According to the Data Protection Act 1998:

Personal data should only be processed fairly and lawfully. In order for data to be classed as 'fairly processed', at least one of these six conditions must be applicable to that data (Schedule 2).

1. The data subject (the person whose data is stored) has consented ("given their permission") to the processing

Well you might say, that's just English law. What does Europe say about this?
The European Court of Human Rights states that:

The data subject has the right to be informed when his personal data is being processed. The controller must provide his name and address, the purpose of processing, the recipients of the data and all other information required to ensure the processing is fair. (art. 10 and 11)

Data may be processed only under the following circumstances (art. 7):

- when the data subject has given his consent

WTF reads those warnings and disclosures anyways?
Just shut up and stop putting your credit card numbers in your private messages.

Wait, you actually think PMs are private? You can trust sealed letters and mouth-to-mouth, but someone will always have access to your electrical "P"Ms. Deal with it.

"....at least one of these six conditions...."
Only mentions one.

This eventually comes to any online forum, of course the mods have access to them.
Just don't send personal information via PM.

Trust me the Mods reach is far deeper than PMs, I've left a message complaining about such stuff on my answer phone and expect a reply shortly.

I also find it worrying that the mods might even be watching us while we watch TV:
http://www.bbc.co.uk/news/technology-25018225

Interesting point SYnapse. I have no idea about the jurisdictions here, you might be right that we need to put in a warning, or at least it would be wise.

I seem to remember that US legislation has a phrasing such as a 'reasonable expectation' of privacy, which for example a recent GMail case brought to attention. I'll leave it to y'all to debate whether or not you have a 'reasonable expectation' of privacy with PMs or not.

@Maniac the answer to your answer phone query: yes. But dont worry, he'll find a horse's head in his bed tomorrow.

Well as it's called "private" messaging.... there again you are using a moderated website...

I guess there should be a little T&Cs message/page that should cover this sort of stuff.

Probably so.
Though would you expect Facebook private messages to be unreadable by Facebook employees?

I shouldn't expect them to access my PM's unless there had been a formal complaint about harassment or whatever. Even then, its questionable as someone can make any kind of false allegations, and they have a block feature as we do.

And you think the mods do, just for fun?

Thx MoW

For the record everything in my underpants is private, I assume everything I type in my phone, laptop etc can be accessed by "The Elites" and other lessor mortals.

Well, to be clear, only admins can access the PMs, mods cannot.

They are usually only accessed during formal researches such as, shall we say, when people set up an non-anon gunboat and then explicitly ask the mods to keep an eye out for people who cheat by circumventing the press rules. I think it's safe to say that at a moment like that you should have a 'reasonable expectation' of being examined, wuldnt you agree?

@Maniac that first part of your statement is not entirely true - you left your webcam on last night.

Anyone with an expectation of private messages on a privately owner web site is a fool. Individuals with privately owned cells phones (company provided) have already been shown in courts of law that none of what they do on their company-owned cell phones is private - their "personal" text messages, email, web habits, etc. You are on a privately owned web site - you have zero right to privacy here.

I do agree MoW, however it's more the fact that this isn't stated in the rules of signing up, which makes it potentially a grey area.

I really hope most people don't think this is a big deal. This is a privately owned website that is free and requires no personal information to register. Furthermore, the code is completely open source. Personally, if find well-documented code much easier to understand than a legal ToS.

Compare this to what sites like Facebook or Google do, even with a ToS, and you'll see this isn't a big deal. We aren't selling or sharing anyone's information.

If someone really does feel violated, I do apologize; that certainly wasn't our intention. We're just trying to keep the site free from cheaters.

abgemacht
webDip Ombudsman

Why do I feel like somebody's watching me, and I get no privacy?

For anyone who doesn't understand the laws in question like SYnapse, they only apply to sites or corporations that are processing or revealing your data. We do not process or reveal your data in any way. I would like to refer everyone to my post the other day about expectations of privacy that seem to falsely exist about the internet.

