Forums

Unfortunately no one can be told what FluxBB is - you have to see it for yourself.

You are not logged in.

#1 2019-02-13 19:58:15

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Removing all personal information as per GDPR

This was initially raised here: development/core/tickets/678/  but was predicated, incorrectly I believe, on the ability of users to do this themselves.

The feature I would like is for it to be an automated part of the administrative dashboard.

Currently, if a user requests that we delete all their information (and this is increasingly prevalent, on the Arch Linux boards we are averaging one request per week for 2019) we have to manually:

1. Change the email address to a random one (that still satisfies the format)
2. remove any information the user has added to their profile (website links, etc)
3. change the password to a random string

This does not satisfy some users who assert, under the GDPR, that:

4. all of their posts should be removed
5. their IP records scrubbed, and
6. any mentions (quotes by other users in posts) removed.

This is neither practicable, nor in the case of 4 and 5, even possible manually.

A feature that allowed an admin to:

* Change the username in all of their posts to 'Removed' (instances in quotes would be nice as well)
* Scrub their profile
* Remove all IP address entries from the DB
* Delete all threads where they are the only poster

How can we, ie., Arch Linux, help make this happen?

Thanks.

Offline

#2 2019-02-14 11:05:55

Pierre
Member
From: Germany/Bonn
Registered: 2010-05-20
Posts: 50
Website

Re: Removing all personal information as per GDPR

It should be easier to rename the user and the use the "Delete User" option that is already there. I guess it should be possible to write an admin extension for this.

I usually do not rename the user unless explicitly requested though. And I do not think this is required by GDPR.

Anyway: A feature to optionally rename the user before deletion would be a good addition to the "delete user" feature.

Offline

#3 2019-02-14 16:12:40

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Re: Removing all personal information as per GDPR

Pierre wrote:

It should be easier to rename the user and the use the "Delete User" option that is already there. I guess it should be possible to write an admin extension for this.

The issue with just deleting a user is, if the user is the thread starter, it deletes every post in the thread, including posts by other users. That is why I described 4. as impracticable; it would require the consent of other users to remove their content.

Pierre wrote:

I usually do not rename the user unless explicitly requested though. And I do not think this is required by GDPR.

It is required where that username is personally identifiable information, as in my case, for example.

Pierre wrote:

Anyway: A feature to optionally rename the user before deletion would be a good addition to the "delete user" feature.

Agreed. An option to rename any number of users to the same string, ie., "Removed" would be a good start.

Offline

#4 2019-02-14 22:12:20

Franz
Lead developer
From: Germany
Registered: 2008-05-13
Posts: 6,639
Website

Re: Removing all personal information as per GDPR

Howdy and thanks for reaching out!

First of all, I would love to make FluxBB more compatible with the GDPR. I must say, though, that it is hard for me to make judgements which features are required and which aren't. IANAL and all that. Do you know a good resource that helps making these judgement calls for a software like FluxBB?

Cleaning up the profile (although that already happens with a basic deletion) and IP addresses makes sense and is easy. On the other hand, things like removing mentions raises some concerns (can we touch other people's posts?) and is potentially very expensive, e.g. in terms of performance.

We do have a feature to delete users already, by the way, even along with all of their topics / posts.

jasonwryan wrote:

How can we, ie., Arch Linux, help make this happen?

A good first step would be to create an admin plugin - this seems to be the perfect use-case. This plugin would let admins delete users by username or ID, with some of the steps you mentioned being optional, controlled by checkboxes.

If this turns out well, I will gladly promote it here on the forum and on the site - we can then think about adopting parts of it into core, or maybe shipping the plugin with each release.


fluxbb.de | develoPHP

"As code is more often read than written it's really important to write clean code."

Offline

#5 2019-02-14 22:24:32

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Re: Removing all personal information as per GDPR

Thanks Franz!

