Ya beat me to it. Just a random post I found where it successfully did just that.
this should be part of faq on most sites as a comprehensive yet simple explaination .
thank you.
I donāt know Ruby, but when it comes to databases, working around something like this usually involves having some script that throttles itself as it goes through the database and gradually cleans up/changes the entriesā¦ It ātricklesā through a change and āchips awayā at the data without overloading the db.
I donāt know what the legal expectations are, is each users forum data meant to be encrypted with a separate throwable key - and decrypted on every access, even on a forum? That sounds like a mad requirement for a āfreeā forum software.
I can think of a couple of ways for a user to script thisā¦ but Iād rather folks didnāt have to invent their own - ooth do you know if thereās an easy thing they could run?
(Should we start a thread in āDevelopmentā section here?)
The ātrickleā youāre talking about is an implementation detail that the developers have expressed as a āwonāt doā so that burden now falls upon the administrators.
You can feel free to start a thread but imo itās a moot topic.
No. That would be insane.
Pretty much all forums do an end-run around gdpr. For as long as there is regulation there will be ways to avoid it. (Such as residing in the united states, in the case of the gdpr)
Because of the content licensing agreement, all content is property of Level1Techs, llc.
what we are building here is more than a community. Its a repository of knowledge. In an attempt to retain that knowledge, we must not delete posts, except in instances of DMCA, legality or forum rule breach.
I lost track of how many times Iām on a reddit thread and the person who had a possible answer to my problem went through their account with a post removal script. It completely ruins the community and knowledge base.
This is why an actual Wiki like Bookstack would be nice.
So Iāve proposed this in the past and its been nixed.
Iām gonna try to come up with another ideaā¦
Because I like the idea of a wiki, but I think its the maintenance of a wiki thats a no go.
Yeah Iāve lobbied for it multiple times, as well. I think the maintenance of it would solve itself, personally.
Update: there is something in the works. Iāll provide more details when I can.
I like the way NEXUSMODS does deleted accounts, it renames the account to the user ID number, then tags it with a note saying account has been banned or deleted. Database is maintained. And its all automated.
Obviously this is basically just anonymization which Iām ok with.
I donāt care personally either way, I like the idea of āpermanenceā on the web.
Legally however, checkout: https://gdpr.eu/companies-outside-of-europe/ for the general case though - Iād hate to see some privacy lunatic suing L1 in Europe and getting Wendel on some stupid law enforcement list in trouble next time he wants to pop over. (at one point I had a bench warrant in the US - that additional travel stress was stupid).
Iād prefer we offered a better way out for these āprivacy lunaticsā as I like to call them - for a multitude of reasons.
Iāve seen this page before, but as much as theyād like to have jurisdiction over US organizations and people, the EU does not.
Level1 operates within US shores, so thereās not much that could happen. If any legal action were to happen, theyād need to extradite people for it, and what good would that do, at this scale. Itād cost waaaay more than itās worth.
Users always have edit control over their posts. Iāve never seen a staff member lock a post from edits. If a user doesnāt like or regrets posting something, all they have to do is edit the post.
The fact of the matter is that the post licensing situation is a legal protection for both the user and Level1. It was in place prior to GDPR, and just so happens to be compliant, due to the wording of both the legislature and the contract.
While itās not ideal, itās the best we can do. (since the upstream devs seem to have no interest in providing better mechanisms)
Iāll have to look at the registration process more closely though. We might be able to make the terms more clear during that process.
Iām not a lawyer, but technically a person (realistically anyone involved in operating an organization) could be summoned to court anywhere, and failing to appear could put you on some list that will make it so that next time you fly in for a conference or vacation, youāre thrown into local county jail equivalent pending a court date (not a trial or anything dramaticā¦, but youāre clearly a flight risk at that point) and that could be a month or two away. You may or may not be aware of being on such government/state list. If this happens to you, your home country/government probably wonāt help you in any way since that just costs too much. I believe this is unfortunately symmetrical between US/EU. A question of jurisdiction is usually clearer within EU or within US but internationally thereās various principles of sovereignty that make any home country protections basically non existent.
Also of interest:
-
DMCA (and itās protections) donāt apply outside the US, thereās separate country specific legislation for various countries.
-
In places like Germany, just the fact that level1forums terms of service mention things like āUnconfigured forumā is enough to mean there was no terms of service ever - which implies unlimited responsibility. (someone should read through that page and fix it)
btw, if anyone has any lawyer friends or law school friends in Europe specializing in copyright/privacy/ā¦ please let yourselves be known :)ā¦ just having that contact info might be helpful.
Thanks for the heads up on this part.
Iām personally not really educated enough in the lawās field.
But we are going to pick it up as staff.
It was an inside joke that I wouldnāt expect you to understand.
I had an account I was trying to delete on another platform, but they had no privacy officer and deletion requests had to go through their normal ticketing system. Two tickets logged and a month later I changed my email in the system to [email protected]
and someone finally got back to me a few days later to confirm the deletion.
I like to think some lowly DBA or Marketing person came upon it one afternoon and decided to escalate it accordingly.
Remember that the GDPR is narrow in scope, its about personal data. Your content, and your personal data on a forum are two very different things.
Content is easy, and negotiating it is more about copyright law and fairly easy. Its a good idea to have it clearly communicated and agreed, but GDPR doesnāt factor into it at all.
Personal data is a bit harder.
