Join us FREE, we're FREE to use
Web's largest swingers site since 2006.
Already registered?
Login here
Back to forum list |
Back to Swinging Club Discussion |
Jump to newest |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"Never had a facial image requested for membership yet " Think that is for the 'elite' ones like KK | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"Never had a facial image requested for membership yet Think that is for the 'elite' ones like KK" I think la boudoir ask for one too. | |||
Reply privately | Reply in forum | Reply +quote |
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"No because the only info I have supplied to a club is in the public domain anyway, name and address which can be found on the census, voting register to name a couple." But having your name on the electoral roll just says you are over 18, not in prison and capable of returning a form. Having your name on a hacked membership list from a swinging club is surely potentially more interesting. To employers, employees, children, parents etc? To say nothing of blackmailers and extortionists (who were in abundance after Ashley Maddison, apparently). | |||
Reply privately | Reply in forum | Reply +quote |
"I'm not aware of any "Legal" requirement to record a picture. Name and address, yes, but not an image. I believe the clubs/groups asking for an image use it to separate the "lookers" from the "non-lookers" as part of their sign up process. Make of that what you will. " But there is no requirement (correct me if I am wrong) to store the name and address on a computer? Connected to the internet? I think this is something that is happening more often and I wondered if anyone apart from us was concerned about the risks of one of these clubs being hacked? It is going to happen sooner or later, because it is clear that none of the clubs have got much more than the vaguest grasp of security. | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"Wow - what an enticing subject line! (Sorry) We have been swinging for several years now, in the UK and abroad. So far as I can see only in the UK is it necessary to provide id to visit a club. As I understand it the obligation on the UK club owner is to register someone at least 24 hours before they attend, and then check their id on entry. This information must be stored (but so far as I know, only on paper). Naturally the clubs want to be efficient and these days that means storing the data on computer. Some clubs are collecting the data (including face photos) on unenrcypted connections (http rather than https) and then storing it on machines connected to the internet. Everyone will have heard about what happened at Ashley Maddison, TalkTalk and others. It is surely only a matter of time before a club has their database hacked and their member's data published on the internet. Our view is that while we would love to be completely open about the lifestyle we choose it is never going to happen, particularly while we have young children. Others have jobs that would be hard to maintain if they were 'outed' as swingers. Is this an issue that concerns anybody else? Our worries about some clubs knowledge of security is starting to restrict the clubs we can visit, which is annoying. S & H" The data protection act applies to all personaly identifiable information even if it is just on paper, most ID theft occurs within the organisation, not by hackers, that is why you rarely hear about it. | |||
Reply privately | Reply in forum | Reply +quote |
"There are some assumptions in the OP that personally I've seen seen evidence of. No club has my photo, unless they've got cctv - and that can't be cross referenced to anything that identifies me. I've no evidence that personal details are a) entered into into computer at all B) not held securely C) in any way contravening the DPA OP, I'm all for sensible caution. I just don't think it's achieved by exaggeration and/or assumption." a) There are at least two UK clubs who ask for personal data on their websites b) My concern is that _nobody_ holds data securely. And given that TalkTalk - a major ISP - have recently been hacked what chance is there that it would be hard to hack the site of one of the sites mentioned in a) (neither of whom even follow the most basic precaution of using SSL on their website) c) I am not saying that anyone is breaching the DPA. Just that sooner or later someone will almost inevitably be hacked. And that data is potentially valuable. You could call this exaggeration or assumption. Or you could visit www.troyhunt.com and find out that this kind of thing is happening all the time. Sometimes to companies who even know what they are doing. And then you might call it sensible precaution. | |||
Reply privately | Reply in forum | Reply +quote |
"The data protection act applies to all personaly identifiable information even if it is just on paper, most ID theft occurs within the organisation, not by hackers, that is why you rarely hear about it." You are quite right. But a disgruntled employee will find it easier to walk out of club that stores the data on a computer with a flash drive than they will to walk out of a place with old fashioned paper-work carting a filing cabinet, surely? | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"A club's website not having ssl is not proof that my personal details are inevitably compromised, in my view." Indeed, but it does mean that the information is transmitted in the clear, and can be intercepted at this point, before it even reaches the club. It also shows that the club has very little understanding of security. "Nevertheless, instead of arguing about whether there's a problem or not, what's the solution?" Storage of everything that legally has to be factual on paper in a locked filing cabinet (certainly there is still some risk here, but _much_ less when all the data can be put in your pocket on a flash drive. And all electronic communication can be done using 'burner' email addresses (gmail / hotmail etc). Still imperfect for a number of reasons, but a good start, and _way_ better than where things currently seem to be headed, don't you agree? | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"So how is that to be enforced? " No enforcement is necessary. If the issue is raised by enough people then the clubs will see it as in their interest to do the "right" thing and then perhaps even use it to differentiate themselves (though it isn't really a competitive enough market for that to mean much). Some clubs are already low risk as their processes are pretty old. Sadly from the data security point of view these are becoming fewer. I have only begun to worry in the last few months - before that everything seemed to be stored on scraps of paper in shoe boxes. Which may not be fire-proof or efficient, but it is pretty hard to paste onto the internet! Recently our caution has caused problems with a couple of the newer clubs, and we have not felt happy enough with their security to want to join. I am just worried that one day there won't be any clubs we will have enough confidence in to be members of - and that would make us very sad. | |||
