歐盟更新了對於 Cookie 同意方式的準則

TechCrunch 上面看到的,歐盟更新了對於 Cookie 同意方式的準則:「No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body」,英文版的 PDF 文件可以在「Guidelines 05/2020 on consent under Regulation 2016/679」這邊看到。

這篇準則主要是在說明,什麼情境下取得的「同意」才是有效的。主要在在說明使用者與開發者權力不對等的情況下,GDPR 會擋下哪些對使用者不利的情況。

準則文件裡開頭的地方先解釋了什麼是 free/freely given,然後給了不少範例,另外翻例子的時候還看到在雇傭關係下因為員工有無法拒絕的壓力,這時候的同意也未必是有效的,藉以保護員工...

而 TechCrunch 的文章則是拉出了兩個目前在 internet 上很常用的情況來報導 (cookie wall 與 scrolling),解釋現在 internet 上面常用的這些方法在 GDPR 下並沒有取得授權。

這樣的話 Medium 的 login wall 應該也會踩到 (強迫你要註冊 Medium 才能看,這邊會需要同意 Medium 的使用條款),這次歐盟文件算是蠻清楚的,多幾次訴訟,再讓 GDPR 跑個幾年,應該有會有不同的方法了...

法國法院判決 Steam 上的遊戲可以轉賣

Valve 不允許轉賣 Steam 上的遊戲,結果就被告上法院,並且判決違反歐盟法律:「French court rules Steam games must be able to be resold」。

French website Next Inpact reports the Paris Court of First Instance ruled on Tuesday that European Union law allows Steam users to resell their digital games, just like they can any physical product.

看起來 Steam 會上訴,再等幾個月看看...

歐盟在推動的設備維修權...

歐盟在推動設備的維修權:「EU brings in 'right to repair' rules for appliances」,歐盟的新聞稿在「New rules make household appliances more sustainable」這邊。

主要是因為現在很多廠商會故意將維修成本拉高,推動使用者去買新的,反而導致浪費:

Owners are usually unable to repair the machines themselves - or find anyone else to do it at a decent price - so are forced to buy a replacement.

新法會在 2021 年實施,主要是以家電為主,強迫製造商必須設計可被更換,並且需要提供備料讓使用者採購。

Backblaze 開了歐洲區機房

Backblaze 開了歐洲機房,所以包括了一般性的 Computer BackupB2 Cloud Storage 都可以選擇要放哪邊了...

歐洲的點是放在荷蘭:

Big news: Our first European data center, in Amsterdam, is open and accepting customer data!

價錢也都跟美國的相同:

Whether you choose EU Central or US West, your pricing for our products will be unchanged:

對於在意資料放美國機房的問題應該有緩解一些...

Spotify 向歐盟投訴 Apple Music 的不公平競爭

Spotify 向歐盟提出不公平競爭的投訴,並且發出新聞稿:「Consumers and Innovators Win on a Level Playing Field」。

重點在於 Spotify 服務透過蘋果的平台會有 30% 的抽成,但 Apple Music 因為自家服務而不需要:

To illustrate what I mean, let me share a few examples. Apple requires that Spotify and other digital services pay a 30% tax on purchases made through Apple’s payment system, including upgrading from our Free to our Premium service. If we pay this tax, it would force us to artificially inflate the price of our Premium membership well above the price of Apple Music. And to keep our price competitive for our customers, that isn’t something we can do.

不過裡面好像沒提到超過一年後的費用會降到 15% (參考「Auto-renewable Subscriptions」),應該會是蘋果向歐盟回應的重點?

歐盟對十四套 Open Source 軟體推出 Bug Bounty Program

歐盟對於 14 套 open source 軟體推出 bug bounty program,協助改善這些軟體的品質 (主要是資安這塊):「EU to fund bug bounty programs for 14 open source projects starting January 2019」、「In January, the EU starts running Bug Bounties on Free and Open Source Software」。

這十四套軟體的選擇應該可以參考「EU aims to increase the security of password manager and web server software: KeePass and Apache chosen for open source audits」這邊...

然後看到「Intigriti/Deloitte」這個才知道原來 Deloitte 也有做這個啊...

歐盟通過終結日光節約時間

看到歐盟通過終結日光節約時間的新聞:「Latest: European Parliament approves proposal to end bi-annual clock change」。

Fine Gael MEP Sean Kelly, who has been campaigning for the change, said: "I'm very pleased that after years of discussions at Committee level in the European Parliament, of which I'm the only Irish member, that out proposal was debated and voted on today in Parliament, and that Parliament accepted our proposal to ask the European Commission to come forward with a recommendation that we would end the bi-annual clock change."

其中藍色是目前還有在實施的地區,其他都是已經終止的:


取自「File:DaylightSaving-World-Subdivisions.png

主要是因為日光節約時間對於現代社會的好處愈來愈少的關係吧... 早期在歐美國家很盛行,現在歐洲決定廢止這個制度,應該會讓美國再次討論起來。

AWS 巴黎區開放

AWS 在巴黎的 region 開放了:「Now Open AWS EU (Paris) Region」。

Today we are launching our 18th AWS Region, our fourth in Europe. Located in the Paris area, AWS customers can use this Region to better serve customers in and around France.

這樣歐洲有四區了:

  • Ireland (愛爾蘭)
  • Frankfurt (德國)
  • London (英國)
  • Paris (法國)

香港區什麼時候要開呢... o_o (參考「In the Works – AWS Region in Hong Kong」)

俄羅斯在英國脫歐的議題上,也利用 Social Network 的廣告影響民意

TechCrunch 上看到的,俄羅斯政府不只在美國選舉時這樣做,同時也在英國脫歐公投的議題上進行操作:「Twitter says Russians spent ~$1k on six Brexit-related ads」。

不過金額比美國選舉時小了很多:

In response to the Commission’s request for information concerning Russian-funded campaign activity conducted during the regulated period for the June 2016 EU Referendum (15 April to 23 June 2016), Twitter reviewed referendum-related advertising on our platform during the relevant time period.

Among the accounts that we have previously identified as likely funded from Russian sources, we have thus far identified one account—@RT_com— which promoted referendum-related content during the regulated period. $1,031.99 was spent on six referendum-related ads during the regulated period.

With regard to future activity by Russian-funded accounts, on 26 October 2017, Twitter announced that it would no longer accept advertisements from RT and Sputnik and will donate the $1.9 million that RT had spent globally on advertising on Twitter to academic research into elections and civil engagement. That decision was based on a retrospective review that we initiated in the aftermath of the 2016 U.S. Presidential Elections and following the U.S. intelligence community’s conclusion that both RT and Sputnik have attempted to interfere with the election on behalf of the Russian government. Accordingly, @RT_com will not be eligible to use Twitter’s promoted products in the future.

歐洲議會嘗試撥款支援 Open Source Software 的 Bug Bounty 計畫

Hacker News 上看到歐盟議會試著以 Bug Bounty 計畫支援 Open Source Software 的消息。這次看到的是 VLC:「VLC: Bug Bounty Program - Get Rewards through HackerOne」。

The European Parliament has approved budget to improve the EU’s IT infrastructure by extending the free software security audit programme (FOSSA) and by including a bug bounty approach in the programme.

這還蠻特別的... 由官方經費贊助 open source 的計畫,除了 VLC 外,重點會在成效以及後續還有哪些被贊助。