HashiCorp Vault - Transit Encryption

New Drupal Modules - 28 May 2018 - 7:00am

Provides an encryption method for HashiCorp Vault's transit secret engine, part of HashiCorp Vault suite.

Project introduction and documentation to come.


Development of this module takes place on GitHub.

Categories: Drupal

Fantasy Flight Announces 42nd Anniversary Edition of Cosmic Encounter

Tabletop Gaming News - 28 May 2018 - 6:00am
Some games have just been around forever, so it seems. And for many of you gamers out there, Cosmic Encounters has, essentially been around forever. It’s been around as long as you have, at least. Cosmic Encounters is celebrating 42 years as a game and Fantasy Flight is coming out with a new edition. … […]
Categories: Game Theory & Design

Specbee: Drupal CMS : A Success Factor for Better ROI for Online Businesses

Planet Drupal - 28 May 2018 - 5:08am

Businesses and enterprise organisations today are falling into a trap. A trap built around the ROI of their business. Return on Investment is a term in its own right, capable of flipping over businessmen and marketers who have worked decades to understand how the market functions. In the form of an age-old formula, it is still one of the key reliable ways to measure the effectiveness of business strategies and campaigns.

Categories: Drupal

HashiCorp Vault - Key Provider

New Drupal Modules - 28 May 2018 - 5:05am

Key storage provider for HashiCorp Vault suite.

Project introduction and documentation to come.


Development of this module takes place on GitHub.

Categories: Drupal

Microspid PASW

New Drupal Modules - 28 May 2018 - 4:39am

The Microspid module supports the italian, SAML-based, authentication protocol SPID.
For a full description of the module please read the italian readme file (

Categories: Drupal

HashiCorp Vault - Token Authentication

New Drupal Modules - 28 May 2018 - 3:49am

Token authentication provider for HashiCorp Vault suite.

Project introduction and documentation to come.


Development of this module takes place on GitHub.

Categories: Drupal

Persian Fields for Drupal 8.x

New Drupal Modules - 28 May 2018 - 2:23am

This module provides several fled types mentioned below:

  • Payment Card for Iranians
  • Iranian's mobile number
  • Iranian's phone number
  • Iranian's postal code
  • Iranian's melli code
  • Sheba number

Developers and Site Builder can use these module to have ready to use persian fields.

Sponsored by

Categories: Drupal Blog: AGILEDROP: Drupal for Mobile Solutions

Planet Drupal - 28 May 2018 - 1:19am
There’s little doubt that mobile internet usage has soared over the past two years. In fact, the number of mobile internet users overtook desktop users in 2016. It has, then, become imperative for website and business owners to cater to mobile internet users in order to avoid losing potential customers. Adhering to this trend, CMSs like Drupal and WordPress are being constantly updated to implement ways to keep them mobile-friendly. In this post, let’s take a deeper look at how Drupal is great for mobile solutions and why you should use Drupal for your mobile needs.   ‘Headless’ Concept If… READ MORE
Categories: Drupal

Social Auth Humanitarian ID

New Drupal Modules - 28 May 2018 - 1:10am

Social Auth Humanitarian ID provides Humanitarian ID integration for Drupal 8.

This module will allow users of your site to authenticate with Humanitarian ID. It is based on Social Auth and Social API projects.

Categories: Drupal

Troy’s Crock Pot: Summertime World Building

Gnome Stew - 28 May 2018 - 12:01am

World building for your campaign — whether it is for an ongoing series of adventures or just a few ideas percolating in your noggin — is always a fun exercise. Imagine a world different than ours and consider all the roleplaying possibilities.

Is this going to be a game set in a fanciful, magic-filled ancient world? Is this going to be the far-flung future where tech, blasters and intrigue rule? Is it going to be earth, but viewed with a squinty eye, with a series of alternate events that have shifted history somewhat?

