Little bit surprised !!!
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
Same in hairdresser and other places. I wouldn't have a problem to give my data for possible infection chains tracking (the official reason). But it is being done really wrong. Just place the "contact book" in a safe area where only the staff can access it, let the customer write the data in a piece of paper and copy the info in the book. The positive side of it: You can write what you want, you don't have to identify yourself with you IDcard.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
How does thei treatment of your data pertain to their ability to offer their service? Have they given you the GDPR informative? Did you sign the GDPR agreement for your data treatment with a clearly stated controller or processor, finality of use of data and lenght of time data are stored? Do they have in place adequate measures to restrict the access of data from not authorized people? They are violating the hell out of the GDPR.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
den2k88 wrote:
How does thei treatment of your data pertain to their ability to offer their service?
It is part of the rules for re-opening coming from above... They have to get the data to help in possible tracking of infection chains. Not really their fault / will.
den2k88 wrote:
Have they given you the GDPR informative? Did you sign the GDPR agreement for your data treatment with a clearly stated controller or processor, finality of use of data and lenght of time data are stored? Do they have in place adequate measures to restrict the access of data from not authorized people?
Of course not.
den2k88 wrote:
They are violating the hell out of the GDPR.
Yes, because they are doing it the comfortable way. Instead of thinking a bit.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
In many countries, hotels were (are?) required to keep registers of guests. These were reported regularly to the police (and, in detective stories, were left around for the hero/villain to read...). The restaurant equivalent is no less intrusive. I believe that a restaurant employee (rather than the patron) should be the one to fill in the details, precisely in order to avoid the situation that you describe. The fact that the government is not directly involved is irrelevant; it is still a breach of privacy. What would your reaction have been if you saw your best friend's name there, along with the name of a woman who is not his wife?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
Daniel Pfeffer wrote:
In many countries, hotels were (are?) required to keep registers of guests
Yes, that's right. But in all my years travelling I have not seen any book open to all the public. I have seen how they copied / scanned my passport and I had to fill some formularies, but it was always saved in a non public place. Of course, if they get hacked or there is a burglar / spy or whatever... they will get my data too. But at least not every single person going through the lobby. And that's the problem in the german business right now. The books are there at the entrance, so everyone going by can do a picture of the page and have all the personal data of previous customers.
Daniel Pfeffer wrote:
The fact that the government is not directly involved is irrelevant;
They are involved... they have forced the rule to the gastronomy and small service business (hair dresser or similars) where the customer stays for a certain amount of time. The big problem is it is really bad ruled (as most of the time). They just say... keep track. And the restaurants are more than happy to be allowed to re-open again and do it in the most comfortable way, without thinking in the implications The "law" / rule should be much, much more specific. To avoid this situations.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
How does thei treatment of your data pertain to their ability to offer their service? Have they given you the GDPR informative? Did you sign the GDPR agreement for your data treatment with a clearly stated controller or processor, finality of use of data and lenght of time data are stored? Do they have in place adequate measures to restrict the access of data from not authorized people? They are violating the hell out of the GDPR.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
It is really fun how people bitched about GDPR. Until their data is concerned. Typical human ...
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
I think this whole handling of COVID-19 by the government breaks a few more rules than GDPR X| When they break into your home and fine you (in an already difficult time) AND GIVE YOU A CRIMINAL RECORD because you have guests they're crossing a few lines. I guess "giving out personal details to everyone who asks for it" is just another emergency ordinance that just adds insult to injury.
Best, Sander sanderrossel.com Migrating Applications to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
-
How does thei treatment of your data pertain to their ability to offer their service? Have they given you the GDPR informative? Did you sign the GDPR agreement for your data treatment with a clearly stated controller or processor, finality of use of data and lenght of time data are stored? Do they have in place adequate measures to restrict the access of data from not authorized people? They are violating the hell out of the GDPR.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
den2k88 wrote:
How does thei treatment of your data pertain to their ability to offer their service?
