Forums

Unfortunately no one can be told what FluxBB is - you have to see it for yourself.

You are not logged in.

#1 2019-02-13 19:58:15

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Removing all personal information as per GDPR

This was initially raised here: development/core/tickets/678/  but was predicated, incorrectly I believe, on the ability of users to do this themselves.

The feature I would like is for it to be an automated part of the administrative dashboard.

Currently, if a user requests that we delete all their information (and this is increasingly prevalent, on the Arch Linux boards we are averaging one request per week for 2019) we have to manually:

1. Change the email address to a random one (that still satisfies the format)
2. remove any information the user has added to their profile (website links, etc)
3. change the password to a random string

This does not satisfy some users who assert, under the GDPR, that:

4. all of their posts should be removed
5. their IP records scrubbed, and
6. any mentions (quotes by other users in posts) removed.

This is neither practicable, nor in the case of 4 and 5, even possible manually.

A feature that allowed an admin to:

* Change the username in all of their posts to 'Removed' (instances in quotes would be nice as well)
* Scrub their profile
* Remove all IP address entries from the DB
* Delete all threads where they are the only poster

How can we, ie., Arch Linux, help make this happen?

Thanks.

Offline

#2 2019-02-14 11:05:55

Pierre
Member
From: Germany/Bonn
Registered: 2010-05-20
Posts: 50
Website

Re: Removing all personal information as per GDPR

It should be easier to rename the user and the use the "Delete User" option that is already there. I guess it should be possible to write an admin extension for this.

I usually do not rename the user unless explicitly requested though. And I do not think this is required by GDPR.

Anyway: A feature to optionally rename the user before deletion would be a good addition to the "delete user" feature.

Offline

#3 2019-02-14 16:12:40

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Re: Removing all personal information as per GDPR

Pierre wrote:

It should be easier to rename the user and the use the "Delete User" option that is already there. I guess it should be possible to write an admin extension for this.

The issue with just deleting a user is, if the user is the thread starter, it deletes every post in the thread, including posts by other users. That is why I described 4. as impracticable; it would require the consent of other users to remove their content.

Pierre wrote:

I usually do not rename the user unless explicitly requested though. And I do not think this is required by GDPR.

It is required where that username is personally identifiable information, as in my case, for example.

Pierre wrote:

Anyway: A feature to optionally rename the user before deletion would be a good addition to the "delete user" feature.

Agreed. An option to rename any number of users to the same string, ie., "Removed" would be a good start.

Offline

#4 2019-02-14 22:12:20

Franz
Lead developer
From: Germany
Registered: 2008-05-13
Posts: 6,670
Website

Re: Removing all personal information as per GDPR

Howdy and thanks for reaching out!

First of all, I would love to make FluxBB more compatible with the GDPR. I must say, though, that it is hard for me to make judgements which features are required and which aren't. IANAL and all that. Do you know a good resource that helps making these judgement calls for a software like FluxBB?

Cleaning up the profile (although that already happens with a basic deletion) and IP addresses makes sense and is easy. On the other hand, things like removing mentions raises some concerns (can we touch other people's posts?) and is potentially very expensive, e.g. in terms of performance.

We do have a feature to delete users already, by the way, even along with all of their topics / posts.

jasonwryan wrote:

How can we, ie., Arch Linux, help make this happen?

A good first step would be to create an admin plugin - this seems to be the perfect use-case. This plugin would let admins delete users by username or ID, with some of the steps you mentioned being optional, controlled by checkboxes.

If this turns out well, I will gladly promote it here on the forum and on the site - we can then think about adopting parts of it into core, or maybe shipping the plugin with each release.


fluxbb.de | develoPHP

"As code is more often read than written it's really important to write clean code."

Offline

#5 2019-02-14 22:24:32

jasonwryan
New member
Registered: 2012-12-30
Posts: 3

Re: Removing all personal information as per GDPR

Thanks Franz!

Franz wrote:

First of all, I would love to make FluxBB more compatible with the GDPR. I must say, though, that it is hard for me to make judgements which features are required and which aren't. IANAL and all that. Do you know a good resource that helps making these judgement calls for a software like FluxBB?

Not really. I read through the document in its entirety and I don't see too many issues above and beyond what I am proposing here. In my view, it is some enhancements that are required, rather than wholesale change.

Franz wrote:

Cleaning up the profile (although that already happens with a basic deletion) and IP addresses makes sense and is easy. On the other hand, things like removing mentions raises some concerns (can we touch other people's posts?) and is potentially very expensive, e.g. in terms of performance.