Reply privately | Reply in forum | Reply +quote |
"No because the only info I have supplied to a club is in the public domain anyway, name and address which can be found on the census, voting register to name a couple. But having your name on the electoral roll just says you are over 18, not in prison and capable of returning a form. Having your name on a hacked membership list from a swinging club is surely potentially more interesting. To employers, employees, children, parents etc? To say nothing of blackmailers and extortionists (who were in abundance after Ashley Maddison, apparently)." You missed my point, if a club I have given my public info gets hacked then the only information that gets released is my name and address. That is all, there is no proof that I have ever attended a club, I could simply say they got my name and address from the voter register. | |||
Reply privately | Reply in forum | Reply +quote |
"You missed my point, if a club I have given my public info gets hacked then the only information that gets released is my name and address. That is all, there is no proof that I have ever attended a club, I could simply say they got my name and address from the voter register." Right. Well while that _may_ constitute reasonable doubt in a court of law I am not sure why they would chose your name and address out of that huge database. Also, as has been discussed, in some cases clubs insist on identifiable face photos, which cannot be gleaned from the electoral roll). And driving licence / utility bill scans etc etc. Obviously this only matters to people with families / jobs where exposure would be a problem. It sounds like you aren't worried, which is probably the case for many people on here. I was just interested to see if anyone else was. | |||
Reply privately | Reply in forum | Reply +quote |
"You missed my point, if a club I have given my public info gets hacked then the only information that gets released is my name and address. That is all, there is no proof that I have ever attended a club, I could simply say they got my name and address from the voter register. Right. Well while that _may_ constitute reasonable doubt in a court of law I am not sure why they would chose your name and address out of that huge database. Also, as has been discussed, in some cases clubs insist on identifiable face photos, which cannot be gleaned from the electoral roll). And driving licence / utility bill scans etc etc. Obviously this only matters to people with families / jobs where exposure would be a problem. It sounds like you aren't worried, which is probably the case for many people on here. I was just interested to see if anyone else was." Well in that case maybe using the search function on here will bring up the thread from a couple of weeks back where exactly this was discussed. | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"ok, if a swingers club has 'private members club' status, then they must hold details about their members. It is favouable for clubs to have this status as they are then granted some benefits (sex and nudity) and are excluded from some legislation. The information that they must take is first name, last name and address. Some ask for either an email or phone number too. The details should be entered onto a form (electronic or paper) by the member and it should have a short statement of what the info is used for and how it will be handled. There is NO legal requirement OP for the info to be provided 24 hours in advance of attendance. That is rubbish and some clubs do this purely for their own ease when booking so many people in. There is also NO legal requirement for storage of a photo of each member..Some clubs do this and they have their reasons for doing so, but it certainly isn't a legal one! I only know of a couple of clubs that have an online membership process, the rest ask for form filling on the way in and some (like ourselves) transfer that info on a database which is kept on an external hard drive. This is kept off the premises, is non identifiable as being linked to the club, is kept locked away and only one person has access to it...me. We and other clubs are bound by the data protection act and the better ones are registered with ICO...I'll let you look that up. If the club is running as a private members club and is enjoying the benefits that come with it, they should be doing this....by law!!! Otherwise, they will come upstuck. One of the benefits is being able to charge couples and ladie less than guys. Anywhere else, this would be direct discrimination on gender grounds, but a private members clubs is allowed to charge less for couples and ladies as an incentive to bring in more people. If a club was reported for charging unfairly AND they didn't have a member database, they are not a members club and would be right up shit creek. I've said it loads and some places are still not taking membership info....it just takes one person to report them then it will start a catalyst on the rest of them. Taking member info is also a men of protection for everyone on the premises. We have found that we have less trouble in the club as people are less likely to be troublesome when they know we hold their info!! Hope I have helped and not confused matters Vicky xx Townhouse " | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"...big snip... Hope I have helped and not confused matters Vicky xx Townhouse " Absolutely. You have certainly helped / corrected our understanding of the legal requirements. In addition you have brought the issue of clubs not registered with ICO (which is illegal and may indicate a general lack of awareness about other data-related good practice). It sounds like your processes are comparatively good from the point of view of having data splurged all over the internet (you could encrypt the drive, if you haven't already done so). Sadly you are much too far away from us, for us to come and visit. The other thing your post has done has made it absolutely clear how far beyond the legal requirement many clubs are going by collecting data electronically (I know there aren't many at the moment, but I suspect the practice will become more widespread unless an effort is made to stop it) and by collecting and storing (in a convenient electronic form) data that is not required. We are concerned - are we alone? | |||
