New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Because we're not going to be legally responsible for your child porn addiction, you belligerent fool. GDPR isn't a catchall for "whatever the fuck I want to be true." Where'd you get your law degree, Reddit? I got mine on Wikipedia like the actual intellectual class.
The same reason you care about hosts validity before signing up with them.
So salty, even Salt Bae can't handle you.
Ahh the Herp derp lawyer we all love.
@ehhthing said:
Good luck explaining to the data protection commissioner how requiring a scan of ID was necessary and proportional for your pre-paid $10/mo internet hosting service after all the KYC data is leaked and on sale on darknet forums.
Where I live, after the GDPR regulation came into force, even banks don't store ID photocopies anymore, and you expect that for your shitty hosting provider (I have never been asked for an ID by a reputable provider despite abusing the shit out of many and always being on the low end in regard of money). Local law might be stricter for processing documents and it DOES apply to you if you conduct business with that country's residents.
Obtaining residence info for VAT purposes? Yeah, believe that bullshit. You don't need an ID for proper due dilligence, it's you making excuses.
The truth is that if you require such extreme precautions to protect your precious services, you're lacking basic abuse detection/handling skills and you're probably not suited to run this business. It's probably why your service had become a harbour for fraudsters in the first place.
I have a video for you, the armchair expert:
I'm gonna reiterate it again, reputable providers never ask for this crap. If you feel the need to do so, it just means you have deficiencies in other areas and your cargo cult mentality tells you that it's the right thing to do to counter abuse. Besides, if you've actually dealt with stolen CCs, you would've known that a lot of them come bundled with data neccessary to make a photo ID that passes all your checks. So in the end you're just making hurdles for the honest customer.
BRB switching all my servers off from Hetzner to Alpharacks
My apologies for assuming you were capable of intellectual conversation. I should’ve been tipped off by the first comment so directly contradicting facts, that you’d continue down that path. You’ve even had to make up your own definition of “reputable” now but didn’t bother to share your new definition. Hopefully you don’t consider me reputable, as the most interaction I’d like to have with you in the future is farting in your general direction.
Wrong. But anyway, should you be on the internet without parental consent? Because you are clearly no more than 12 years old.
Verizon did.
T-mobile did.
Hostgator did.
Hetzner did.
Go daddy did.
I guess none of these folks are reputable.
What is next? Earth is flat and vaccines are scam?
Not to mention that @amarms hasn't simply read the text of the GDPR. If any data was indeed leaked, there would be an investigation but I'm 100% sure the commission won't have a problem with collecting the information for fraud prevention and tax reasons.
I'd also like to hear their valuable opinion about how providers can seemingly "understand" that the service will be used for fraud without requiring ID verification. Given the general level of their understanding though, I guess it would be something like "scan their storage devices for CP" and "transparently MITM all encrypted connections".
Necromancers should always be banned.
Playing with dead horses isn't healthy.
Not sure why you have that troll tag, you're providing useful life advice
Come on, let's not feed the troll. They're on a diet!
Well now that you mention it.
I do not believe Earth is flat. I am not one of those flat Earthers.
The only reason I believe Earth is a ball is simple.
Everything dear to us, men, are in a shape of balls. Our balls. Women's balls on their chests.
Therefore, Earth is a ball.
Ah yes, identity theft afficionados playing the CP card, ignoring the fact that most CP isn't even hosted on paid services because it'a quite difficult to pay for something anonymously (no, bitcoin is not anonymous).
You don't "read the GDPR". It's a somewhat loose framework subject to a lot of interpretation based on context. Something may be acceptable for one entity but not for another. The key is justification and I think there is not much in this case. Why stop at IDs? Why not require a fingerprint scan to sign up for a VPS? That would surely stop all the fraud, right?
@stevewatson301:
"Everything is legal till the first audit"
Not only are we making up facts and definitions of words, we’re actively rewriting history!
Glad to rewrite that one. The multiple people I recall sending to jail for exactly that? Didn’t happen.
Thanks for letting us know how you host your CP though.
That’s so cute. Should I tell him about the giant, reputable provider I worked for that had thousands of daily fraud registrations that would have passed all of his audits, and were ultimately caught by my own algorithm?
Nah I’ll save that for someone who could understand it 😂
but they stand on flat. earth is flat.
How many hosting companies have your worked for, and how much experience do you have in this area? I have worked for a major player, and I've observed such situations where CP is hosted on paid services.
Other hosting providers here can chime in, if they wish to (and I'm 100% sure they have similar experiences).
Fingerprints are just a unique set of squiggles that a person possesses. They do not give the provider any information about the nationality and legal status of a person.
Most providers require them only as an additional fraud check if your order was suspicious for some reason.
The relevant sections of the GDPR which allow collection of information with legitimate business interests are fairly straightforward. In any case, you don't get to define what is acceptable, the judiciary and the data protection commissioner does.
You might not like it, but legally, it is a legitimate use case and being a curmudgeon here might win you an argument with strangers, but it won't change the law or the actual concerns of businesses due to which they collect such information.
While I understand the legal implications, I’m sensitive to the idea that people can be accused of CP and taken down without verification (like the time someone sent a DMCA notice claiming it, and not only was it painfully obviously not it, the DMCA notice was claiming legal ownership lol). I’m also sensitive to the fact that it can sometimes be hard to verify without the assistance of law enforcement. However, I refuse to take down a customer without attempting verification. I think there might be tools to help now, but when I was doing it the best way was to verify visually. Fortunately, I am no longer working in any capacity that places me in this situation. I’ve always been open and cooperative with law enforcement regarding such matters.
That all said, I have literally viewed it with my monitor facing an HR office to perform such a verification. I assume, and hope, that no one there needs to do this anymore and that proper tooling will have replaced it. What I’ve seen in those years had most often been stored by a paying customer, intentionally (one accidentally uploaded his Desktop folder to his website and someone found it) and with legitimate billing details, at one of the most well known hosting companies in the world.
Can’t be an expert on everything. Didn’t want to be an expert on that. But someone has to do it, we can’t all just pretend it’s not there and forget about the victims.
Of course they were.
Are you calling me a pedophile? What's up with your fixation on CP? I have a much, much broader view than you do and I can tell you it's a very marginal problem. Is calling your opponent a pedo an only way you can respond to facts and arguments?
Honestly, I'm going to give my 2 cents to this discussion right now and tell you about the new(old) and exciting technology called Secure 3D. It gives the sellers 10 x more data about the person using the card, than normal payments via the older versions. Because of this most providers should be happy with what you provided, if of course, you paid via a Secure 3D compatible card.
I fully believe that. My time at HostGator, DigitalOcean, and now my own startup growing exponentially day by day, it's certainly given me some perspective and knowledge on things happening at scale and how to deal with them. But, of course, on that subject I'm fully prepared to believe that you have a better view of it than I do.
Perhaps if we started off with a few of those this wouldn't be so entertaining to me. Presently this is a positive distraction to keep me from getting frustrated while I work on UX developments, my least favorite.
Nah, to me, it's bury a body first then murder later.
Joking aside, I do like today's trend of "Guilty until proven innocent". I see all customers as criminals at first. They can prove their innocence later by paying invoices on time.
Some places outside of EU and US have old style cards and banks system so these places don’t even know what the Secure 3D is means.
Yet here we are, both in the same place, talking to the pedophile on the other side. Quite ironic isn't it?
/thread
_The end is nigh.