Or maybe it is something else — a new game you’ve purchased that you want to apply to a landscape filled with mystery and unknown lands ripe for exploration?

For many of us, the stumbling block is “the map.” Every fantasy world needs a map, right? Drawing one to your satisfaction, however, might be an iffy proposition.

If you are looking for some options, consider these:

In bookstores now

So the current — that is June 2018 issue — of National Geographic has this double-page spread of “Future Earth.” Basically, a map of what the continents will look like once they’ve drifted back together again sometime 200 million years from now.

The map shows the next supercontinent, Pangaea Proxima. Looks like a great place to set adventures. (New Zealand appears relatively unchanged, however, which is good news for hobbits, I suppose.)

Some of it is pretty cool. I’m particularly taken with the projection that my former home in the Pee Dee region of South Carolina — swampy lowlands of note — will boast the highest point on earth once the North American and African plates collide creating the newest mountain range. And the Atlantic Ocean will become a big lake.

If you are into real estate speculation with a particularly long view, I’d start buying up parts of Antarctica.

Now, keep in mind, it might not be the most pleasant landscape. Earth’s climate gets wonky whenever the continents drift together, essentially creating a single world-ocean. In fact, looking at this map, almost the entire world will be in the equatorial zone. Hot, sticky jungles and fierce deserts. Find some fresh water and settle in as best you can.

Setting all that aside, though, this map is ready to be carved up into feudal kingdoms, or if you are of a sci-fi bent, one-world government districts. And if your players are truly adventurous, you might consider exploring the area that isn’t on this map — that big blue ocean. I wonder what big fishes are out there?

Give ’em the boot

This trick is an oldy, but a goody. Turn that atlas page on it is side. Abracadabra, alakazam, it’s a continent-sized “world” map worthy of setting your fantasy world.

I’m particularly fond of the boot of Italy and Sicily as a playground for world building. The north coast of Africa can serve as the exploration touchstone of your “new world” across that narrow sea while the length of Italy can be your “old world.” Just change the scale and set the equator somewhere and you are good to go. Just remember, that’s a continent-sized landmass you’re staring at, not one of the great nations of Europe.

The beauty of this is you’ve got mountains, rivers and coastlines perfectly and sensibly arranged, leaving you with the fun part of making up nations, histories and adventuring locales. And because there is an ocean, you’ve got pirates. Every setting needs pirates. (Well, maybe not every setting, but most of them …)

Beware the barbarian invaders of the north islands (Corsica and Sardinia), I’m sure they are a proud, fierce people with swift boats who love to raid the mainland. Or maybe the twin islands are a land of dwarves and elves being exploited by the mainland? Or maybe giants and dragons live there and they generally eat any visitors? It’s up to you.

The other bonus of using a map like this? Place names. Maybe not all of them, and not in the exact location as their real world counterpart. But if you’re at a loss for finding a suitable name for a point on your map, well, you can do worse than the range of names on this map. In the four corners you’ve got Hammamet, Epipal, Levice and Copyright Rand McNally and Co., Surely, at least one of those is serviceable. And, there’s a ton more in between.

Ice, ice baby

I would be remiss if I didn’t suggest a map by Martin Vargic (JaySimons on, a Slovak artist who does jaw-dropping cartography.

My recommendation? The World – Ice Age, a global map showing expanded coastlines from about 14,000 BCE. For my money, it’s worth it to see northern Europe, the British Isles connected by Doggerland to the mainland, and the hop-skip-and-jump from Iceland, Greenland and North America.

Run this without mile-high glaciers (or do, if adventures beyond “The Wall” are your thing) and this has all sorts of amazing potential. New kingdoms, new ambitions, new religions. Maybe the Nordic sagas are the predominant faith? Or the beliefs of the North American eastern tribes? So many possibilities, so many adventures.

Another great locale on this map? The Sahara dotted by fertile lands and fresh-water lakes. Imagine the possibilities of such a landscape as the hub of African peoples, cultures from so many rich traditions and ages mingling and co-existing.