Reply privately | Reply in forum | Reply +quote |
"Well in that case maybe using the search function on here will bring up the thread from a couple of weeks back where exactly this was discussed." I did a search, and didn't find anything abut this (did find quite a lot about the site security on Fabswingers, but on this site you are not compelled to give anything personally identifiable, so it is not really a concern). If you have a moment could you provide a link to the thread you referred to? Thanks in advance. | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"Never been I'd or asked for membership and we've been to a few " Wouldn't you worry that if something happened in the club there would absolutely no way of contacting anyone? Not very safe (for anyone) if you think about it? | |||
Reply privately | Reply in forum | Reply +quote |
"I'm not concerned, if you are concerned do not attend " Quite. And that is an option we chosen to exercise recently. But it means we are missing out on fun and the clubs are missing out on revenue, so it seems sub-optimal. If it is just us missing out on fun, and only our revenue the clubs in question are missing out on then it isn't a significant problem. Unless there are many other people who would be concerned if they knew enough about the risks to recognise it as a potential problem. | |||
Reply privately | Reply in forum | Reply +quote |
"Never been I'd or asked for membership and we've been to a few Wouldn't you worry that if something happened in the club there would absolutely no way of contacting anyone? Not very safe (for anyone) if you think about it?" And it appears that if this is not a private club (which it certainly isn't if it isn't fulfilling the requirements) then it is also in breach of discrimination legislation if it is charging more for single males than single women. | |||
Reply privately | Reply in forum | Reply +quote |
"Never been I'd or asked for membership and we've been to a few Wouldn't you worry that if something happened in the club there would absolutely no way of contacting anyone? Not very safe (for anyone) if you think about it?" Your personally safety is down to you and your partner, if you don't feel safe at a venue then leave and ask for a refund, if they refuse call the police & the council they'll soon wise up xx | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"Interesting discussion as indeed we never stop learning something everyday and this kind of feedbacks are of unquestionable benefit to Private Members Clubs. I believe those clubs more open to most require some forms of ID to protect their members in case something went wrong it's imperative to know the identity of who did what. In our case because we use a vetting criteria we do not ask any forms of ID but a recent clear face and full body picture. We do get some members who would not wish to disclose their true identity and that suit them very well, but for the safety of our members, if something went wrong we want to be in a position to have their face picture, age, height and body type to recognise who did what. The full body picture is purely to make sure that they take good care of themselves which is one of our requirements to join, this can either be fully clothed, in swim wear or naked (at the discretion of our members) however if their face is not shown on a naked body this will protect them from being used against them! I could not agree more with what has been said about data protection and we cannot be ever too careful, but all what they would get from our members is an email address (most of them use a dedicated email anyway) and a name as they wish to be called at the club with a face picture which information can be easily defended in case of data protection failure. One last point I would like to make though is that its about time that UK got over the Victorian times in 21st Centuries and Swingers like the Gay society started to come to terms that we are another sexual minority, perhaps a highly sexual but nevertheless a minority and we should be respected as such There is absolutely nothing wrong whatsoever for adults to meet up in clubs to socialise and possibly or hopefully get involved in consensual sex activities between other like-minded people and we should protect our rights for this is a free country and we need our own clubs to socialise! Clubs owners are constantly under threat and so much pressure to be closed down or with huge difficulties in opening better quality clubs because there is always someone somewhere who does not approve what we do and therefore we 'swingers' are more discriminated because we worry too much about who we are and what we do behind the closed doors when its nobody business and it shouldn't be! I would like to see more unity, respect, support and cooperation between us swingers and come out of the closet to help clubs owners and subsequently provide club owners with a better position to help the libertine lifestyle." | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"..most require some forms of ID to protect their members in case something went wrong it's imperative to know the identity of who did what.....In our case because we use a vetting criteria we do not ask any forms of ID but a recent clear face and full body picture. We do get some members who would not wish to disclose their true identity and that suit them very well, but for the safety of our members, if something went wrong we want to be in a position to have their face picture, age, height and body type to recognise who did what." So here you appear to be saying that in order to identify who was present at your club in the event of some unspecified incident, the body photos which include face would be sufficient. I am not sure I entirely agree with this, but in the event of some kind of urgent investigation where people need to be identified (a food poisoning incident, for instance) it is certainly a far from efficient way for public health officials (in this example) to quickly identify people. In