Stop Killing Games' success won't be just a success for customer rights, it could make a great precedent for European democracy.

That's why I suggest we make an European Citizens' initiative against encryption backdoors, bans, or any similar privacy violations.

We can call it Stop Killing Encryption.

The amount of automated content and fake engagement online lately is honestly crazy.

Makes me wonder what social media will look like in a few years.

Not trying to start a privacy panic, genuinely curious about how teams think about this.

Most big collab platforms (Slack, Teams, Google Workspace) are US-based cloud products. For a lot of companies that's totally fine. But I keep seeing more and more cases where it's not:

• Companies in regulated industries (fintech, healthtech, legal).
• EU businesses dealing with GDPR in practice, not just on paper.
• Any team where a client contract says "data must not leave X jurisdiction".

The market is finally responding - there are now tools that offer actual on-premise deployment or EU-hosted infrastructure as a real product feature, not an enterprise add-on that costs 3x more.

What's the actual situation in your industry? Is data residency something your team has ever discussed when evaluating tools, or does it just not come up?

TLDR; possible reasons for why age verification wouldn’t have been needed for specific sites only, no vpn, using incognito mode?

(For purely educational reasons!) Me and someone else tried to access Pornhub (also I think XXXVidoes?) with our mobile phones using same WiFi at the same time, and not using a VPN, snd in incognito mode. Both of us received the notice “are you above 18?”.

When he clicked yes, he got through and saw all PornHub content. When I clicked yes, I was required to age verify to continue. However, when he clicked on a couple different porn sites immediately after, he also was blocked from entry. (If his phone was accidentally in a VPN, wouldn’t those sites have been accessible too?)

Also, for incognito mode. Does that mean if he previously age verified Pornhub in incognito mode, he would have to reverify again every time he opens Pornhub in incognito mode? Or would the age verification just be done once on Pornhub, and not needed for any future access to that specific site?

(Also, would it make a difference if he had previously age verified in non-incognito mode, and then used incognito mode to access Pornhub?)

Any explanations, thanks! Could be he has previously age verified for the site, but just didn’t want to admit. Or something else?

The title, essentially. I want to sort of completely disappear from all social media. I've started with reddit for now because it's the most available to me atm but I also have various meta accounts, google accounts, accounts in games and game platforms, the whole shebang. I've been deleting manually my posts and comments on reddit but I remember that most companies now hold copies of your data for a certain time period. How could I request these backups be deleted and if there are other archives of my posts and content I've uploaded elsewhere on the internet how could I go about locating them and requesting deletion of my content if possible? TIA! 🙏

Especially when it's sites from outside of the EU, like the US-based ones, which care about your privacy even less.

I don't mind paying, as long as the provider of the number is trustworthy enough. Not trading one data broker for another.

Thank you in advance for any recommendation!

If yes, what part feels the most unclear or painful right now: scope, technical requirements, documentation, or ownership? My company has started an official timeline for getting compliant with the act but no one is actually sure where to start.

https://archive.is/mjBFW

Examples: An employer running some algorithm against your social media, or your SCHUFA in Germany.

Apparently it has the potential to reach a lot of people? My private profile has nothing on it (no pictures, no information, no interactions, no posts), and every privacy setting I know of is already set tothe strictest possible. I don`t use the apps or marketplace.

I barely use my facebook account, but I need it for work, in order to use business manager. Is there any setting I can disable to spare me from needing this so-called extra security (which I suspect is just an excuse to, once again, try to demand me to upload my official photo ID to them)?

Rumors say Google might use browser fingerprinting for tracking. Perplexity wants to sell hyper-personalized ads, and uBlock Origin is mostly dead. I’m scared of a dystopian future for privacy, and I don’t want that “hyper-personalized ads” to become normalized.

Are there any good news?

Hello,
As the title but, I know about chat control 2.0 but past that I am unsure if there is anything else to potentially worry about.

I learned about GDPR and my rights here which are great.

I am in the process of moving to more private services and also getting off US services.

But is there anything else I can do to either help or be more private?

Thanks!

I'm trying to enact the "right to be forgotten" here in Europe to an account I no longer have access to. Yet I cannot even contact Facebook in any way, nor do they have any customer support, at all. I'm trying to prove my identity to them and explain my situation but I can't for the life off me find anywhere to establish contact despites hours of research. Terrible company.

Any help would be much appreciated.

The council vote/discussion/whatever was supposed to take place today at 10:00. Does anyone have any info about how it went? I can't find anything anywhere.

Hello, ​This is a bit of a niche problem, but I think I’m in the right place, or at least targeting the right audience. ​I am currently developing an online game that will include a section that can be quite 'hot,' if not very. It will mostly consist of text, challenges, stories, etc., but I’d like to filter access to these parts to protect younger users. ​There are many existing techniques based on uploading photos, videos, ID cards, or having a third party (like tax authorities, for example 😅) certify that you are of legal age. This seems very cumbersome to use, and ultimately, I don’t think anyone wants to do it—nobody likes sharing their photo or personal data online with a more or less unknown site. ​Anyway, do you know of an effective way to do this? On the sites you visit, have you come across a solution that works well for you? ​Or should I just stick with a simple 'Are you of legal age? Yes/No' 😁"

Hi everyone,

I’m looking for a sanity check on compliance for an upcoming app launch.

The Setup:

• Entity: Based in the EU.

• App: Primarily offline, but connects to the network for payments.

• Data Model: User data stays on-device.

• Analytics: We want to collect basic usage/product improvement data.

The Technicals of the Analytics:

• First-party only: No third-party SDKs (e.g., no Firebase/Google Analytics).