Other “new lands” your players will be eager to explore? How about the land bridges? There are lands connecting Australia to southeast Asia, Russia to Alaska and Japan to the Korean peninsula. And though there are gaps, the Caribbean Islands are much closer to Florida, Yucatan peninsula, Cuba and the Bahamas, which have beefier coastlines.

The beauty of maps like these for exploration games is that “things aren’t as they ‘should’ be” — but close enough to our present reality to be recognizable and still contain a sense of mystery.

And a map like this works for any type of game — not just one set in an ice age. A world of the near-future or even far-future works equally well, especially if you form new nations and new superpowers from what the map provides. Queensland, using the area around “Lake Carpentaria” as a base, could be the world’s new superpower. You never know.

Credits: “Future Earth,” National Geographic magazine, June 6, 2018 issue. “Italy,” Reader’s Digest Wide World Atlas, fourth printing, July 1984. The World-Ice Age, JaySimons, and


Categories: Game Theory & Design

Fuzzy Thinking: Favorite Magic Items

RPGNet - 28 May 2018 - 12:00am
Fuzzy beer accessories.
Categories: Game Theory & Design

DrupalEasy: Roadtrip(s)! Learn DDEV with us this summer at an event near you

Planet Drupal - 27 May 2018 - 3:59pm

This summer, we're taking the all-new "Upgrading your local development environment with DDEV" lesson from our 12-week Drupal Career Online class and bringing it with us as we visit three different Drupal events around the USA. At each event, we'll be presenting it as a full-day workshop at no- or (very) low-cost to event attendees.

If you're looking to move your local development environment to a more modern solution, then we believe this workshop is exactly what you're looking for. DDEV is a Docker-based environment built on modern principles and designed to be flexible, customizable, and powerful. 

We have been using DDEV with our current Drupal Career Online students, and are confident that our workshop is providing the skills they need to use it as their day-to-day local environment. The workshop (and DDEV) is designed for developers on Mac OS X and Windows 10 Pro - at the end of the day, you'll have the confidence you need to make the switch.

In addition to the full-day of training, you'll also leave with access to our 20+ page workshop handout (PDF) as well as access to all of our DDEV-related screencasts.

So, if you're interested in making the change, be sure to sign up for one of our in-person workshops this summer!


Categories: Drupal

CKEditor JS Plugins

New Drupal Modules - 27 May 2018 - 2:57am

This module will add new plugin buttons which will provides various JS user interface i.e. Collapsible Text, Tabs, Accordion Tabs, Tooltip etc.

Categories: Drupal

Colorfield: Drupal 8 progressive decoupling with React

Planet Drupal - 27 May 2018 - 1:42am
Drupal 8 progressive decoupling with React christophe Sun, 27/05/2018 - 10:42 Progressive decoupling and ES6 support on Drupal 8 are definitely gaining some momentum. After having tested several methods to make use of React within Drupal, I had a look a the React Comments module, that provides a self contained, standard and developer friendly way to get started with React. It has been derived in a repository to have a kind of boilerplate to run tests on and a demo that loads article nodes from a JSON API endpoint.
Categories: Drupal

Entity save and delete Directly

New Drupal Modules - 26 May 2018 - 9:29pm
Categories: Drupal

Review Roundup

Tabletop Gaming News - 26 May 2018 - 11:00am
Weeeekeeeeeeeend! Woo! Time to get out there and get some gaming in. What kind of gaming? Doesn’t really matter, as long as you’re out there having fun. But if you’re really stuck for a game idea, perhaps these reviews can help. Today we’ve got: Darwin’s Choice, Star Wars: Rebellion, Majesty: For the Realm, Time Barons, […]
Categories: Game Theory & Design

Vendor Stream Wrapper

New Drupal Modules - 26 May 2018 - 1:09am
Module Overview

Drupal and Composer working together is great for management of external libraries, that can be integrated into Drupal sites. It is a good practice to have the /vendor directory outside the webroot, and this is what the Drupal Composer template does. The problem with moving the vendor out of the webroot however comes when trying to provide public URLs to files in the /vendor directory, such as CSS or JS files that are part of an external library.

