Announcement

Collapse
No announcement yet.

GDPR regulations effective 25 May 2018

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • travers
    replied
    Originally posted by jbarry6899 View Post
    The new default access setting for joining members is Group Project Access Only. That means that administrators have only the same information as other project members. They can no longer see YDNA or mtDNA match lists, BigY results, haplogroup and match origins or Family Finder matches. That greatly limits the ability of administrators to manage projects and assist in research. I don't think this is clear to all project membes so I am contacting them to recommend that they change the setting to Grant Limited Access if they want our continued assistance, and also changing the welcome message to make the same suggestion.
    Stupid question maybe but how will we group a new member within the Y-DNA chart if we aren't given who they match?

    Also when I logged in today they wanted me to click that I agree to administrator terms and conditions but the terms and conditions aren't shown. Where are they? As I assume they have probably changed, but I clicked yes anyways.

    Leave a comment:


  • jbarry6899
    replied
    Originally posted by oma04 View Post
    "The Member Information Report now has the added columns: Access Granted and Publicly Shared DNA Results.
    The new default access setting for joining members is Group Project Access Only. That means that administrators have only the same information as other project members. They can no longer see YDNA or mtDNA match lists, BigY results, haplogroup and match origins or Family Finder matches. That greatly limits the ability of administrators to manage projects and assist in research. I don't think this is clear to all project membes so I am contacting them to recommend that they change the setting to Grant Limited Access if they want our continued assistance, and also changing the welcome message to make the same suggestion.

    Leave a comment:


  • oma04
    replied
    work in progress

    " So we are closely watching FTDNA work in progress"
    at least they were proactive on one front: The Member Information Report now has the added columns:
    Access Granted and Publicly Shared DNA Results.

    Both will be a real time saver!

    Leave a comment:


  • dna
    replied
    Originally posted by TwiddlingThumbs View Post
    Based on a quick check, it looks like download is missing not only the private ones but also some that aren't private. The "Export to Spreadsheet" function on the GAP results page seems to have everything except the private ones. Seems like download may just be plain broken.
    Thank you for an instant response!

    So we are closely watching FTDNA work in progress.

    At least your observation has an answer.


    Mr. W.

    Leave a comment:


  • TwiddlingThumbs
    replied
    Originally posted by dna View Post
    I bet the results you were missing in the downloads were from the kits with restrictive privacy settings. Would you be able to verify that?
    Based on a quick check, it looks like download is missing not only the private ones but also some that aren't private. The "Export to Spreadsheet" function on the GAP results page seems to have everything except the private ones. Seems like download may just be plain broken.

    Leave a comment:


  • dna
    replied
    Originally posted by TwiddlingThumbs View Post
    Any idea why FTDNA made it so Admins can't copy copy or download private results? Is it just to make it harder to share them with someone who is not an Admin?
    Since the downloads would still be possible, to me that looks like a typical legal requirement.

    It is easy to require the downloader to acknowledge some legalese before downloading. I think the same could be done for a select&copy action, but I do not recall sites doing that - maybe I am mistaken, maybe it does not work well in practice.


    The important part of the announcement is that the downloaded data might be different from the displayed data!

    And you had noticed that first!I bet the results you were missing in the downloads were from the kits with restrictive privacy settings. Would you be able to verify that ?


    Mr. W.

    Leave a comment:


  • TwiddlingThumbs
    replied
    Any idea why FTDNA made it so Admins can't copy copy or download private results? Is it just to make it harder to share them with someone who is not an Admin?

    Leave a comment:


  • dna
    replied
    Since some project administrators are still missing the e-mail updates, here is the link to the announcement FTDNA just made


    Mr. W.

    Leave a comment:


  • oma04
    replied
    Stevenson Surname project

    I think we have to use our own good judgement until FTDNA gives us specifics. ie I removed the members contact name and email from our Pedigree page which is public. Contact will have to be made through me or my co admin.

    Leave a comment:


  • sailingdeac
    replied
    I asked specifically about Any Group Project you have previously granted Limited Access or Full Access to will continue to have the granted access until the 24th of May 2018.... was told nothing changes. That is not what the sentence says. Also i asked if more info to admins is coming. Yes, but no idea of when. Or do we just see what hits the fan May 24?

