[WEB SECURITY] Closing web sites due to legislation

MustLive mustlive at websecurity.com.ua
Tue Jun 19 16:50:20 EDT 2012 

Pavol!

> EU legislators will do it using tax payers money. That's a big difference.

Good remark. They want to spend tax payers money for creating new
bureaucratic institution aka "cookies police" :-) for fining these people
(tax payers). If teaching people for their own money (i.e. teaching that
there is a law and people must not forget about it) in some cases can be
acceptable (there are a lot of paid education in this world and "fines
system" is using the same paradigm), then creating for tax payers additional
headache, time wasting and new taxes (fines) can't be acceptable.

> (OK, in the recent year I became a really big euro-skeptic).

This year I've already met and spoke with euro-skeptics (even "official
course" of Ukraine is euro-integration). Particularly I mean my brother,
with whom I've long conversation in the beginning of the year on
"euro-skeptic" topic, after that case with Hungary president. Which was
kicked out from his post by EU politicians (of course covertly, officially
it was due to "plagiarism"). And when yesterday I've heard in the news about
the same "plagiarism" scheme with Rumania prime minister - it didn't made
me wonder :-). The same political SWATing tactics (such political
pranking) - exposing of disagreeable politics.

Nobody DDoSed government sites of these countries or hacked their web sites
to make defacement or put some "plagiarism" to their sites, but they
revealed plagiarism from the past - which considered as more effective
attack to kick them from their post. This is very different approach from
methods of hacktivists. But let's finish with politic and back to web
security topic ;-).

> Yes. And that will be a reason why many big portals will just move outside
> of the EU because of expensive or stupid regulations.

Concerning this aspect, Pavol, I'll remind you, that in my first publication
I've wrote, that "as stated in Internet, this law affects any web
site targeting an EU audience". In this sentence I've referenced to web site
http://silktide.com/cookielaw. The author of this web site in his article
and in comments to his YouTube video about Cookie Law wrote, that domain and
hosting location is irrelevant, but location of the company is important.
I.e. it's enough to have web site targeting an EU audience (per se any site
on official language of any EU country can be such one) and to have
registered business in EU to fall down under this law. So if owners of big
portals will move their domains/hostings outside of the EU, but leave their
offices inside it, then they still will be under EU jurisdiction.

Best wishes & regards,
Eugene Dokukin aka MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

----- Original Message ----- 
From: "Pavol Luptak" <pavol.luptak at nethemba.com>
To: "MustLive" <mustlive at websecurity.com.ua>
Cc: <websecurity at lists.webappsec.org>
Sent: Saturday, June 16, 2012 10:37 PM
Subject: Re: [WEB SECURITY] Closing web sites due to legislation


Hi,

On Tue, Jun 12, 2012 at 11:50:23PM +0300, MustLive wrote:
> I agree with all your argumentation, Pavol (those aspects which you
> referred to security, similarly can be referred to privacy). Just
> will add the note concerning forcing people.
>
> From one side, forcing is not very acceptable way, but from other side
> it's
> needed to remind people - to change current nihilistic situation. And in
> my
> opinion for security it must be more active, then for privacy. So forcing
> people, in non-aggressive and peaceful way, i.e. by reminding (like
> reminding about holes at websites or in webapps, as I'm doing for more
> then
> 7 years) can and should be done. And much more for security, then privacy
> (and this EU law concerns only privacy, so "as always they forgot about
> security").

Yes, but you are doing it on your own using your own time and money.

EU legislators will do it using tax payers money. That's a big difference.

> Interesting rhetorical question: does any country in EU can to not
> implement
> this law, because of "not well-thought law", "people are protesting" or
> "there are no money for implementation" (aka "financial crisis"). I
> understand that it's obligatory for every member of EU (I've wrote it
> rhetorically), but anyway some prudence can be made, like it was done in
> UK.
> So I wish for every country in EU to implement this law harmlessly. And
> there are a lot of other interesting laws, about which I'll write soon.

Yes, that's because the EU is not about people's opinions and their needs,
but about high-level politicians and their interests.
(OK, in the recent year I became a really big euro-skeptic).

Pavol
-- 
______________________________________________________________________________
[Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel:
+421905400542]

More information about the websecurity mailing list