Privacy Plug in and GDPR

Privacy Plug in and GDPR

Ric Robinson發表於
Number of replies: 3

Our immediate plan is to deliver courses (at no charge to users) on our Moodle.  We "might" use affiliate links and market other premium and/or other free courses to enrollees down the road.   We haven't determined if or when we will add affiliate links or add premium courses.  But we want as large of a marketplace for our courses as possible.   

Having reviewed the EU Privacy laws, we have decided that being able to be fully compliant with GDPR is far more work than we are in a position to properly administer.   

Is there a PLUGIN where we can exclude residents of all GDPR countries from setting up an account on our Moodle so as to avoid GDPR.   In other words, if a resident of a GDPR country is unable to set up an account, then we should not have to concern ourselves with GDPR compliance.  Although, we still plan to comply with Privacy Laws in other countries and several states in U.S. 

Philosophically, I understand the value in GDPR, but it places a huge monitoring and administrative setup obligation on small online Moodles and it seems easier for us to simply exclude GDPR countries from our potential marketplace.

Any thoughts or alternatives to this are greatly appreciated.




    


評比平均分數: -
In reply to Ric Robinson

Re: Privacy Plug in and GDPR

Ken Task發表於
Particularly helpful Moodlers的相片

Am wondering what sort of plugin could detect if an EU person using a browser via VPN and signed for an account in your site is lying (entering in-correct or false info - but valid EMail addresses)?

While you could restrict the email domains used and exclude all GDPR nation email addresses from being used, if a user was determined to get 'free' offering and what ever your site is offering is 'world class', well then?????

Think one would add to admin side of the moodle if all accounts had to be approved also.

So it's kinda a catch 22 and danged if you do and danged if you don't, me thinks!

But ... will be looking for anyone else's suggestions and advice/plugins etc. 微笑

For such restrictions might be best to use something at the network layer or even web service config rather than config of moodle.

Please see:

https://www.cloudibee.com/geoip-based-country-blocking-for-apache/

Also see:

https://lite.ip2location.com/ip-address-ranges-by-country

2 cent opinion, of course!

'SoS', Ken

評比平均分數:Useful (1)
In reply to Ken Task

Re: Privacy Plug in and GDPR

Thorsten Bartel發表於
Core developers的相片
Regarding the circumvention of blocked access:
If there is an additional statement when signing up that GDPR-users are excluded from the services provided, circumventing these measures would technically be considered entering a secured system without permission, freeing the service provider from any legal repercussions. This again, could easily be considered a "win" in the providers book: Being able to serve GDPR countries as a market without actually serving them. The user effectively trades GDPR protection rights against access to the service / resources on his/her own accord.

Important: This is in no way to be considered legal advice and is only my personal, uneducated guess.
評比平均分數: -