Categories: Drupal

Flood ByPass

New Drupal Modules - 25 May 2018 - 10:51pm

This module helps in login attempt as many times as required, because this module bypasses the flood service of drupal. So that a user may attempt unlimited tries to login in drupal.

This module is best suited in cases where there is a requirement to bypass flood system of Dupal.

Categories: Drupal

Lullabot: Making Legacy Sites More Performant with Modern Front-End Techniques

Planet Drupal - 25 May 2018 - 3:00pm

Earlier this year Lullabot was engaged to do a redesign of Pantheon’s homepage and several landing pages. If you’re not familiar with Pantheon, they’re one of the leading hosting companies in the Drupal and WordPress space. The timeline for this project was very ambitious—a rollout needed to happen before Drupalcon Nashville. Being longtime partners in the Drupal community, we were excited to take this on.

The front-end development team joined while our design team was still hard at work. Our tasks were to 1) get familiar with the current Drupal 7 codebase, and 2) make performance improvements where possible. All of this came with the caveat that when the designs landed, we were expected to move on them immediately.

Jumping into Pantheon’s codebase was interesting. It’s a situation that we’ve seen hundreds of times: the codebase starts off modularly, but as time progresses and multiple developers work on it, the codebase grows larger, slower, and more unwieldy. This problem isn’t specific to Drupal – it’s a common pandemic across many technologies.

Defining website speed

Website speed is a combination of back-end speed and browser rendering speed, which is determined by the front-end code. Pantheon’s back-end speed is pretty impressive. In addition to being built atop Pantheon’s infrastructure, they have integrated Fastly CDN with HTTP/2.

80-90% of the end-user response time is spent on the front-end. Start there. – Steve Souders

In a normal situation, the front-end accounts for 80% of the time it takes for the browser to render a website. In our situation, it was more like 90%.

What this means is that there are a lot of optimizations we can make to make the website even faster. Exciting!

Identifying the metrics we’ll use

For this article, we’re going to concentrate on four major website speed metrics:

  1. Time to First Byte – This is the time it takes for the server to get the first byte of the HTML to you. In our case, Pantheon’s infrastructure has this handled extremely well.
  2. Time to First Paint – This is when the browser has initially finished layout of the DOM and begins to paint the screen.
  3. Time to Last Hero Paint – This is the time it takes for the browser to finish painting the hero in the initial viewport.
  4. Time to First Interactive – This is the most important metric. This is when the website is painted and becomes usable (buttons clickable, JavaScript working, etc.).

We’re going to be looking at Chrome Developer Tools’ Performance Panel throughout this article. This profile was taken on the pre-design version of the site and identifies these metrics.

undefined Front-end Performance with H2

HTTP/2 (aka H2) is a new-ish technology on the web that governs how servers transfer data back and forth between the browser. With the previous version of HTTP (1.1), each resource request required an entire TCP handshake that introduced additional latency per request. To mitigate this, front-end developers would aggregate resources into as few files as possible. For example, front-end developers would combine multiple CSS files into one monolithic file. We would also combine multiple small images, into one “sprite” image, and display only parts of it at a time. These “hacks” cut down on the number of HTTP requests.

With H2, these concerns are largely mitigated by the protocol itself, leaving the front-end developer to split resources into their own logical files. H2 allows multiplexing of multiple files under one TCP stream.  Because Pantheon has H2 integrated with its global CDN, we were able to make use of these new optimizations.

Identifying the problem(s)

The frontend was not optimized. Let’s take a look at the network tab in Chrome Developer Tools:


The first thing to notice is that the aggregated CSS bundle is 1.4MB decompressed. This is extremely large for a CSS file, and merited further investigation.

