EU-US Privacy Shield

  1. 2 years ago

    Tomas J

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    My biggest customer is warning me, that he won't use any XOJO made Software in 2018 as long as XOJO Inc. is not certified for EU-US Privacy Shield: https://www.privacyshield.gov/list

    @XOJO Staff: Any information on this topic?

  2. James D

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Switzerland)

    You need to educate your client! Data sharing has nothing to do with the language an application is written. Unless for some bizarre reason your client intends to share his data with the XOJO corp. it makes no sense.

  3. Greg O

    16 Aug 2017 Xojo Inc

    @Tomas J My biggest customer is warning me, that he won't use any XOJO made Software in 2018 as long as XOJO Inc. is not certified for EU-US Privacy Shield: https://www.privacyshield.gov/list

    @XOJO Staff: Any information on this topic?

    How about filing a feature request so we can have it looked at properly.

  4. Tomas J

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    @James D You need to educate your client! Data sharing has nothing to do with the language an application is written. Unless for some bizarre reason your client intends to share his data with the XOJO corp. it makes no sense.

    It's not so bizarre. It's about rights and trust. They use Xojo IDE to review code and making fine adjustments I am adopting back into the software (creating compiled software with my license). I can't tell you much more but their policy is set, no chance to "educate" anybody.

  5. James D

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Switzerland)

    At what point are they an EU entity sharing data with a US entity? Or better still how are they handling JavaScript, HTML, CSS etc.

  6. Sascha S

    16 Aug 2017 Pre-Release Testers, Xojo Pro Germany, Lower Saxonary

    @James D My biggest customer is warning me, that he won't use any XOJO made Software in 2018 as long as XOJO Inc. is not certified for EU-US Privacy Shield

    If it's a really big Company, Thomas may not be able to discuss this Topic with them. And if they say they won't allow any Software made with Frameworks not certified within the Shield, Thomas may be out of luck.

    BTW: I once worked in a big CallCenter Company and was allowed to create Tools for our (so called) Agents, with Xojo (REALbasic back then). From time to time, i had to deal with new restrictions or a simple "No, not like this". There were People i could talk to about those restrictions, but never had a chance to be involved in such descisions. I just had to deal with them... ;)

  7. Tomas J

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    @Greg OLone How about filing a feature request so we can have it looked at properly.

    done...

  8. Tomas J

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Germany)

    @SaschaSchneppmueller There were People i could talk to about those restrictions, but never had a chance to be involved in such descisions. I just had to deal with them..

    Well, I am afraid I am too small for this...

  9. James D

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Switzerland)

    @SaschaSchneppmueller If it's a really big Company, Thomas may not be able to discuss this Topic with them. And if they say they won't allow any Software made with Frameworks not certified within the Shield, Thomas may be out of luck.

    The point is that you can't certify a framework nor any other software for that matter because that is not what it is about. A company can be certified as meeting the requirements, but unless you are actually going to share data with them it makes no difference.

    To be come certified XOJO will need to look at its business practices, the way it stores and processes personal data and so. And possibly make changes to the way they do business. And that includes all our registrations etc... expecting all that 'cause someone's client got it wrong is a big ask.

    And yes I've had plenty of experience of having to sit down with corporate lawyers in big companies to explain to the just how wrong they had got on topics such as open source licensing, data protection etc.

  10. Sascha S

    16 Aug 2017 Pre-Release Testers, Xojo Pro Germany, Lower Saxonary

    I am on your side @James D, but if @Tomas h no chance to change their mind, he needs an answer to his question.

  11. Julian S

    16 Aug 2017 Pre-Release Testers, Xojo Pro UK

    Seems odd, are they going to ask Free Software Foundation Inc to join for the use of gcc ? You'd be hard pressed to use any computer without the inclusion of that.

    Are they going to stop using their computers because Intel isnt on the list, and their BIOS might be sharing data *gasp*... or gigabyte/asus etc depending on the mobo vendor.

    Unlucky Tomas.

