UK Online Safety Regulations and impact on Forums

[Alvin63]

Presumably yes. Do you know if private messages would all still be in the database if members were deleted?

 

[Mr Lucky]

Presumably yes. Do you know if private messages would all still be in the database if members were deleted?

I just tried on my test forum, I thought it would but it doesn't. They seem to be there all assigned to user name but with id=0

 

[Alvin63]

So they're all still there? Can they just be deleted in the database? Whereabouts do you look in the database?

 

[Alvin63]

It's ok I've found it. Usernames are all there with ID 0 as you say. Which would make it difficult to search for a particular member's messages presumably! Although I'd happily delete all of them (not sure how). Can't even seem to search them by date!

And they can't "leave" the conversation, because they're deleted members.

 

[Mr Lucky]

So they're all still there? Can they just be deleted in the database? Whereabouts do you look in the database?

I tried that, I think these are all the associated tables:
I would empty them rather than delete, but beware I'm no expert developer - I would do it on a test forum

 

[Mr Lucky]

It's ok I've found it. Usernames are all there with ID 0 as you say. Which would make it difficult to search for a particular member's messages presumably!

No, you can still do that easily with phpmyadmin, even without knowing about running a query:


In the index click on the conversation_message table




then the tab at the top Search and you will get this

Put in the username and click go at the bottom

 

[Alvin63]

Thanks. I managed to search by username. But how do you read the full message? It just seems to be a snippet shows. I'm just testing to see whether editing messages still works (with a deleted member).

 

[Alvin63]

Anyway I'd quite like to delete all messages. Andy has an addon that deletes direct messages but I'm not sure if that's within the server as well.

 

[Alvin63]

Sorry. Went completely off topic there. It's just I can't see the point in keeping messages if direct messaging is going to be disabled.

 

[Mr Lucky]

Thanks. I managed to search by username. But how do you read the full message? It just seems to be a snippet shows. I'm just testing to see whether editing messages still works (with a deleted member).

Click on Edit on the left. You'll see the full message.

 

[Alvin63]

Thanks That was really helpful. It was too tedious in the end!

I just used Andy's addon. That deleted all messages older than a year. Doesn't seem to be an option to delete the last year's ones though!

 

[Alvin63]

Anyway back to Child Risk Assessment. I think writing one is going to be difficult and time consuming. I think mainly it just needs to be a document and you could explain how you've assessed things and why. That link does say you need to refer to the tick box list further down and answer those questions, and refer to the risk profiles and say which ones affect you. And presumably an explanation next to each one about how it isn't a risk oh your forum because of xyz mitigations.

Not sure how you'd address the risk of harm for different age groups because surely it's just harmful stuff per se! Regardless of the age group.

So are we supposed to put - yes it's all very harmful for all ages but we have mitigated for it with xyz?

 

[Alvin63]

Going back to your comment about age verifying existing members @Mr Lucky , I think what @chillibear has done is put everyone into a limited usergroup and then they age verify to get onto the fuller forum (ie main usergroup).

 

[chillibear]

I think what @chillibear has done is put everyone into a limited usergroup and then they age verify to get onto the fuller forum (ie main usergroup).

I've not yet actually forced my users into it yet, but that in essence is the plan. So you could push the reduced permissions as far as you wanted and then hopefully as people return to the site they will go through the "upgrade" process and slowly all end up in the 18+ group. Those that are dead accounts will just stay dormant. I was waiting to see what horrors were in the Children's risk stuff. So my vague plan is basically:

• age-checks for private messaging and enable/disable some options
• hiding images/media in private messages (opt in/out)
• optional blurring of images in general
• disable outbound links from things like youtube where there are recommendations if <18
• possibly do an interstitial page for outbound links in general (much as I find them annoying)
• crowd moderation
• strip EXIF data from attachments
• some sig-int type analytics for users for posting frequency, login frequency and so forth to highlight abnormal behaviour
• private message scanning for keywords
• normal post scanning for keywords (maybe)
• run links in posts through one or other API for safety checking
• possibly throw images through an AI to do analysis on them. Not quite decided exactly what just yet.
• Hide profile data for <18
• BBCode tag for anything members might consider more adult in nature (opt in/out), not that we have anything scandalous, but it offers another option.

I have considered looking at some of the "ignore" add-ons, but I've not felt confident enough to really try one. I'd still rather see the core ignore features beefed up. Otherwise the only other thing I think I'd quite like is as mentioned somewhere earlier have a way of controlling which posts users could see based on time. The idea being I could have all Guests lagging behind members by 24-28 hours (or whatever) so anything that did go bad wouldn't spill out onto the public so to speak. Since I don't allow Guest posting we'd not have to worry about post ordering, but I would want it to be properly integrated so that Guest readers didn't have any visibility (beyond the dates) of the lag. Still an idea at this stage.

I'm not doing anything that can't really be worked around. I figure if someone wants to go to the efforts of "harming themselves" via my noddy little forum then so be it. Some bits I'm doing more with a view to a larger forum in general rather than the OSA in particular, but luckily it's not my job to do their OSA stuff, just provide some tinkering around the edges for them!

 

[Alvin63]

Stripping exif data from photos is where I'm stuck at the moment. Tried asking AI about that and it sounds complicated.

I also wondered about user profiles. Is there any way to just kind of disable them? So it's just their username without any personal info added? Apart from a signature. They weren't really used much on my forum.

 

[Mr Lucky]

So it's just their username without any personal info added? Apart from a signature. They weren't really used much on my forum

I also find they aren’t used much yet a few users like and expect them. I think if I didn’t have “competing” forums I’d happily scrap them and maybe give people slightly bigger signatures to compensate.

 

[Alvin63]

I'm quite happy leaving them there. Just wasn't sure if there were some settings to say, stop them adding their date of birth or personal info? The main reason they get used is for checking/finding their previous posts or looking to see if other people are online (or rather what they were looking at when they were online - some members were nosey!).

 

[Alvin63]

I'm wondering if just name, address and dob at sign up would be enough. That way you could manually check people after they sign up using one of the checkers that don't cost. And weed out any false ones.

Presumably offputting to be asked that info though and it would need a notice about not saving data once age has been checked.

 

[Alvin63]

Anyway, without age verification. I'm about ready to go - once I've finished writing the Child Risk Assessment - which I'm just going to do as a word document. Except for removal of exif data.

 

[Lee]

It could be worse, one of the forums we’re trying to make compliant is about mental illness. People often talk about self harm, in a way that is safe and legal, but occasionally people do over step on the share front.

Direct messages are also massively used.

That is a minefield.