GDPR discussion thread

Sim said:
However, if they have posted more, I will instead "anonymise" their account by changing their username to their numeric userid and then changing their email address to my webmaster address with the userid in it (eg: webmaster+userid@example.com) - but could use any email address which comes to me.
Click to expand...

I do something similar, but I wonder why you don't just delete the email rather than create another with the user ID and your address?

I would also delete any personal info that may have been eneterd, date of birth, location, interests, URL etc.

One thing not so straightforward would be to remove IP addresses. Presumably a set of dynamic IPs do not identify an individual, but a static IP does.
 
StarArmy said:
In the past I've rewarded donators be sending them military-style patches through the mail.

These members sent me their mailing addresses in private conversations. I'd like to remove the address information from my database because I don't want to hang on to personally identifiable information..
Click to expand...

There's an irony here. Although it applies to account upgrades rather than donations, the EU VAT laws require you to keep two pieces of information in regard to someone's location, which can be demanded as evidence for up to ten years.

https://www.vatlive.com/eu-vat-rules/eu-vat-digital-services-moss/location-of-customer-moss-2015/

https://www.gov.uk/government/publi...pplying-digital-services-to-private-consumers

In these cases any demand to delete an account and infoprmation of location could result in a breach of those VAT requirements.
 
Mr Lucky said:
In these cases any demand to delete an account and infoprmation of location could result in a breach of those VAT requirements.
Click to expand...

You need to apply common sense. There is a lot of fear out there regarding GDPR...

If you have written invoices to your customers with their name and address (clearly private data) on it you for sure don't have to delete all those invoices in your bookkeeping software because of the GDPR. You still have to hold it for the required retention period.
 
HWS said:
You need to apply common sense. There is a lot of fear out there regarding GDPR...
Click to expand...

Common sense is not always involved with a tax audit. I have had four and although the inspectors can be quite reasonable, they still tend to stick to the letter of the law.
HWS said:
If you have written invoices to your customers with their name and address (clearly private data) on it you for sure don't have to delete all those invoices in your bookkeeping software because of the GDPR. You still have to hold it for the required retention period.
Click to expand...

This is not about invoices though, it is in regard to the extra evidential information. Paypal statemnts and notifications may or may not contain the necessary evidence. This is somethiong that I have discussed with paypal, and although they appeared to understand, there is nothing they will do about it.
 
HWS said:
There is a lot of fear out there regarding GDPR...
Click to expand...

I agree to a point; the point being that the fear is not so much of the GDPR, the fear lies in how to best implement it and stay on the right side of the law. Whilst most people will agree that small sites hosting forums are not the intended target of the GDPR, they are also not exempt from it. Big business is the projected target, but they have mountainous resources and lawyers to do all the heavy lifting for them. At the bottom of the heap we're left to claw around in the dark trying to make sense of it all. Jobsworths, which is what the EU is, have a habit of moving their sights when they can't hit the target they're aiming for. If they can't make an example out of a big business they will move further down the line - the question is, how low will they go? So, it's prudent to ensure that we can, as far as is possible, get it right and the only people to help us is each other.

;)
 
For me the biggest fear is not so much the EU coming after us, but it's the semi-informed user who we will all have to deal with who tells you their rights and makes various demands and threats to get what they believe they are entitled to under the GDPR. We are all going to need to reply to these sort of requests, and it would be nice to have some sort of best practice responses / templates and processes to follow.
 
Davyc said:
If they can't make an example out of a big business they will move further down the line - the question is, how low will they go? So, it's prudent to ensure that we can, as far as is possible, get it right and the only people to help us is each other.

;)
Click to expand...

Nik Crowcroft said:
For me the biggest fear is not so much the EU coming after us, but it's the semi-informed user who we will all have to deal with who tells you their rights and makes various demands and threats to get what they believe they are entitled to under the GDPR. We are all going to need to reply to these sort of requests, and it would be nice to have some sort of best practice responses / templates and processes to follow.
Click to expand...


All you need is one disgruntled user/customer to file a complaint and who knows what they might consider worthy of investigation/prosecution.
 
Davyc said:
@Slavik whilst it's very much appreciated for the amount of time you spend in conversation with the ICO and collating all that they say, do you have what they say in writing?
Click to expand...

Yup, its all published on their site, it just sometimes takes a bit of navigating to find it in the right place.
 
Mr Lucky said:
All you need is one disgruntled user/customer to file a complaint and who knows what they might consider worthy of investigation/prosecution.
Click to expand...

And if they decide that persons rights have not been acceded to and they do something (I can't imagine it being too severe for a small site, but you never know) that could put all the small sites under the spotlight; that alone is the best reason of all for making sure we get it right. And we ought to be helping each other in this, because it's something that affects us all and benefits us all if we get it right.

Slavik said:
Yup, its all published on their site, it just sometimes takes a bit of navigating to find it in the right place.
Click to expand...

The first part is good to know - the second part, finding it, is not so easy lol.

;)
 
Davyc said:
And if they decide that persons rights have not been acceded to and they do something (I can't imagine it being too severe for a small site, but you never know) that could put all the small sites under the spotlight; that alone is the best reason of all for making sure we get it right. And we ought to be helping each other in this, because it's something that affects us all and benefits us all if we get it right.
Click to expand...
Aren't the penalties for data breaches if you fail to notify them?

I am very against deleting posts by members. This breaks conversations and I fail to understand how a "made-up" username that does not relate to their real name can "identify" who that person is (unless all of their details are already listed on a public database showcasing usernames, emails, passwords, hashes, etc - like that one site that got closed down and raided by police some time ago - and this isn't our problem).

