• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

UK 'right to be forgotten' to include IPs and cookies

Alfa1

Well-known member
#2
You are also obliged by the same EU under punishment of law to counter hate speech, abuse, harassment, cyber-bullying, fake news, stalking, etc. This is only possible if you keep IP addresses and cookies. Else there is no stopping abuse which you must stop.
So this opens up Pandora's box. You get fined heavily if you do keep cookies and IP and get fined millions if you don't.

Clearly we will need to have a tool for members to delete their account and private data. But what private data will be erased needs to be configurable by the admin.And there needs to be a safenet for rage quitters who want to come back after they cool down.

I don't know about your big board but we ban dozens abusive users on a daily basis. If they can just delete their data then this opens up the floodgates.
 

Stuart Wright

Well-known member
#3
I don't know about your big board but we ban dozens abusive users on a daily basis. If they can just delete their data then this opens up the floodgates.
We ban lots of people daily. Many (like everyone from a bunch of spam heavy countries like India) aren't allowed to register in the first place.
The cookie based duplicate registration alert addon is invaluable for identifying previously banned spammers and scammers.

Currently if people who have been banned from trading ask for their accounts and details to be deleted (which is actually very rare) we say no. Otherwise they could just register and trade again. If some scamming scum bag who repeatedly tries to re-register to scam more people is able to put in a request to have their details deleted, it's going to be painful for us and a risk for the community if we can't give them the finger.

In order to run a community free from spammers, abusive people and scammers, the ability to store historical IP and cookie information is a very important aid.
 

Slavik

XenForo moderator
Staff member
#4
I wouldn't worry about it until we actually see the specifics of what gets enacted into law, the last 2 times these "overhauls" didn't end up amounting to much for 99.99% of forum owners.
 

Chris D

XenForo developer
Staff member
#5
If a user wants their cookies wiped, just ask them to log out.

If a user wants their IP addresses wiped, that happens periodically anyway; they're stored for one year by default (and it's configurable in Options). They are also wiped if a user is deleted (which seems like the most likely scenario where this would come up, so no real difference to a normal account deletion request).

If a user wants an out of band IP address wipe for some reason then for now you can just do DELETE FROM xf_ip WHERE user_id = ?