My view is that, no, we should not touch other people's posts, so if they have manually mentioned a user, it would remain. However, the basic quoting function--which automatically inserts the username of the quoted poster--may be worth considering.

Franz wrote:

We do have a feature to delete users already, by the way, even along with all of their topics / posts.

The issue with this, as it is currently implemented, is that if the deleted user is the thread starter, all of the posts in the thread are deleted, including those by other users. On the Arch boards, we will not use this function as it would require the consent of the other posters in the thread. Obviously, if there are no other contributors in the thread, this is not an issue.

Offline

#6 2019-05-15 08:03:27

JJones
Banned
Registered: 2019-04-28
Posts: 63

Re: Removing all personal information as per GDPR

Franz wrote:

If this turns out well, I will gladly promote it here on the forum and on the site - we can then think about adopting parts of it into core, or maybe shipping the plugin with each release.

keeping in "spirit" of "FluxBB" claiming to only be 'Essentials' .... GDPR is NOT APPLICABLE .... In terms of serving the majority, the EU ( GDPR Jurisdiction ) only applies to "Servers" located in 27 Nations, out of a total of 195 currently recognized Nations at time of this post.

However, for sake of debate/discussion ... The GDPR regulations have already been ruled to be "No Applicable" upon agreement to data collection. Contract Law overrules Rights when relinquished voluntarily. This is simply implemented when a "Terms of Service (including the phrase we own whatever data you provide)" is stated, and the person Agrees to those terms at moment of registration .... ( which basically means, about the only thing you can do to the core to aid in compliance is exchange the "Rules" option with a "TOS" option ... but i digress ...

As for specific personal information that is collected by the core is the "Email" ... which is still currently being debated in EU Commission Courts. Since no part of the Core actually publishes the email to people publicly ( possibly profile? ) than there really isnt anything that can be tied back to what the GDPR claims to be "personal information" which is listed as:
FULL NAME => USERNAME is NOT a LEGAL NAME
HOME ADDRESS => NOT IN FluxBB core that i have ever seen
CREDIT CARD NUMBER => NOT IN FluxBB core that i have ever seen
BIRTHDATE => Requires a legal name to be associated with a date to be identifiable, thus not applicable.
PERSONAL PHOTO => Easily bypassed by a TOS Agreement
E-MAIL ADDRESS => Only thing that FluxBB records

... Even IP Addresses have already been ruled as HARDWARE Identifiable and not PERSONAL IDENTIFIABLE ....

At best, the GDPR might initiate and investigation if "posts" disclose information such as PASSPORT, LICENSES, PHONE NUMBERS, Blah blah .... but even then, it is the "Poster" that is subject to the violation and not that of the "webmaster". Which should be handled as a "case by case" event and not broadly applied to entire forums, or at best is responsibility of whomever is charged with enforcing their own policy on the website.

And ... for the sake of discussion, why would you place effort to comply with GDPR when nobody is implementing any tools that comply with "Data Retention Act" which is applicable in about 84 Nations? ( enjoy receiving an Email with SQL dump AND all Associated Account files stored every week ) 

Could it be possible that FluxBB is more about the developers "Political Agenda", and not so much about actually paying attention to the core and all its flaws?

Last edited by JJones (2019-05-15 08:17:56)

Offline

#7 2019-08-15 00:29:59

oli_v_ier
Member
Registered: 2008-09-21
Posts: 44

Re: Removing all personal information as per GDPR

JJones wrote:

... Even IP Addresses have already been ruled as HARDWARE Identifiable and not PERSONAL IDENTIFIABLE ....

https://ec.europa.eu/info/law/law-topic … al-data_en

EU wrote:

Examples of personal data
(...)
    an Internet Protocol (IP) address;
(...)

neutral

JJones wrote:

Contract Law overrules Rights when relinquished voluntarily.

Even when you agree to the collection of personal data, you can then demand that they be erased or downloadable. It's the law.

Franz wrote:

First of all, I would love to make FluxBB more compatible with the GDPR.

Indeed !
big_smile

Last edited by oli_v_ier (2019-08-15 00:36:10)

Offline

#8 2019-09-03 15:34:42

JJones
Banned
Registered: 2019-04-28
Posts: 63

Re: Removing all personal information as per GDPR

I repeat ... IPs were already ruled "hardware identifiable". I would sure LOVE to see a case being settled on "IP".

If "contract" law was not a trump card in EU, why is it that Google still maintains ALL of your account data in the EU currently? ( notice all of your history of IPs, searches, phone numbers? ) ... LMFAO!!! (PS: Facebook has much more personal info on you ).