Franz wrote:

First of all, I would love to make FluxBB more compatible with the GDPR. I must say, though, that it is hard for me to make judgements which features are required and which aren't. IANAL and all that. Do you know a good resource that helps making these judgement calls for a software like FluxBB?

Not really. I read through the document in its entirety and I don't see too many issues above and beyond what I am proposing here. In my view, it is some enhancements that are required, rather than wholesale change.

Franz wrote:

Cleaning up the profile (although that already happens with a basic deletion) and IP addresses makes sense and is easy. On the other hand, things like removing mentions raises some concerns (can we touch other people's posts?) and is potentially very expensive, e.g. in terms of performance.

My view is that, no, we should not touch other people's posts, so if they have manually mentioned a user, it would remain. However, the basic quoting function--which automatically inserts the username of the quoted poster--may be worth considering.

Franz wrote:

We do have a feature to delete users already, by the way, even along with all of their topics / posts.

The issue with this, as it is currently implemented, is that if the deleted user is the thread starter, all of the posts in the thread are deleted, including those by other users. On the Arch boards, we will not use this function as it would require the consent of the other posters in the thread. Obviously, if there are no other contributors in the thread, this is not an issue.

Offline

#6 2019-05-15 08:03:27

JJones
Member
Registered: 2019-04-28
Posts: 23

Re: Removing all personal information as per GDPR

Franz wrote:

If this turns out well, I will gladly promote it here on the forum and on the site - we can then think about adopting parts of it into core, or maybe shipping the plugin with each release.

keeping in "spirit" of "FluxBB" claiming to only be 'Essentials' .... GDPR is NOT APPLICABLE .... In terms of serving the majority, the EU ( GDPR Jurisdiction ) only applies to "Servers" located in 27 Nations, out of a total of 195 currently recognized Nations at time of this post.

However, for sake of debate/discussion ... The GDPR regulations have already been ruled to be "No Applicable" upon agreement to data collection. Contract Law overrules Rights when relinquished voluntarily. This is simply implemented when a "Terms of Service (including the phrase we own whatever data you provide)" is stated, and the person Agrees to those terms at moment of registration .... ( which basically means, about the only thing you can do to the core to aid in compliance is exchange the "Rules" option with a "TOS" option ... but i digress ...

As for specific personal information that is collected by the core is the "Email" ... which is still currently being debated in EU Commission Courts. Since no part of the Core actually publishes the email to people publicly ( possibly profile? ) than there really isnt anything that can be tied back to what the GDPR claims to be "personal information" which is listed as:
FULL NAME => USERNAME is NOT a LEGAL NAME
HOME ADDRESS => NOT IN FluxBB core that i have ever seen
CREDIT CARD NUMBER => NOT IN FluxBB core that i have ever seen
BIRTHDATE => Requires a legal name to be associated with a date to be identifiable, thus not applicable.
PERSONAL PHOTO => Easily bypassed by a TOS Agreement
E-MAIL ADDRESS => Only thing that FluxBB records

... Even IP Addresses have already been ruled as HARDWARE Identifiable and not PERSONAL IDENTIFIABLE ....

At best, the GDPR might initiate and investigation if "posts" disclose information such as PASSPORT, LICENSES, PHONE NUMBERS, Blah blah .... but even then, it is the "Poster" that is subject to the violation and not that of the "webmaster". Which should be handled as a "case by case" event and not broadly applied to entire forums, or at best is responsibility of whomever is charged with enforcing their own policy on the website.

And ... for the sake of discussion, why would you place effort to comply with GDPR when nobody is implementing any tools that comply with "Data Retention Act" which is applicable in about 84 Nations? ( enjoy receiving an Email with SQL dump AND all Associated Account files stored every week ) 

Could it be possible that FluxBB is more about the developers "Political Agenda", and not so much about actually paying attention to the core and all its flaws?

Last edited by JJones (2019-05-15 08:17:56)

Offline

Board footer

Powered by FluxBB