails saying that there's nothing to do for the user and that they take the opportunity to reiterate their support for transparency. The first wave was about getting users to reconfirm their mailing list subscriptions. The second wave is about finding out what the politicians actually mean and heck, so much the better if there's no need to ask everyone to subscribe again to comply.

There is a very simple reason why a lot of companies use Mailchimp, which is a service that, above a fairly low threshold that I imagine u-he exceeds, costs money. If spam didn't exist, everyone would just use their own mailservers and not bother paying Mailchimp. But because spam does exist and so do IP blacklists, ISPs get really nervous about their clients sending large quantities of email, to the extent they will kick you off the servers for going above their threshold of so-many-per-hour. So, people use Mailchimp.

The GDPR is a bit tougher on its predecessor on data going outside the EU, so I would expect either competitors to Mailchimp to emerge or for Mailchimp to have a ring-fenced operation inside the EU (I'd be surprised if this is not already the case but I'm a bit rusty on dealing with Mailchimp).

One other thing, this is for an outgoing mailing list. No-one uses Mailchimp for personal email, so there's very little an intelligence agency is going to learn from it. However, if you email someone at a European company who happens to be working in the US at the time, that email is going to pass the NSA's tap points at either New York or San Francisco (and one other I've forgotten) in any case and you will have no idea it's happened. Or they just ask MI5 for what they fished out of their compromised routers. Of course, you could insist that your suppliers employ VPNs at all time or PGP for email...

[nevis]

The GDPR is a bit tougher on its predecessor on data going outside the EU, so I would expect either competitors to Mailchimp to emerge or for Mailchimp to have a ring-fenced operation inside the EU (I'd be surprised if this is not already the case but I'm a bit rusty on dealing with Mailchimp).

There's your answer:
https://www.privacyshield.gov/participa ... tus=Active

The EU has a nice info page on the topic of data transfers outside the EU and the Privacy Shield: https://ec.europa.eu/info/law/law-topic ... side-eu_en

And while I am at it: Douglas Adams saw the GDPR coming in his infinite wisdom, preparing us with his eternal words: don't panic!