Its Just for tracking the chain. If someone who visited was infected, thy need to know who else was their in the premise during that time. This is Ok but the execution is terrible.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
-
Same in hairdresser and other places. I wouldn't have a problem to give my data for possible infection chains tracking (the official reason). But it is being done really wrong. Just place the "contact book" in a safe area where only the staff can access it, let the customer write the data in a piece of paper and copy the info in the book. The positive side of it: You can write what you want, you don't have to identify yourself with you IDcard.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
Nelek wrote:
I wouldn't have a problem to give my data for possible infection chains tracking (the official reason).
Me too, and I am happy to oblige but having that "Log book" to be publicly available for anyone is kind of weird and wrong.
Nelek wrote:
The positive side of it: You can write what you want, you don't have to identify yourself with you IDcard
I saw couple of entries with name M Mustermann and phone number. I bet phone number was correct though
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
-
I think this whole handling of COVID-19 by the government breaks a few more rules than GDPR X| When they break into your home and fine you (in an already difficult time) AND GIVE YOU A CRIMINAL RECORD because you have guests they're crossing a few lines. I guess "giving out personal details to everyone who asks for it" is just another emergency ordinance that just adds insult to injury.
Best, Sander sanderrossel.com Migrating Applications to the Cloud with Azure arrgh.js - Bringing LINQ to JavaScript Object-Oriented Programming in C# Succinctly
Sander Rossel wrote:
I guess "giving out personal details to everyone who asks for it" is just another emergency ordinance that just adds insult to injury.
That's wrong. The correct formulation should be: "Forcing everyone to ask for your personal data."
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
Nelek wrote:
I wouldn't have a problem to give my data for possible infection chains tracking (the official reason).
Me too, and I am happy to oblige but having that "Log book" to be publicly available for anyone is kind of weird and wrong.
Nelek wrote:
The positive side of it: You can write what you want, you don't have to identify yourself with you IDcard
I saw couple of entries with name M Mustermann and phone number. I bet phone number was correct though
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
super wrote:
having that "Log book" to be publicly available for anyone is kind of weird and wrong.
That's exactly my point. That should be not there. I don't even expect that only the manager or restaurant owner handles the book, but at least keep it in the office, bring it when a customer comes in, staff write the data of the customer and take it back to the office. That would be much better and way more compliant than now.
super wrote:
I saw couple of entries with name M Mustermann and phone number. I bet phone number was correct though
I would do it too. I do want them to call me if there are problems and if it happens, then I will give my real data to help the officers to follow the chain, but in the log book... it brings nothing.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
In many countries, hotels were (are?) required to keep registers of guests. These were reported regularly to the police (and, in detective stories, were left around for the hero/villain to read...). The restaurant equivalent is no less intrusive. I believe that a restaurant employee (rather than the patron) should be the one to fill in the details, precisely in order to avoid the situation that you describe. The fact that the government is not directly involved is irrelevant; it is still a breach of privacy. What would your reaction have been if you saw your best friend's name there, along with the name of a woman who is not his wife?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
Daniel Pfeffer wrote:
In many countries, hotels were (are?) required to keep registers of guests.
Yes, that's right. But in all my years travelling I have not seen any book open to all the public. I have seen how they copied / scanned my passport and I had to fill some formularies, but it was always saved in a non public place. Of course, if they get hacked or there is a burglar / spy or whatever... they will get my data too. But at least not every single person going through the lobby. And that's the problem in the german business right now. The books are there at the entrance, so everyone going by can do a picture of the page and have all the personal data of previous customers.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
Three weeks ago, the Norwegian public broadcaster (NRK) published a story: For 3500 euro (NOK 35,000), they bought "anonymous" tracking data for 140,000 smartphones for ten months of 2019, more than 400 million positions. The phne owner was not identified, but when data shows a phone located at the same location every night, you can look up in the phone direcory who lives there. You can see its location eight hours every weekday, revealing where the owner works. Look up the "suspect" in Facebook, and you can have your guesses confirmed (and hook it up to a lot more infor about the owner). The NRK guys picked one phone as a case study. They found the identy of the guy from were he slept and worked, and made a detail survey of his movements for more than half a year: Were he went with his family in the weekends, which restaurants he had been visiting. They saw that he had spent a lunch break to drive to the address of a competitor in the same trade (and a few weeks later, he started spending working hours at that location). NRK made contact with the guy, who was truly shocked by the detail level, but was willing to participate in a TV program to discuss the disclosures.