"@Al, I personally make an effort to let people who advocate for internet privacy know that it's just not realistic. The reason I do it isn't to be hostile, it's to help people understand what they should expect from online services.

The reason I say it's not realistic is because the internet isn't bound to any one countries laws. It's a global web, that spans billions of people. There has never been an information exchange option on this scale before, and it was designed to encourage access to information. Adding in privacy options takes away from the purpose of the internet, to make everything accessible online. Now information security is obviously important, but it has to be limited. Securing even bank information has become a monumental task because there is no such thing as an unbreakable firewall. With enough time and resources there is no such thing as secure content online. Ask the NSA, despite the best efforts of the most talented Computer Specialists information always gets out, because restricting it goes against the design of the internet.

When you sign up for an online service with an internet provider, with google, with facebook, etc, they don't promise or give false expectations of protecting your data. People just assume that their information will be secure, which is the problem. Companies like google and facebook can offer their services freely because they make money off you your information. They make money off of analyzing what you do, what you like, who you are, and how to effectively advertise and get relevant information to you as a consumer. Now they don't want any harm to come to their consumers so they generally try pretty hard to restrict access to very personal information (addresses more specific then a town, and credit card information), but everything else is game and nets them a profit. They also have to weigh the cost of adding additional layers of protection to your data against the knowledge that if someone really wants the information they can find a way to get it.

The other issue preventing secure online information regulations is lawmakers. You have laws being made by old men and women who don't understand how the internet works, who couldn't tell you how to find a subnet address off of a network, and who don't even understand where information on the internet is stored. The same goes for judges who are making rulings on anti-intrusion methods. For example, one of the most effective methods of catching hackers is a honeypot. A honeypot is effectively putting a fake network inside your companies firewall for the sole purpose of tricking hackers into accessing it. It's designed to detect ALL intrusions and since no one at your company will access it you know any intrusion is a hacker. So it's essentially like putting a trap in your house in the room closest to the front door. Everyone in the house knows not to go there, but a robber will go in and get caught. The problem, some old judge who doesn't know anything about the internet decided it sounds like entrapment and ruled them inadmissible in court in the US.

The lack of knowledge, and the inherent design on the internet make any expectation of privacy online unrealistic."

That's all well and good Jmo, but it's not factual. Websites are bound by the laws of the country they are hosted in. I presume for Kestas this is either European or U.S. law.

Data about persons cannot be taken without their consent, implicit or explicit in both these jurisdictions. It is being stored on his server and is subject to storage of information laws.

It is easily argued that for example your forum posts are implicitly public, but private messages would be considered private by reasonable persons.

Google, Facebook etc. have very length T&C pages it's just that nobody bothers to read them. You will find virtually any issue about data on Facebook is covered in their terms.

Have you even read the law you are quoting? The only part of the site that could possibly fall under EU law is the use of cookie codes. You think you're the first person to bring this up? This site has been around for years, the legal implications have been completely investigated. Please stop posting before your expose your complete ignorance on the topic.

Google, Facebook, etc have T&C because they process/and sell your data. That is why the laws affect them. It does not apply to sites that don't use or give out your information.

All I'm saying is that Kestas should consider putting a:

By signing up to this site, you agree to our Terms & Conditions.

Which one of them would be: moderators can access your private messages in the course of moderating the website.

And you emailed him that suggestion yesterday, so why did you decide to try and be an alarmist and incite other forum members over a non-issue?

SYnapse -- if you ever read one of those, remember that your only recourse is to either quit the place or don't sign up at all if you don't like the policy. So of course you may quit at any time.

"why did you decide to try and be an alarmist and incite other forum members over a non-issue?"

I was only joking lol. Did you see the part where I said mods are watching you watch TV?

"Do you send private information about yourself via PM? Mods have access to those. Are you concerned, like I am, that there is no warning when you make an account that you may be monitored?"

That's not a joke, try again, and give honesty a shot this time!

"Are you concerned, like I am"

I really think you need to get out more Jay Em Oh, if you can't read the subtle humour in that tone. I really think you eat sleep and breathe keeping the streets of webDip safe from villains like me