The forum here does it nearly perfect already. Thereās no unnecessary personal data collected, just an email address and a nick directly, and indirectly logs on the backend. Email/nick is by consent when you sign up, (lawful purpose (a) in the GDPR) and the data logs are unavoidable and by legitimate interest - you literally canāt host a website without it, and you canāt comply with normal laws anywhere if you donāt have some IP records on the back end (lawful purpose (f) in the GDPR). Thereās no intrusive cookie-based tracking, and from the looks of it all cookies are essential for the functioning of the site (so no need for the usual consent popup / cookie opt-out that GDPR requires for non-essential cookies.) Thereās a clear privacy policy. So close to being compliant overallā¦
Now lets look at the rights that the data subject has (quotes from wikipedia: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#II_Principles):
1 Transparency and modalities
Article 12 requires that the data controller provides information to the ādata subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language, in particular for any information addressed specifically to a child.ā
Covered by the privacy policy. Whats collected and why is easily understood and well communicated.
2 Information and Access
The right of access ( Article 15 ) is a data subject right.[13] It gives people the right to access their personal data and information about how this personal data is being processed. A data controller must provide, upon request, an overview of the categories of data that are being processed (Article 15(1)(b)) as well as a copy of the actual data ( Article 15(3) ); furthermore, the data controller has to inform the data subject on details about the processing, such as the purposes of the processing ( Article 15(1)(a) ), with whom the data is shared ( Article 15(1)Ā© ), and how it acquired the data ( Article 15(1)(g) ).
A data subject must be able to transfer personal data from one electronic processing system to and into another, without being prevented from doing so by the data controller. Data that has been sufficiently anonymised is excluded, but data that has been only de-identified but remains possible to link to the individual in question, such as by providing the relevant identifier, is not.[14] In practice however providing such identifiers can be challenging, such as in the case of Appleās Siri, where voice and transcript data is stored with a personal identifier which the manufacturer restricts access to,[15] or in online behavioural targeting, which relies heavily on device fingerprints that can be challenging to capture, send and verify.[16]
Both data being āprovidedā by the data subject and data being āobservedā, such as about behaviour, are included. In addition, the data must be provided by the controller in a structured and commonly used standard electronic format. The right to data portability is provided by Article 20 of the GDPR.[17]
A bit tricky, but not really. The information about what gets processed is already in the privacy policy. Producing a printout of backend log data associated with an account is probably doable manually with some trouble, but nobody sane would ask for it from a harmless forum.
Portability only applies to personally identifiable data, and is a complete non-issue here. Whatever private data you have in your profile is already accessible and reasonably portable. (No invasive trackingā¦ no problems, for a forum.) It really helps a lot that the forum already abides by one of the core ideas of the GDPR - privacy by design - it doesnāt ask for all sorts of nonsense and unnecessary personal data.
3 Rectification and erasure[edit]
A right to be forgotten was replaced by a more limited right of erasure in the version of the GDPR that was adopted by the European Parliament in March 2014.[18][19] Article 17 provides that the data subject has the right to request erasure of personal data related to them on any one of a number of grounds within 30 days, including noncompliance with Article 6(1) (lawfulness) that includes a case (f) if the legitimate interests of the controller are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data (see also Google Spain SL, Google Inc. v Agencia EspaƱola de ProtecciĆ³n de Datos, Mario Costeja GonzĆ”lez ).
Anonymizing nick and removing email address on record covers most of this. Should be mentioned somewhere in the privacy policy or FAQ as an option, but as long as it gets done on request its fine. Not touching associated backend logs is also fine (after the nick/email is forgotten, youāre left with ip-based backend logs that you canāt legally throw out that are processed for a different legal purpose, where youāve done what you can to minimize the privacy impact - since the forum no longer knows the email/nick that IP was tied to.)
4 Right to object and automated decisions
Article 21 of the GDPR [20] allows an individual to object to processing personal information for marketing, sales, or non-service related purposes. This means the data controller must allow an individual the right to stop or prevent controller from processing their personal data.
ā¦
(Further text cut)
Not relevant. The forum doesnāt process personal data for non service related purposes.
ā¦
You know, its almost as if when you do the right thing, you end up very close to being compliant by default.
I would alter a few things - to the privacy policy:
- Add information about how to get anonymized
- Explicitly state that for EU/EFTA residents that data is being processed by consent for categories email/nick, and by legitimate interest for backend logs
- Explicitly state that every cookie used is essential for the functioning of the website
Somewhere else. Probably FAQ or guidelines something:
- Remind people to NOT post personally identifiable information in their posts/threads, with some blurb about why it is a bad idea. Oh and say that if it happens it can be edited out if/when you no longer want it there. (If this forum locks edits for old posts - Iām not sure how it works for that - mods should be able to help if neccesary.)
ā¦
Privacy is important. You might not like that the GDPR applies everywhere, and thereās legitimate concerns about enforce-ability. But it is besides the point. Do the right thing and youāre so close to compliant, for a forum - that you might as well go all the way. Even users in countries without strong privacy laws deserve sane and thoughtful processing of personal data.
Thumbs up to the forum staff for being >90% of the way there already.
Good to know. Iāll have a look at it.
Staff keep unofficial, personal notes on users who have run-ins with the rules, so we donāt get users mixed up. This is internal, offline and not a part of the system. Anything we make official is tied to the account and should be included in what I address in the response below.
Discourse doesnāt log much actually. Thereās URL access logs, error logs, incoming and outgoing links, profile views, read times, likes, flags, and staff action logs. Everything else is āself-loggingā your edits are viewable by yourself (and TL3+), and timestamped, your posts are timestamped, etcā¦
We only keep 2 IP records: Latest and Signup.
If you want to download the data that discourse keeps on your account, you can click the ādownload allā button on your profile:
grumblegrumble legislative hoops
But yeah, Iāll have dig through the recommendations here and see what I can do, when I get some time.