(Maybe NRK had asked others that refused to participate; they obviously do not tell about that.). The data also identified several persons as army officers with the highest security clearance: Their phones were traced from their homes into the top security parts of a military installation. They also identified 8300 phones visiting hospitals, violence shelters etc. Most were clearly employees, but a fair share were temporary visitors, who e.g. arrived on a Friday night without returning to their normal residence until a couple of days later, possibly after a visit to the police station. (For obvious reasons, none of these were asked to participate in the TV program.) This story has caused quite some uproar, both in the military establishment, at the violence shelters, among politicians and common people. It is still hot in media, after three weeks. When you see how much can be deduced about your private activities from "anonymous" data that anyone can buy for a moderate sum of money, registering your phone number with the restaurant is like a drop in the ocean. As long as you carry your smartphone with you, anyone can buy information revealing how much time you spent there, how you traveled to the restaurant, where you spend the following night etc. In theory, you can deny GPS access to all apps. That could severely limit the app's
-
In many countries, hotels were (are?) required to keep registers of guests. These were reported regularly to the police (and, in detective stories, were left around for the hero/villain to read...). The restaurant equivalent is no less intrusive. I believe that a restaurant employee (rather than the patron) should be the one to fill in the details, precisely in order to avoid the situation that you describe. The fact that the government is not directly involved is irrelevant; it is still a breach of privacy. What would your reaction have been if you saw your best friend's name there, along with the name of a woman who is not his wife?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows. -- 6079 Smith W.
I have visited many hotels where you fill in the guest book yourself. If the first blank line is far down on the page, you don't even have to turn the page to see the information of the 20-30 (or more) guests signing in before you. In Norway, each town council may restrict all sale of alcoholic drinks, like beer. One common such restriction is (was?) that you may buy beer as long as your name, address and time of purchase is logged by the seller and securely stored for ten years. This is so much hassle that most grocery stores will do it only for a crate at a time. So instead of buying yourself two cans of beer, you buy twentyfour. ... This was common in the Bible Belt (the south coast) at least into the late 1980s. Most towns realize that business loose a lot of money with such restrictions, and it really doesn't keep beer drinking down anyway. So today, the sale of beer has been liberated in most places. (One journalist made a story on checking whether there logs of beer buying was ever accessed by the police, but couldn't find a single case in all of modern history. So the logging was all wasted effort.)
-
Three weeks ago, the Norwegian public broadcaster (NRK) published a story: For 3500 euro (NOK 35,000), they bought "anonymous" tracking data for 140,000 smartphones for ten months of 2019, more than 400 million positions. The phne owner was not identified, but when data shows a phone located at the same location every night, you can look up in the phone direcory who lives there. You can see its location eight hours every weekday, revealing where the owner works. Look up the "suspect" in Facebook, and you can have your guesses confirmed (and hook it up to a lot more infor about the owner). The NRK guys picked one phone as a case study. They found the identy of the guy from were he slept and worked, and made a detail survey of his movements for more than half a year: Were he went with his family in the weekends, which restaurants he had been visiting. They saw that he had spent a lunch break to drive to the address of a competitor in the same trade (and a few weeks later, he started spending working hours at that location). NRK made contact with the guy, who was truly shocked by the detail level, but was willing to participate in a TV program to discuss the disclosures.(Maybe NRK had asked others that refused to participate; they obviously do not tell about that.). The data also identified several persons as army officers with the highest security clearance: Their phones were traced from their homes into the top security parts of a military installation. They also identified 8300 phones visiting hospitals, violence shelters etc. Most were clearly employees, but a fair share were temporary visitors, who e.g. arrived on a Friday night without returning to their normal residence until a couple of days later, possibly after a visit to the police station. (For obvious reasons, none of these were asked to participate in the TV program.) This story has caused quite some uproar, both in the military establishment, at the violence shelters, among politicians and common people. It is still hot in media, after three weeks. When you see how much can be deduced about your private activities from "anonymous" data that anyone can buy for a moderate sum of money, registering your phone number with the restaurant is like a drop in the ocean. As long as you carry your smartphone with you, anyone can buy information revealing how much time you spent there, how you traveled to the restaurant, where you spend the following night etc. In theory, you can deny GPS access to all apps. That could severely limit the app's
-
den2k88 wrote:
How does thei treatment of your data pertain to their ability to offer their service?
