Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
GDPR Compliancy - delete user info - does this include delete posts?
#1
Looks as though all Websites need to be GDPR compliant as part of new Privacy Regulations.  This came into effect at end of May this year.

How will this effect discussion forums?  Like  if a member should ask us to delete his account?  Previously our response was to change the name rather than delete it so that we won't lose the posts.

Is there any way one can delete the user without deleting the posts?  Or does anyone here know whether the posts have to be deleted?
Reply
#2
Deleting a user in the ACP does *not* delete their posts, only with tools like goodbyespammer.

Under the new European law they would have a right to have their name dissociated from their posts, but not necessarily to have their posts removed. So iif you want to keep the posts after deleting a user, you can run a command in the database to replace their user name with "Guest" or something of your choice in the _posts and _threads tables.
Reply
#3
A plugin called Amnesia is currently in development stages, but is fairly stable as far as I am concerned (I have been using it for weeks now, never had a problem).
[Image: fSGNVQj.png]
Reply
#4
(07-23-2018, 10:53 AM)linguist Wrote: Deleting a user in the ACP does *not* delete their posts, only with tools like goodbyespammer.

Under the new European law they would have a right to have their name dissociated from their posts, but not necessarily to have their posts removed. So iif you want to keep the posts after deleting a user, you can run a command in the database to replace their user name with "Guest" or something of your choice in the _posts and _threads tables.

True.  I think if you delete the user then their posts become "guest" posts.

Thank you for the feedback though.  We've been following the rule of dissociation from the beginning of time.  So we should be in the clear if that is how the GDPR compliancy is interpreted.  But it would be good to know who the posts belong to.  To the Forum or to the member?
Reply
#5
(07-27-2018, 11:24 AM)hellsing Wrote:
(07-23-2018, 10:53 AM)linguist Wrote: Deleting a user in the ACP does *not* delete their posts, only with tools like goodbyespammer.

Under the new European law they would have a right to have their name dissociated from their posts, but not necessarily to have their posts removed. So iif you want to keep the posts after deleting a user, you can run a command in the database to replace their user name with "Guest" or something of your choice in the _posts and _threads tables.

True.  I think if you delete the user then their posts become "guest" posts.

Thank you for the feedback though.  We've been following the rule of dissociation from the beginning of time.  So we should be in the clear if that is how the GDPR compliancy is interpreted.  But it would be good to know who the posts belong to.  To the Forum or to the member?


They become guest posts, but the user name is usually still there, it just isn't a link to a profile any more for lack of a UID.


Whether posts belong to the authors or the board owners depends very much on the board's terms of service and national (copyright) laws.
Reply
#6
Changing username looks like a nice idea to me.
Reply
#7
Just because you have changed their username doesn't mean someone can't identify them from their posts.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)