@neil yes, been trying to wrap my head around the mess of OSA and how it applies to some community site and some of our products. Especially related to multi-tenant apps. We'll see how the webinar goes, but I'm not hopeful.
@intrbiz @neil There are soooo many edge cases that the law almost certainly covers, but which generate more questions than answers.
All the presentations so far have been aimed at businesses with legal and compliance departments.
Nothing yet for (what must be the majority of in-scope) services run by individuals and volunteers.
As a small business, wanting to do the right thing. It's being made very hard by the guidance being produced.
I just want a short list of things I need to implement, rather than 1000s of pages of unclear text to wade through.
My current approach is just to assume we're going to fall into this mess of an act and implement what we need too.
But I honestly can't help but think it's a very poorly written act.
@intrbiz @neil I was getting very worried when they apparently didn't want to expand the exemption for business internets to non-business groups who limit the users of their service.
Sounded too rigid, but I suppose that's what the law says. Business intranets are exempt, other organisation intranets are not exempt. My family NextCloud instance therefore comes under the act.
But the "show willing, show that you've considered the risks, and you'll be fine, even if we disagree with your assessment at any point" was a small amount of reassurance...
@intrbiz @neil Do the online tool, and download their (not very good) Word template for recording your thoughts. Fill in as best you can.
Unless you host terrorist communication, or deal in porn, or similar, I think you should be Good then.
"Show willing" was the general message for low risk services.
Hopefully more on that, so we can minimise the compliance burden, tomorrow.
IANAL
@Fonant @neil
The other fun one, I've been wondering on is mailing-lists with a web UI.
It seems there are some exceptions for email providers, but I get the impression this is more meant to exempt email sending services.
Yet a mailing list, were people can email other members, which is then also archived online. Seems another edge-case between the gaps.