    Leave a comment:


  • sailingdeac
    replied
    I must admit all this is getting to the point of forcing project admins to end their efforts.... especially if they have public sites. I called ftdna several times, but i now see the various permissions are so interwoven as to be unpredictable.

    Leave a comment:


  • oma04
    replied
    access to member accounts by group administrators

    another startling new message today when I signed into a member account selected Personal Information and then Manage Projects tab. Here is the statement above the list of projects:

    "Important: Please review the settings below, any changes made will take effect on the 25th of May 2018.

    Due to The General Data Protection Regulation (GDPR):

    Any Group Project you have previously granted Limited Access or Full Access to will continue to have the granted access until the 24th of May 2018.
    When joining a new Group Project, all Group Administrators within that project will be given No Access."

    This issue becomes more complicated by the day. I sure hope we get some guidelines soon from FTDNA

    Leave a comment:


  • dna
    replied
    Originally posted by oma04 View Post
    " Controllers and processors must store contact information separately from “results."

    As administrator, I already see at least one issue that FTDNA will have to address. In ydna matches reporting, after opening the match list, the tester has the option to download the matches to csv. In that download, the email addresses of all matches appears in the spreadsheet.

    Logically, this is how matches communicate with each other, but I wonder if FTDNA will have to resort to an internal mail system such as in 23andme and Ancestry.
    Yes, but I had always thought that this was the purpose of the green release form: to specifically allow for associations between results and contact information.

    The quote given means to me that GDPR is enforcing separation of any contact database from any other information; as in keeping (storing) them separate. However, GDPR does not preclude combining of contact information with anything else (results) for presentation purposes.

    Historically, large enterprises knew for a very long time about security advantages of such a solution/separation, but some had legacy systems and were very slow in separating the two. (The customer credit card information should be in yet another database.) Small and medium size (we are talking European sizes here!) companies have often had just one database..., and GDPR would probably mean that everybody in Europe would from now on default to having separate databases - even if today they are on single PC.


    Mr. W.

    P.S.
    The quoted requirement is not a frivolous one. In many circumstances, quite a lot of people have access to, for example, inventory or sales databases. Contact information, be it of vendors or customers, is not required for data mining or some other data analysis, although often some regional tagging is very useful if present.

    Leave a comment:


  • oma04
    replied
    email addresses

    " Controllers and processors must store contact information separately from “results."

    As administrator, I already see at least one issue that FTDNA will have to address. In ydna matches reporting, after opening the match list, the tester has the option to download the matches to csv. In that download, the email addresses of all matches appears in the spreadsheet.

    Logically, this is how matches communicate with each other, but I wonder if FTDNA will have to resort to an internal mail system such as in 23andme and Ancestry.

    Leave a comment:


  • dna
    replied
    OK, I am not a lawyer either...

    Originally posted by KATM View Post
    Roberta Estes has posted today on her blog about "Common Sense and GDPR." It is definitely worth reading. Under the heading "Location," she has two comments (my bolding):

    Quote:
    Location
    • While GDPR applies to European residents, you may not be aware that someone is a European resident. I’m going to assume that everyone is a European resident and that way there is no possible mistake.
    • GDPR does not appear to apply to European citizens living outside of the EU/UK.

    She also has posted caveats that what she says in this blog post is her own interpretation of the GDPR, and that she is not a lawyer.
    First another quote from Roberta Estes:
    I don’t believe GDPR is targeting people like project administrators, unless they are incredibly negligent or intentionally violate the privacy of others. I suspect that, for the most part, being careful with other people’s information, respectful and perhaps more aware than in the past will keep us all safe.
    In general, I agree with the above interpretation.

    On the other hand, I think she misinterpreted the location issue. And I subsequently clarified my earlier post.

    Whether one is covered by GDPR or not depends on whether one is based in the EU. A concept known to many who pay taxes. One can live at some place, but for the purpose of taxation they are resident of another location.


    I do not think that she had read my last month post, but clearly she came to the same realization that professional researchers in the fields of genealogy and genetic genealogy are going to be heavily impacted.


    I cannot see into the future, but I would not be surprised if on the 25th of May 2018 FTDNA resets everybody (who did not modify their settings since the 10th of April!) to not show their results to public in the projects.


    Mr. W.

    Leave a comment:

Working...
X