It is part of the rules for re-opening coming from above... They have to get the data to help in possible tracking of infection chains. Not really their fault / will.
den2k88 wrote:
Have they given you the GDPR informative? Did you sign the GDPR agreement for your data treatment with a clearly stated controller or processor, finality of use of data and lenght of time data are stored? Do they have in place adequate measures to restrict the access of data from not authorized people?
Of course not.
den2k88 wrote:
They are violating the hell out of the GDPR.
Yes, because they are doing it the comfortable way. Instead of thinking a bit.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
Nelek wrote:
It is part of the rules for re-opening coming from above...
So they don't need an explicit signature for data treatment (health and public health are exempt) but all the other points stand and could spell bankruptcy for any activity like that. Especially at the hands of competitors.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
data collected like this can be prone to misuse... next thing you know it might turn into a who to burgle next list...
Caveat Emptor. "Progress doesn't come from early risers – progress is made by lazy men looking for easier ways to do things." Lazarus Long
-
Nelek wrote:
It is part of the rules for re-opening coming from above...
So they don't need an explicit signature for data treatment (health and public health are exempt) but all the other points stand and could spell bankruptcy for any activity like that. Especially at the hands of competitors.
GCS d--(d+) s-/++ a C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- r+++ y+++* Weapons extension: ma- k++ F+2 X
den2k88 wrote:
but all the other points stand and could spell bankruptcy for any activity like that. Especially at the hands of competitors.
Yes, you are right.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
If a restaurant had that out for me to see I'd take a picture of it and send it to the GDPR enforcement folks. GDPR makes no distinction between paper and electronic data storage and that's a flat out violation of GDPR. Then I'd put in bogus information and walk out.
-
As a New normal, right now in Germany, when you dine in, you need to give your name, address and Phone number in the restaurants. I visited couple during weekends and yesterday and mostly they have ask Customers to fill in themselves in a log sheet. With so much noise about privacy issue , It was surprising that all personal details are available for all other customers to see!!! I just saw my colleague visited the same restaurant 2 hours ago. Here Privacy is not an issue because 1. Its not being tracked by govt all the time ? 2. Its not because we chose to dine in and so we give consent implicitly.
cheers,
Super
------------------------------------------ Too much of good is bad,mix some evil in it
Since cash is virtually dead in many places now (and likely to be killed off where it's already on life-support) surely a simpler "tracing" method that requires absolutely no additional data capture and already complies (in theory) with GDPR is for the tracing authorities to be able to trace via card payments?? The card issuer has the cardholder's name and billing address, transactions are time-stamped and available certainly for the timescales in question. True, in a multi-family party it may not track the non bill-payer, but for the purposes of contact tracing it should be possible for the traced person so share the info with the rest of their party. In fact it's better than a "signing-in" sheet because it will be associated with a table number, so that the location of the visitor within the establishment is known and one infected visitor need not result in the whole restaurant's clientele being quarantined.
-
Got a link to the story? (Doesn't matter if it's in Norwegian)
We won't sit down. We won't shut up. We won't go quietly away. YouTube, VidMe and My Mu[sic], Films and Windows Programs, etc. and FB
There are quite a few ... Avslørt av mobilen[^] - one of the first stories, with this guy that they traced and made contact with to "tell his story". Norske offiserer og soldater avslørt av mobilen[^] - about the military guys that were traced into the Rena military installation. Mobilsporing: 8300 mobiler sporet på sykehus og krisesentre[^] - tracing phones in hospital and violence shelters. Hofstad Helleland om mobilsporings-avsløringen: – Dypt urovekkende[^] - politicians' reactions to the disclosures. Datatilsynet opnar gransking etter NRK-avsløring[^] - The Norwegian Data Protection Authority reactions to the disclosures, and their (so far unsuccessful) attempts to get in contact with the company selling the data. Venstre-leder skremt: – Vi er ikke i stand til å sikre våre egne[^] - another politician's reactions to the revelations. Britisk datatilsyn starter undersøkelser etter NRK-avsløring[