XF already lets you edit out your email/etc. DoB cannot be updated but then again, how can that alone verify who you really are? Do you really need to go as far as updating this or can you just change a username with an actual real/last name to a user ID?
 
You are not obliged or required to delete their posts, the only time that would come into play is if the posts contained any personally identifiable information; which, they shouldn't have and you can make it an explicit requirement in your T&C that users do not make any PII known. You can also add in your T&C that anything they post can be used continuously - how you word this is up to you as long as it's clear and understandable.

Individual items cannot generally identify a person, but several items together can. For example if a someone called John Smith joins your forum and uses their real name as their username, this alone cannot identify an individual because their may be millions of people called John Smith, but if you add in other information such as an email address, static IP address, DOB and so on - then you can identify that person as an individual.

The problem with the GDPR is that it makes it complexed when deciding how much of what kind of data can be enough to identify someone as an individual in the course of running a forum site. We then, as forum owners, become data controllers (and possibly data processors) so we then assume control of whatever data is supplied to us and we have to act accordingly in conjunction with GDPR.

The other problems this raises is keeping track of how that data is used, where it's stored, the security measures taken to protect it and then giving the individual rights to be forgotten, the right to have access to how their data has been used and the right of portability of that data. Not to mention cookies and 3rd party cookies and getting explicit permission to drop those cookies from an individual every time a cookie is dropped from wherever.

And so the show goes on - but you don't have to delete posts as that would cause disruption to conversations that other people are taking part in and may be relevant to the discussion. How you deal with the deletion of an account will depend on your own process for handling it.

It may be an opportune time to buy a wig because the prices of them will go up as demand increases from people pulling their hair out over this lol.

;)
 
Nik Crowcroft said:
For me the biggest fear is not so much the EU coming after us, but it's the semi-informed user who we will all have to deal with who tells you their rights and makes various demands and threats to get what they believe they are entitled to under the GDPR. We are all going to need to reply to these sort of requests, and it would be nice to have some sort of best practice responses / templates and processes to follow.
Click to expand...
^^^ This is absolutely where most of the concern is. It's not the spirit of the law or the fundamental rights under the law, it's that regular internet users will have just as much trouble understanding it as people who run websites. It's also going to be a vector for a small but troublesome subset of attorneys; basically the 2018 version of patent trolls and ambulance-chasers. "Settle with us now for X amount of money or risk being fined a huge sum and wasting money on legal fees in the meantime."
 
Davyc said:
Not to mention cookies and 3rd party cookies and getting explicit permission to drop those cookies from an individual every time a cookie is dropped from wherever.
Click to expand...
Can't we just write up or link to a guide and show people how to remove them in their browser? I guess most of our privacy policies cover this.

IPs and emails are only visible to staff. Emails can be removed by users themselves (unless they are banned but do banned members have this right to be forgotten and then re-register when they are indeed forgotten to bypass our own rules?) so I don't think that's much of an issue.

IPs on the other hand, idk..
 
What about data that's stored in the user change log?

If someone changes their email or their real name, age, home page, occupation or any other value or custom field info that was ever stored in their profile, that's not really scrubbed or deleted if we just anonymise the public facing user info.

If the forum database ever gets compromised, would that data not all still be accessible to whoever has access to the database? If you tell a user that their data has been anonymised instead of deleted, but it hasn't truly been done so, that could potentially cause issues down the line, could it not?
 
What I've not been able to firmly understand is who is the onus on to make sure all PII for a user is removed?

If a user requests to be forgotten, and we anonymise their account, but somewhere in their thousands of posts they once posted some PII such as their home address, is it acceptable for us require the user to highlight each and every bit of personal information contained in their posts for us to remove? Or are we somehow supposed to ensure this is done, in which case a complete deletion of all posts and content created by a user is the only way to be sure?
 
Nik Crowcroft said:
What I've not been able to firmly understand is who is the onus on to make sure all PII for a user is removed?

If a user requests to be forgotten, and we anonymise their account, but somewhere in their thousands of posts they once posted some PII such as their home address, is it acceptable for us require the user to highlight each and every bit of personal information contained in their posts for us to remove? Or are we somehow supposed to ensure this is done, in which case a complete deletion of all posts and content created by a user is the only way to be sure?
Click to expand...

Or do a search for their address or part of their address.

I have members who post their email address and/por telephone numbers, we made it against the rules so delete these whenever they post them.

Many years ago when forums were not so common, I had a very useful member who posted a lot of stuff.

He discovered that American Express refused a fraud claim from him on the grounds that he had posted personal info "on the internet"

On my forum I think all he had done was mentioned he lived in spain and had posted a photo of his house but he became paranoid. I naïvely gave him temporary permissions to edit his posts, but he then must have stayed up all night editing out everything from every single post, which was very damaging to the forum. :cry:
 
Last edited:
Mr Lucky said:
On my forum I think all he had done was mentioned he lived in spain and had posted a photo of his house but he became paranoid. I naïvely gave him temporary permissions to edit his posts, but he then must have stayed up all night editing out everything from every single post, which was very damaging to the forum. :cry:
Click to expand...
You can undo that all with a few clicks by using Xon's moderator Essentials. I funded that function because we had a lot of rage quitting over the decades.
 
You must log in or register to reply here.

Similar threads

M
  • Question Question
Integration of subdomain with Shopify website
Replies
4
Views
701
MadHatter
M
Dakis
Online course for forum owners
2
Replies
26
Views
2K
Dakis
Dakis
Back
Top Bottom