The second thing to observe: the site is loading some JavaScript files that may not be in use on the homepage.

undefined Let's optimize the CSS bundle first

A CSS bundle of 1.4MB is mongongous and hurts our Time to First Paint metric, as well as all metrics that occur afterward. In addition to having to download a larger file, the browser must also parse and interpret it.

Looking deeper into this CSS bundle, we found some embedded base64 and encoded SVG images. When using HTTP/1.1, this saved the round-trip request to the server for that resource but means the browser downloads the image regardless of whether it's needed for that page. Furthermore, we discovered many of these images belonged to components that weren’t in use anymore.

Similarly, various landing pages were only using a small portion of the monolithic CSS file. To decrease the CSS bundle size, we initially took a two-pronged approach:

  1. Extract the embedded images, and reference them via a standard CSS background-image property. Because Pantheon comes with integrated HTTP/2, there’s virtually no performance penalty to load these as separate files.
  2. Split the monolithic CSS file into multiple files, and load those smaller files as needed, similar to the approach taken by modern “code splitting” tools.

Removing the embedded images dropped the bundle to about 700KB—a big improvement, but still a very large CSS file. The next step was “code splitting” the CSS bundle into multiple files. Pantheon’s codebase makes use of various Sass partials that could have made this relatively simple. Unfortunately, the Sass codebase had very large partials and limited in-code documentation.

It’s hard to write maintainable Sass. CSS by its very nature “cascades” down the DOM tree into various components. It’s also next-to-impossible to know where exactly in the HTML codebase a specific CSS selector exists. Pantheon’s Sass codebase was a perfect example of these common problems. When moving code around, we couldn't anticipate all the potential visual modifications.

Writing maintainable Sass

Writing maintainable Sass is hard, but it’s not impossible. To do it effectively, you need to make your code easy to delete. You can accomplish this through a combination of methods:

  • Keep your Sass partials small and modular. Start thinking about splitting them up when they reach over 300 lines.
  • Detailed comments on each component detailing what it is, what it looks like, and when it’s used.
  • Use a naming convention like BEM—and stick to it.
  • Inline comments detailing anything that’s not standard, such as !important declarations, magic numbers, hacks, etc.
Refactoring the Sass codebase

Refactoring a tangled Sass codebase takes a bit of trial and error, but it wouldn’t have been possible without a visual regression system built into the continuous integration (CI) system.

Fortunately, Pantheon had BackstopJS integrated within their CI pipeline. This system looks at a list of representative URLs at multiple viewport widths. When a pull request is submitted, it uses headless Chrome to reach out to the reference site, and compare it with a Pantheon Multidev environment that contains the code from the pull request. If it detects a difference, it will flag this and show the differences in pink.


Through blood, sweat, and tears, we were able to significantly refactor the Sass codebase into 13 separate files. Then in Drupal, we wrote a custom preprocess function that only loads CSS for each content type.

From this, we were able to bring the primary CSS file down to a manageable 400KB (and only 70KB over the wire). While still massive, it’s no longer technically mongongous. There are still some optimizations that can be made, but through these methods, we decreased the size of this file to a third of its original size.

Optimizing the JavaScript stack

Pantheon’s theme was created in 2015 and made heavy use of jQuery, which was a common practice at the time. While we didn’t have the time or budget to refactor jQuery out of the site, we did have time to make some simple, yet significant, optimizations.

JavaScript files take much more effort for the browser to interpret than a similarly sized image or media file. Each JavaScript file has to be compiled on the fly and then executed, which utilizes up the main thread and delays the Time to Interactive metric. This causes the browser to become unresponsive and lock up and is very common on low-powered devices such as mobile phones.

Also, JavaScript files that are included in the header will also block rendering of the layout, which delays the Time to First Paint metric.


