It appears that someone at (ISC)2 has decided to Tweet links to Community discussion threads in Twitter:
https://twitter.com/ISC2/status/1025383344970846209
I don't recall giving anyone at (ISC)2 permission to quote me outside of the Community site.
Did every member who took part in the CPE thread give permission for (ISC)2 to expose them on Twitter like this?
All are in the twitted thread.
Thanks for bringing this to our attention Cragin.
No, we shouldn’t be tweeting content out using the great amplifying network without asking folks.
I don’t see many problems with a person tweeting one or two things outfits asking for permission, but this is a bit much as identities are not anonymised, kills debate etc.
i think we should have a chat with the mods.
@Early_Adopter wrote:i think we should have a chat with the mods.
Oh, we have. Believe me, we have. It's been mentioned. Frequently. (You can, in fact, search for those discussions via Google.) So far without any particular result.
(Wait. Let me Google that for you.)
But, go ahead and have a chat with the mods, if you wish ...
@CraginS wrote:I don't recall giving anyone at (ISC)2 permission to quote me outside of the Community site.
All are in the twitted thread.
"Twitted." I like that. (No, sorry, trademark infringement. I "kudo" that.)
Anyway, no, I certainly didn't give explicit permission to be quoted. Mind you, apparently we all gave implicit permission to be quoted, and have ISC2 do anything they please with whatever we post here. At the bottom of this, and every other page on the site, it states "All contents of this site constitute the property of (ISC)², Inc."
(Then again, careful examination of the timestamps on this post and that post could probably prove that I had posted already knowing what ISC2 was doing, but you'd have to have admin access to get that level of detail ...)
Of course, we could always move to the CISSPforum, where it's more private ...
(And more fun ...)
We haven't explicitly consented, but this may be covered by their Privacy Policy.
(I confess, I didn't bother reading the policy before accepting it)
I suppose a justification from (ISC)2 would throw some light on this...
@Shannon wrote:We haven't explicitly consented, but this may be covered by their Privacy Policy.
Nah. That's on the main site. And it states:
And we are on another site, and it's probably run by a third party.
@rslade hmm, I took a break from the internet in general a for a while why that was going on so missed it- it’s a nice try, but I don’t think that ISC2s stance will pass muster in terms of a GDPR compliant privacy notice, though given the current shenanigans around elections and influence I don’t even think the EU is the biggest issue - just wait till we see what Facebook gets served up by the FTC, it’s got to be larger than the EU judgement over android and chrome against Google otherwise it will look weak. We might even end up with a Federal Privacy a couple of yours down the road if only for the reason of annoying California via pre-emption of its nice new law (as a British subject I of course hasten to say that I do not have a dog in any confrontation between rebellious former colonies :P).
However the main issue as I see it for Cragin might be the use of his IP, most of us here are in some way public personas, so the fact that it is googleable might not be such a big thing(signature blocks and all), but the use of well structured and nuanced posts vs say more journalistic hipshooting might be vexing.
I’d say that a chat with the mods is still a good thing - we can always trot off somewhere else, if it doesn’t work and if it’s still a biggie for folks they can Breakout a couple of bottles of Schrems3000TM, though I’d always rather pick-up the phone, or corner some folks at congress.
Hello everyone,
As it has been mentioned, this area of the Community and a large portion of the Community, in general, is publicly available. Within our Website Access Policy, which can be found here, the section about User Contributions covers this topic. It states “Any User Contribution you post to the site will be considered non-confidential and non-proprietary. By providing any User Contribution on the Website, you grant us and our affiliates and service providers, and each of their and our respective licensees, successors, and assigns the right to use, reproduce, modify, perform, display, distribute, and otherwise disclose to third parties any such material for any purpose.”
The idea behind sharing Community content across our social channels is to help grow the Community with more of your cybersecurity colleagues and to help show the vast amount of helpful information that the Community contains. For example – this post that was shared is helpful to all members of (ISC)² find ways to obtain the necessary CPEs for their given credential(s) for free. Seeing as there are some great options listed here, we wanted to help circulate this to a larger audience for more of our members to be aware of.
I know that some of you take issue with the Community being publicly available and searchable on search engines like Google; however, I wanted to touch on why we have it this way. We have left a large potion of this site publicly available and searchable because we believe that the information shared within the Community is helpful to the advancement of not only the profession but also of the contributors to the threads within the Community. We have started creating private areas in the Community, as most of you know, under the Groups Category for any conversations that you might not want to make public. If you are interested in expanding the private areas in the Community, we are happy to hear your ideas on what types of areas you are looking for.
Thank you,
I went to post my disclaimer and found a new limitation on the "community."
"Message cannot exceed 20,000 characters."
Try # 2 - first appeared to be marked as spam... hmm
I quote quote:
"Any User Contribution you post to the site will be considered non-confidential and non-proprietary. By providing any User Contribution on the Website, you grant us and our affiliates and service providers, and each of their and our respective licensees, successors, and assigns the right to use, reproduce, modify, perform, display, distribute, and otherwise disclose to third parties any such material for any purpose.”
Use this however you like: ISC2 has become a marketing machine, that appears to be concerned with 2 things - making money, and making more money - apparently on the backs of the membership it should be serving.
Basically this might as well be FaceBook - except - oh wait - we pay for this service. But apparently that doesn't matter to ISC2, they have to have the right to do whatever they want with our contributions.
Just our of curiosity, how exactly does the above web policy of ISC2 fit with the organizations own Canons?
Certainly no protecting anyone (particularly members) I don't see taking blatant advantage of every member, and taking control of anything and everything they post, to use as you see fit on the Canons anywhere. I certainly don't see any of this as advancing the profession - frankly I find it irritating and more than a little embarrassing, professionally speaking. It most certainly is not acting honorably, nor justly - unless you want to claim the huge expense of this unnecessary, lightly customized, off the shelf web portal justifies ISC2 using anything herein however they please (not to mention allowing affiliates, etc, use of the posts, however they please.) Would clients be principals? Would members be principals? I'd like to think in this case they would be - so that ones out the door too, as this is certainly not being diligent nor competent with our data.
ISC2 has basically become a joke, and unless something drastically changes I for one will not be renewing a useless cert, marketed by an organization that seems to care little to nothing about its members, as long as it gets the renewal fees.
Disappointed,
-d