• Custom/In-house: Proprietary collection logic.

• Self-hosted: Data is sent to our own EU-based servers.

• Privacy-centric: No PII collected; no data sharing or secondary use.

My Understanding:

Under the ePrivacy Directive (Article 5(3)), the "strictly necessary" exemption is interpreted very narrowly.

**My understanding** is that because analytics are for my benefit (product improvement) and not strictly necessary for the service the user requested (the app’s core offline function), **I am legally required to show a consent banner** before any data leaves the "terminal equipment" (the device).

This seems to apply even though the data isn't PII, as ePrivacy protects the integrity of the device itself, not just personal data.

My Questions:

1. Strictly Necessary: I’m aware of the CNIL (France) exemption for specific audience measurement tools. However, since my business is EU-based and launching globally, how do other DPAs (like the German BfDI or Spanish AEPD) view this? Is there an "EU-wide" configuration for self-hosted analytics that is generally accepted as strictly necessary, or is the consensus still "if it's for the dev's benefit, it needs a banner"?

2. Global Reach: If my company is in the EU, but the user is in the US using my app:

• Does the ePrivacy Directive (Article 5.3) follow my company (EU-based entity), requiring me to show a banner to the American user?

• Or does it only apply to "terminal equipment" located within the EU?

1. Conflict of Laws: If a user is in a jurisdiction with "Opt-out" rules (like California/CCPA) but my business is in an "Opt-in" jurisdiction (EU), which standard prevails for a global app?

2. 2026 Context: Are there any recent EDPB guidelines or "Digital Omnibus" updates that have softened the stance on first-party analytics?

Any insights or recent case law would be greatly appreciated.

Hello!

I'm afraid to sound naïve, but I haven't found much info on these two seemingly simple problems:

• Does Microsoft log user input, even when telemetry is turned off?
• Does an open-source input method exist for Windows for Latin keyboards, for example?

To preempt one obvious answer of "it doesn't matter, because Linux has open-source no-telemetry input": I've switched to Linux recently and am enjoying its input options, but I haven't made the change on my main PC yet. If possible, I'd like to keep on using Windows, mainly for gaming and software compatibility (at this point). I'm also using a debloated version where every telemetry-looking option should be turned off already. For example, for Japanese input, I just built Mozc, and it works well, just like on Linux. What about English etc.? Thank you for any help in advance!

Hey guys,

Not sure if this has been asked before but I couldn’t find any related threads. Does anyone know if there are alternatives to Privacy\.com that work for European users? After what has happened with Endesa and many more companies I really need debit card and phone number "aliases" so I don’t have to give my real info to anyone.

I’m new to this, so any tips or suggestions would be super helpful!

Thanks!

I am looking for confidential email for everyday and long-term use. I am unable to use Proton Tuta and other popular services because they are blocked in my country. I have gained access to Vivaldi Webmail. Please tell me how good it is?

and what are the other stages that the law has to go through before it gets fully implemented can they stop it or at the very least minimise the damage it causes

What can we do apart from calling our european representatives ?

I've noticed a few website use this "consent or pay" method. Surely, this can't be fully legal?

Recently I’ve started to look into degoogling my apps after seeing a couple of posts about what kind of security measures people take in order to get their data back. Here’s some examples of what I mean:

• About google password managers, check the comments
• No data privacy with Google products, also check the comments
• Overall, why you should degoogle your life.

I have already made a switch to a different browser, email platform, file storage situation, and now I’m looking for a password manager recommendations. I need something affordable, easy to use, and that would have a data breach feature (just in case).

I’ve seen one user’s post with a password manager comparison, which seems to be the most popular one, and other reviews seem to agree with the ratings. NordPass, Zoho Vault, and Roboform are quite cheap, so maybe one of these would work?

Maybe anyone has made the switch from google password manager to any other? Maybe you have some other brands to recommend, or insights on the transfer process?

I am really required to use microsoft teams in a huge meeting that will be recorded. I don't want microsoft or someplace else to store my voice biometrics when the microsoft account is already tied under my real identity real name. Is buying some cheap microphone the best way to counter that?

Is there a way to use a voice changer that doesn't really show I am using one, just enough to affect the voice print? I've seen microphones having some built in hardware for changing voice, maybe something like that would help. These are the same people I will be meeting physically, so my voice should not sound that different or else it will get suspicious.

What would be the best approach and also not embarrass myself? I don't know if the technology is that advanced and I am just being paranoid.

I’ve been working on an app to balance video presence with visual privacy in video meetings (e.g., remote work, study groups, or social calls).

The idea is "virtual frosted glass"—where participants are mutually visible (as through the physical glass) and are frosted by default with the ability to gradually unfrost others if they agree. This aims to:

• Reduce the pressure of being "on camera" while maintaining a sense of presence.
• Give users confidence that one-way viewing is impossible.
• Give users control over their visibility (frosted/unfrosted).

Key privacy features:

1. Mutual video: Only people who enable their camera can see others. Like real glass: No one-way viewing.
2. Frosted by default. Even when visible, you appear behind frosted glass. Others see your presence but not the details of what you are doing.
3. Click to Unfrost. Click to gradually unfrost a user.
4. Confirm Unfrost. You decide if you will be unfrosted or not.

The basic idea is to recreate the physical frosted glass for video conferencing, meaning mutual visibility and frosting by default.

Questions for you:

1. Does this sound like a useful privacy tool, or are there risks I’m overlooking?
2. Would default frosting (+ opt-in unfrosting) address common concerns about video meeting fatigue/privacy for you?
3. Are there existing tools you prefer for this use case?

Thanks for your thoughts!

For those interested, the app is called MeetingGlass.