The easiest trick to avoid delaying these metrics is simple: remove unneeded JavaScript. To do this, we inventoried the current libraries being used, and made a list of the selectors that were instantiating the various methods. Next, we scraped the entirety of the HTML of the website using Wget, and cross-referenced the scraped HTML for these selectors.

# Recursively scrape the site, ignore specific extensions, and append .html extension. wget http://panther.local -r -R gif,jpg,pdf,css,js,svg,png –adjust-extension

Once we had a list of where and when we needed each library, we modified Drupal’s preprocess layer to load them only when necessary. Through this, we reduced the JavaScript bundle size by several hundred kilobytes! In addition, we moved as many JavaScript files into the footer as possible (thus improving Time to First Paint).

Additional front-end performance wins

After the new designs were rolled out, we took an additional look at the site from a performance standpoint.


You can see in the image above that there’s an additional layout operation happening late in the rendering process. If we look closely, Chrome Developer Tools allows us to track this down.

The cause of this late layout operation down is a combination of factors: First, we’re using the font-display: swap; declaration. This declaration tells the browser to render the page using system fonts first, but then re-render when the webfonts are downloaded. This is good practice because it can dramatically decrease the Time to First Paint metric on slow connections.

Here, the primary cause of this late layout operation is that the webfonts were downloaded late. The browser has to first download and parse the CSS bundle, and then reconcile that with the DOM in order to begin downloading the webfonts. This eats up vital microseconds.


In the image above, note the low priority images being downloaded before the high priority webfonts. In this case the first webfont to download was the 52nd resource to download!

Preloading webfonts via resource hints

What we really need to do is get our webfonts loaded earlier. Fortunately, we can preload our webfonts with resource hints!

<link rel="preload" href="/sites/all/themes/zeus/fonts/tablet_gothic/360074_3_0.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/sites/all/themes/zeus/fonts/tablet_gothic/360074_2_0.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/sites/all/themes/zeus/fonts/tablet_gothic/360074_4_0.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/sites/all/themes/zeus/fonts/tablet_gothic/360074_1_0.woff2" as="font" type="font/woff2" crossorigin> <link rel="preload" href="/sites/all/themes/zeus/fonts/tablet_gothic_condensed/360074_5_0.woff2" as="font" type="font/woff2" crossorigin> undefined

Yes! With resource hints, the browser knows about the files immediately, and will download the files as soon as it is able to. This eliminates the re-layout and associated flash of unstyled content (FOUT). It also decreases the time to the Time to Last Hero Paint metric.

undefined Preloading responsive images via resource hints

Let’s look at the Film Strip View within Chrome Developer Tools’ Network Tab. To do this, you click the toolbar icon that looks like a camera. When we refresh, we can see that everything is loading quickly—except for the hero’s background image. This affects the Last Hero Paint metric.


If you we hop over to the Network tab, we see that the hero image was the 65th resource to be downloaded. This is because the image is being referenced via the CSS background-image property. To download the image, the browser must first download and interpret the CSS bundle and then cross-reference that with the DOM.

We need to figure out a way to do resource hinting for this image. However, to save bandwidth, we load different versions of the background image dependent on the screen width. To make sure we download the correct image, we include the media attribute on the link element.

We need to make sure we don’t load multiple versions of the same background image, and we certainly do not want to fetch the unneeded resources.

  <link rel="preload" href="/<?php print $zeus_theme_path; ?>/images/new-design/homepage/hero-image-primary--small.jpg" as="image" media="(max-width: 640px)">   <link rel="preload" href="/<?php print $zeus_theme_path; ?>/images/new-design/homepage/hero-image-primary--med.jpg" as="image" media="(min-width: 640px) and (max-width: 980px)">   <link rel="preload" href="/<?php print $zeus_theme_path; ?>/images/new-design/homepage/hero-image-primary--med-large.jpg" as="image" media="(min-width: 980px) and (max-width: 1200px)">   <link rel="preload" href="/<?php print $zeus_theme_path; ?>/images/new-design/homepage/hero-image-primary.jpg" as="image" media="(min-width: 1200px)">

At this point, the correct background image for the viewport is being downloaded immediately after the fonts, and this completely removes the FOUT (flash of unstyled content)—at least on fast connections.