your case I can see from your FAQ that an incident could never be followed up by any agency as "the location and guest list are never shared with non-attendees" Really? I am not sure that would stand up if pressure were applied after a serious crime (for instance) was committed. "I could not agree more with what has been said about data protection and we cannot be ever too careful, but all what they would get from our members is an email address (most of them use a dedicated email anyway) and a name as they wish to be called at the club with a face picture which information can be easily defended in case of data protection failure." And here you seem to be saying that a face photo would _not_ be sufficient to identify people in the event of a data security breach, which contradicts your earlier point. I think you need to consider the efficiency of modern facial recognition techniques, which - coupled with increasingly widely available identifiable source photos (on social networks, Google images etc) - will mean that very few people have the level of anonymity required to avoid identification for long. An unscrupulous blackmailer, of the kind who came out of the woodwork after Ashley Madisson, would have to work a bit harder to identify people, but (as in this case they wouldn't be hiding behind the dedicated email addresses you mention) I suspect some would try. "One last point I would like to make though is that its about time that UK got over the Victorian times in 21st Centuries and Swingers like the Gay society started to come to terms that we are another sexual minority, perhaps a highly sexual but nevertheless a minority and we should be respected as such" It would certainly be more convenient for all of us in this lifestyle if that were to happen, but as things stand the clubs surely have a duty of care (at present not always adequately discharged) to ensure that their members data remains secure? "I would like to see more unity, respect, support and cooperation between us swingers and come out of the closet to help clubs owners and subsequently provide club owners with a better position to help the libertine lifestyle." I think this is unrealistic at the scale that you envisage it happening. Where I think swingers could help clubs (and I am happy to do so, though I am not an expert in the area of data security) is to help formulate a voluntary code of conduct around privacy and data - (including collection, encryption, storage and disposal). Much of this is something clubs are legally obliged to do already, but it is clear that it is sometimes not happening. Clubs that were not compliant with such a code would presumably lose the trust of their members (which would cause a conundrum, since such a club may not know how to properly delete old member data!). | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"I'll say it again . . . A BIT LOUDER lol It's illegal NOT to be registered with ICO for data protection. Regardless of whether the club is private or not. All the guidance a club needs is on the ICO website. " I know, & I suspect those that use the forums do. That's not going to stop the everyday swingers/kinksters from checking who has what licenses though. I've been into 'clubs' that clearly are not following any guidelines and they were busy. Topcat/valhalla is the perfect example, people do not care about the hoops clubs should do (no I haven't been to valhalla & won't go) but I've been to other clubs in Birmingham that will never be listed on here & it was busy | |||
Reply privately | Reply in forum | Reply +quote |
"People go to clubs that are not licensed, insured or registered. The majority of people simply don't care. They want a good price, a good crowd and fun. House parties come and go, as with other fashions. The masses are not going to start complaining to, and questioning clubs about data protection. " How can someone check if a club is licensed, insured or registered? The health and safety aspect, first aiders , security is extremely important. | |||
Reply privately | Reply in forum | Reply +quote |
"People go to clubs that are not licensed, insured or registered. The majority of people simply don't care. They want a good price, a good crowd and fun. House parties come and go, as with other fashions. The masses are not going to start complaining to, and questioning clubs about data protection. How can someone check if a club is licensed, insured or registered? The health and safety aspect, first aiders , security is extremely important." Talk to the owners and ask the questions. Licencing, Public Liability and Data Protection all should be obvious, they are all certificates displayed for inspection. Other things such as water testing certificates, fire check logs, equipment testing, etc should all be provable and up to date. It doesn't need just the authorities to ask, | |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
| |||
Reply privately | Reply in forum | Reply +quote |
"I'm confident a tech wizzkid could find your home address from your IP address here fairly easily." AFAIK to get my IP address they would have to hack the site first and to convert that to an address they would need to be very friendly with my ISP (who would have a _lot_ to lose by being helpful) or hack their system as well. Yes it is possible, but it would require the combination of two mishaps. "They would also have the pics you have uploaded to link you to the activity." There is no obligation to post face photos on here (even for photo verification), so that wouldn't help (unless you post face photos, as I see you do). "If you have ever been a paying member, I'm sure aforementioned wizzkid could find out your phone number if you used that as payment." But if you use the third party payment provider you are back to the scenario where two systems need to be hacked - somewhat less likely. Furthermore, in both the scenarios which require two systems to be hacked both the systems are run by professionals - I don't have massive faith in fabswingers (they should force connections through SSL) but in both the other cases (ISP and payment processing company) you would hope (unless you were with TalkTalk) that they know what they are doing. I know it isn't perfect (nothing is), but in my opinion it is an acceptable risk. Contrast that with the single - weak - point of failure with a club's security, and you might begin to understand my concern. | |||
Reply privately | Reply in forum | Reply +quote |
Post new Message to Thread |
back to top |