tojag wrote: ↑
Mon May 28, 2018 12:35 pm
Do you really allow editing? This can only change the public conversation
You can offend someone and get offended or insulted at any time in the old post.
You can delete all posts by typing vh8w4hhf9jf40j9 or whatever.
But this is not anonymisation, it is an identifier that allows to separate all posts of that user. This is pseudonymisation. GDPR says that you can pseudonymize if it is impossible to separate data and create a personal profile from them. This is written in GDPR.
If there is a name in the content of a post, you will separate all posts and bring it to that name. And if there will be an address, name, email?
Anonymisation is "Deleted user" and not "Deleted user NNN".
Yes, I allow users to edit posts. Personally I'd never post anything where that wasn't allowed as I always seem to spot typos or rethink how something should be phrased long after I press the Submit button. This post has just been edited twice for example.
Not sure how phpBB reacts to potentially more than one set of comments having the exact same username ("Deleted User") attributed in the database, but which were created by unrelated accounts? Are there any database field linking issues with that? Also, in any retained discussion thread, it is important to see that it was the same person
who made a series of comments, even if you no longer know who that person actually was. Otherwise you cannot follow a conversation.
AmigoJack wrote: ↑
Tue May 29, 2018 8:27 am
. Based on the board settings users can change their username, or it can be changed thru administrators. In such a case be prepared to find all variants, not only one.
If a username has been been changed, I really can't think of any reasonable
or practical way to find any potential historical quotes of the old name, unless the user can provide it. I don't currently allow users to change their own usernames, and I can only think of one occasion where I've had a user request me to do it (a USA user, who I know personally, and not applicable under GDPR anyway).