Front-end website performance is a constantly moving target, but is critical to the overall speed of your site. Best practices evolve constantly. Also, modern browsers bring constant updates to performance techniques and tools needed to identify problems and optimize rendering. These optimizations don’t have to be difficult, and can typically be done in hours.

undefined Special thanks

Special thanks to my kickass coworkers on this project: Marc Drummond, Jerad Bitner, Nate Lampton, and Helena McCabe. And to Lullabot’s awesome designers Maggie Griner, Marissa Epstein, and Jared Ponchot.

Also special thanks to our amazing counterparts at Pantheon: Matt Stodolnic, Sarah Fruy, Michelle Buggy, Nikita Tselovalnikov, and Steve Persch.

Categories: Drupal

Agaric Collective: Embracing Data Privacy

Planet Drupal - 25 May 2018 - 2:05pm

With Europe threatening $25,000,000 fines and Facebook losing $80,000,000,000 of stock value, are you paying attention to data privacy yet? If millions and billions of dollars in news headlines never grabbed you, maybe you've noticed the dozens of e-mails from services you'd forgotten ever signing up for, declaring how much they respect your right to control your data. These e-mails are silly and possibly illegal, but they nonetheless welcome us to a better world of greater privacy rights and people's control of their own data that we web developers should embrace.

The huge potential fines (for large companies, the sky's the limit at four percent of global revenue) come from the European Union's General Data Protection Regulation, and they signal that the GDPR is more than a suggestion. If you're not a European-based company, the European Union does not intend to discriminate: You're still liable when citizens of member states use your services or are monitored by you.

Don't lose sleep for Facebook's wealthy stockholders. That sizeable dip in Facebook stock was not due to the impending GDPR enforcement, but came in the wake of the Cambridge Analytica scandal. Since then, the privacy-invading monopoly so many rich people are betting on regained its market cap and then some. (GDPR-related lawsuits are just starting.)

There's a lot of good resources for GDPR-proofing existing sites (see the bottom of this article); the work ranges from trivial for most sites to monumental tasks for web developers who, fortunately for me, aren't me (and who have finished their labor, I hope, as GDPR enforcement took effect today).

The fun and exciting part starts when we get to build new sites or new features on existing sites and from the beginning put privacy by design into practice (which also is in the law). And yes, I'm referring to complying with a continental government's regulations as fun and exciting.

This goes well beyond an organization's web site, of course. Web developers may be the ones to introduce it to organizations, though, so we should be prepared. Here's the gist.

Organizations must request any personal data in clear and plain language describing the specific pieces of information and how it will be used, such that consent can be given freely and unambiguously through an affirmative action.

This means you need to be always thinking of why you are collecting information, and not collecting information you don't need at all, and deleting any personal information you no longer need. You can collect nearly anything if you get clear consent, but if you have a legitimate business interest for the data you collect, you'll have even fewer requirements, and the people who use your site or service will have a smoother experience.

You further need to allow people to export their personal data, to rectify inaccurate data, and to challenge decisions you make on the basis of their personal data. If you don't have a legitimate business interest for the data (or it's overridden by people's rights), then you must also provide a mechanism for people to erase their data.

If your business interests involve spying, lying, or trying to manipulate people into bad financial, personal, and political decisions— maybe re-think your business. At the very least, try to avoid becoming part of the infrastructure for a police state.

It's GDPR day, a wonderful opportunity to think ethically, and explore another way to put your customers, clients, or constituents first!


From most thorough to most practical.

Categories: Drupal


Subscribe to As If Productions aggregator