  12. Norman P

    16 Aug 2017 Xojo Inc, Pre-Release Testers, Xojo Pro Seeking work. npalardy@great-w...
    Edited 2 years ago

    @Tomas J My biggest customer is warning me, that he won't use any XOJO made Software in 2018 as long as XOJO Inc. is not certified for EU-US Privacy Shield: https://www.privacyshield.gov/list

    @XOJO Staff: Any information on this topic?

    Its not clear to me from this post whether they are worried about
    1) information the IDE might send back to Xojo Inc. ?
    2) information that an app COMPILED with Xojo might send somewhere ? Since the framework DOES NOT send anything back to us or anyone else - you would have to write the code to do that and then its not Xojo thats involved.
    3) information saved on Xojo cloud hosted servers ?

  13. Tomas J

    16 Aug 2017 Pre-Release Testers, Xojo Pro Europe (Germany)
    Edited 2 years ago

    @Norman: 3) is not a factor. I guess it's a combination of both 1) and 2) but more 2) in particular. I am not a law expert nor I am able to discuss this topic. It's more "eat or leave". My rough guess: They try to minimize any possible legal infringements. They already have sources and using free IDE internally. But their admins and developers are not allowed to buy nor to use it in the future if the legal stage or foundation (EU Privacy and Data Protection laws) is missing.

  14. Norman P

    16 Aug 2017 Xojo Inc, Pre-Release Testers, Xojo Pro Seeking work. npalardy@great-w...
    Edited 2 years ago

    #2 wont involve Xojo inc in any way since the framework won't just send data randomly to anywhere
    If its not in your code then data doesn't get sent anywhere. Period.

    The privacy shield framework is to
    lay out a set of requirements governing participating organizations’ use and treatment of personal data received from the EU

    Since there is no information sent from whatever software YOU write & give them to use there's no reason they need Xojo Inc to register for this
    We're literally "not involved" as far as I can tell - at least not because of whatever software you give them

    However IF you're sending them source code instead of compiled executables and they RUN this code in a free copy of the IDE , which is what your post made it sound like, then they could be insistent.
    Send them compiled binaries & Xojo is out of the picture entirely since there's no personal data received by us (unless you're sending it in your software?)

    Or just have them opt out of sending us any data.

  15. Christian S

    16 Aug 2017 Pre-Release Testers, Xojo Pro, XDC Speakers Germany

    I think the thing is that Xojo Inc. could just declare that they conform.
    As you don't do bad things (as far as I know), there is nothing needed to change, just to say you do thing correctly.

  16. Edited 2 years ago

    I believe Christian is right. An organiztion can "self-certify" and the "Privacy Shield Principles" are here:

    http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision-annex-2_en.pdf

    Basically, clearly state you are not doing anything bad, make it easy to contact someone when concerns arise, etc. Just a cursory read, but it didn't strike me a very difficult to do.

  17. Norman P

    16 Aug 2017 Xojo Inc, Pre-Release Testers, Xojo Pro Seeking work. npalardy@great-w...

    @ChristianSchmitz I think the thing is that Xojo Inc. could just declare that they conform.
    As you don't do bad things (as far as I know), there is nothing needed to change, just to say you do thing correctly.

    Its not as simple as declaring you comply
    There's a fair bit of bureaucracy and fees to get registered

  18. Christian S

    16 Aug 2017 Pre-Release Testers, Xojo Pro, XDC Speakers Germany

    Well, some things needs to be done.
    Like the stuff I went through to become registered supplier for parts of USA and Canadian governments.

  19. You make your apps, what data they send- or don't send- is entirely up to you. We don't control/direct/see it whatsoever.

    With that said, if it does somehow impact you- favorite the case that was filed: Feedback Case #49182 If there's enough interest or demand, we'll consider it.

  20. Thom M

    16 Aug 2017 Pre-Release Testers Greater Hartford Area, CT

    Reading between the lines here, I think @Tomas J is a contractor for this client. He writes the code, but it sounds like the client has their own copy of Xojo where they can build, edit, and so on. Since the client is not willing to use Xojo any longer themselves, Tomas cannot either.

  21. Newer ›

or Sign Up to reply!