You can REQUEST your account be disabled, LOL, but you'll never "DELETE" your information .... all because "Contracts" trump ( emphasis on the word "Trump" ( insert evil smile here )!!!

I have a "variation" of FluxBB operating out of a Vienna Server rack .... And i assure you, EU does not force me to delete anything EVEN when reported. ( Enjoy attempting to regulate Regional Rules Globally!! )

Offline

#9 2019-09-23 00:53:47

oli_v_ier
Member
Registered: 2008-09-21
Posts: 44

Re: Removing all personal information as per GDPR

Franz wrote:

First of all, I would love to make FluxBB more compatible with the GDPR.

Here are some requirements for FluxBB to comply with the GDPR :

Information and access
"A data controller must provide, upon request, an overview of the categories of data that are being processed (Article 15(1)(b)) as well as a copy of the actual data (Article 15(3))"

Article 15(1)(b) : no script modification, a page listing collected data should be enough (rules page can be used for that purpose). Should be mentionned : purposes of the processing, with whom the data is shared, how long data is retained and how it acquired the data.

Article 15(3) : an admin of FluxBB needs to be able to export all the personal data associated with an account:
- IP registered by FluxBB
- messages (with dates)
- subscriptions list
- and all informations of the profile menu (avatar, signature, messaging details, personal details)

Rectification and erasure
"the data subject has the right to request erasure of personal data related to them on any one of a number of grounds within 30 days (article 17)"

Article 17 : when deleting an account and its messages, instead of deleting every threads beginning with one of these messages, it would be great to replace the first message with a dummy message saying that the original message was deleted.

Condition for consent
https://gdpr.eu/gdpr-consent-requirements/
"the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data" Article 7

Article 7 : Fluxbb must collect and archive the user's consent :
- collect consent when registering for newcomers
- collect consent upon login for those who are already registered and have not yet given their consent
The data subject shall have the right to withdraw his or her consent at any time.
If you have more than one reason to conduct a data processing activity, you must obtain consent for all those purposes. "(...) you must get separate consent for each data processing operation. So if you want their email address for marketing purposes and their IP address for website analytics purposes, you must give the user an opportunity to confirm or decline each use."

Offline

#10 2019-09-23 06:17:34

Franz
Lead developer
From: Germany
Registered: 2008-05-13
Posts: 6,670
Website

Re: Removing all personal information as per GDPR

oli_v_ier wrote:

Article 17 : when deleting an account and its messages, instead of deleting every threads beginning with one of these messages, it would be great to replace the first message with a dummy message saying that the original message was deleted.

To the best of my knowledge (IANAL), the forum posts would not fall under "personal data". (See https://gdpr.eu/eu-gdpr-personal-data/.) The username reference would be deleted - but the post content would remain. Otherwise, a deletion request by an active community member would make many conversations on the forum inconsistent and non-understandable.


fluxbb.de | develoPHP

"As code is more often read than written it's really important to write clean code."

Offline

#11 2019-09-23 07:09:24

Otomatic
FluxBB Donor
From: Paris - France
Registered: 2010-01-26
Posts: 572
Website

Re: Removing all personal information as per GDPR

Hi,

For my own forums, this is clearly stated in the Rules that the user has validated before confirming his registration.
« Request for deregistration: Send an email to the Forum administrator. In case of deletion, the messages you could have written will not be deleted, but will be attached to the username: Guest »


Ce n'est pas parce que l'erreur se propage qu'elle devient vérité. Ghandi
An error does not become truth by reason of multiplied propagation. Ghandi

Offline

#12 2019-09-23 11:29:16

oli_v_ier
Member
Registered: 2008-09-21
Posts: 44

Re: Removing all personal information as per GDPR

Franz wrote:

To the best of my knowledge (IANAL), the forum posts would not fall under "personal data". (See https://gdpr.eu/eu-gdpr-personal-data/.)

My forum is about hiking, lots of posts on my forum include personal data as people write about them. "‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly".

Anyway add all messages of an user to the exported data file to be sure to comply to GDPR isn't so constraining.

If the question is "can an author force me to delete all his messages" : in France the copyright law gives the author the right of withdrawal (droit de retrait et de repentir): the author can prevent further reproduction, distribution or representation in return for compensation paid to the distributor of the work for the damage done to him. As there is usually no estimate of damage resulting from message deletion it is difficult not to comply with this kind of request.
To protect us as much as possible against abuse, we stated (any advice welcome): "By contributing you agree that your content is part of this work and is under the terms of the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported.". A bit like Otomatic did.

Last edited by oli_v_ier (2019-09-23 11:29:41)

Offline

Board footer

Powered by FluxBB