New GDPR (General Data Protection Regulation) and phpBB

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Ideas Centre
User avatar
AmigoJack
Registered User
Posts: 6108
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by AmigoJack »

andrewilley wrote: Mon May 28, 2018 10:47 amMy only concern there is that other users may already have quoted one of their posts, which would have embedded their old username in text form into the reply, and I can't see any way to automate fixing that.
Usernames. Based on the board settings users can change their username, or it can be changed thru administrators. In such a case be prepared to find all variants, not only one.
  • "The problem is probably not my English but you do not want to understand correctly. ... We will not come anybody anyway, nevertheless, it's best to shit this." Affin, 2018-11-20
  • "But this shit is not here for you. You can follow with your. Maybe the question, instead, was for you, who know, so you shoved us how you are." axe70, 2020-10-10
  • "My reaction is not to everyone, especially to you." Raptiye, 2021-02-28
andrewilley
Registered User
Posts: 114
Joined: Fri Sep 12, 2008 7:28 pm
Location: Birmingham UK
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by andrewilley »

tojag wrote: Mon May 28, 2018 12:35 pm Do you really allow editing? This can only change the public conversation :)
You can offend someone and get offended or insulted at any time in the old post.
You can delete all posts by typing vh8w4hhf9jf40j9 or whatever.

....

But this is not anonymisation, it is an identifier that allows to separate all posts of that user. This is pseudonymisation. GDPR says that you can pseudonymize if it is impossible to separate data and create a personal profile from them. This is written in GDPR.
If there is a name in the content of a post, you will separate all posts and bring it to that name. And if there will be an address, name, email?
Anonymisation is "Deleted user" and not "Deleted user NNN".
Yes, I allow users to edit posts. Personally I'd never post anything where that wasn't allowed as I always seem to spot typos or rethink how something should be phrased long after I press the Submit button. This post has just been edited twice for example. :)

Not sure how phpBB reacts to potentially more than one set of comments having the exact same username ("Deleted User") attributed in the database, but which were created by unrelated accounts? Are there any database field linking issues with that? Also, in any retained discussion thread, it is important to see that it was the same person who made a series of comments, even if you no longer know who that person actually was. Otherwise you cannot follow a conversation.

AmigoJack wrote: Tue May 29, 2018 8:27 amUsernames. Based on the board settings users can change their username, or it can be changed thru administrators. In such a case be prepared to find all variants, not only one.
If a username has been been changed, I really can't think of any reasonable or practical way to find any potential historical quotes of the old name, unless the user can provide it. I don't currently allow users to change their own usernames, and I can only think of one occasion where I've had a user request me to do it (a USA user, who I know personally, and not applicable under GDPR anyway).

Andre
--- Admin of www.portorleans.org
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26508
Joined: Fri Aug 29, 2008 9:49 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Mick »

Ref: viewtopic.php?f=556&t=2473666

I was under the impression it was against GDPR rules to force anything on anyone?
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
User avatar
tojag
Registered User
Posts: 422
Joined: Thu Aug 07, 2014 8:00 am
Location: Warsaw, Poland, EU
Name: Gregory

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by tojag »

phpbb enforces from the first registration form:
- accept for tos,
- email,
- password :)
and others fields with attribute 'required'.
David63's privacy policy extension is also for enforcing acceptance privacy policy and / or cookies.
I would like to see a forum without such enforcing. Maybe only for guests. :) Although it will probably be forcing you to read the rules to send a post as a guest.

The fact is that GDPR enforces the collection of consents so we have to do it if we want to process data.
LaxSlash1993
Registered User
Posts: 182
Joined: Sat Sep 22, 2012 2:20 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by LaxSlash1993 »

We allow our users one username change evey 30 days. All previous usernames are permanently logged and stored.

We also allow the most recent post to be edited within 1 week of being posted.
User avatar
Ger
Registered User
Posts: 2108
Joined: Wed Jan 02, 2008 7:35 pm
Location: 192.168.1.100
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Ger »

Just to drop this here: I'm related to a board with > 1M posts where many users have registered with a linked Facebook account, thus using their real life names.
We get account removal requests quite often, but removing a user keeps quotes with their username intact. In the past we just left those and/or edited those posts to anonymise them when we stumbled on them.
With the GDPR (or AVG in Dutch) in effect, we need to take active action to anonymise those quotes. First step I've taken is to write the Quoted Where extension. It enables us to quickly find where a user was quoted. Since this is just a first version it justs searches and leaves the editing to a board admin, but if this works solid, I intend to make it possible to remove the usernames from those quotes as well.

I appreciate if some users are willing to try out this extension to improve it ASAP.
My extensions:
Simple CMS, Feed post bot, Avatar Resize, Modbreak, Magic OGP, Live topic update, Modern Quote, Quoted Where (GDPR) and Autoresponder.
Newest: FAQ manager for 3.2

Like my work? Buy me a coffee to keep it coming. :ugeek:

-Don't PM me for support-
User avatar
david63
Registered User
Posts: 20646
Joined: Thu Dec 19, 2002 8:08 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by david63 »

Ger wrote: Wed May 30, 2018 1:39 pm linked Facebook account, thus using their real life names.
You mean people actually use their "real" names on Facebook :o :shock: :o :shock:
David
Remember: You only know what you know and - you don't know what you don't know!

I now no longer support any of my extensions but they will start to become available here
User avatar
Ger
Registered User
Posts: 2108
Joined: Wed Jan 02, 2008 7:35 pm
Location: 192.168.1.100
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Ger »

Seems so
My extensions:
Simple CMS, Feed post bot, Avatar Resize, Modbreak, Magic OGP, Live topic update, Modern Quote, Quoted Where (GDPR) and Autoresponder.
Newest: FAQ manager for 3.2

Like my work? Buy me a coffee to keep it coming. :ugeek:

-Don't PM me for support-
User avatar
david63
Registered User
Posts: 20646
Joined: Thu Dec 19, 2002 8:08 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by david63 »

More fool them, I say
David
Remember: You only know what you know and - you don't know what you don't know!

I now no longer support any of my extensions but they will start to become available here
User avatar
Ger
Registered User
Posts: 2108
Joined: Wed Jan 02, 2008 7:35 pm
Location: 192.168.1.100
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Ger »

Ger wrote: Wed May 30, 2018 1:39 pmI intend to make it possible to remove the usernames from those quotes as well.
And that's working now as well :)
My extensions:
Simple CMS, Feed post bot, Avatar Resize, Modbreak, Magic OGP, Live topic update, Modern Quote, Quoted Where (GDPR) and Autoresponder.
Newest: FAQ manager for 3.2

Like my work? Buy me a coffee to keep it coming. :ugeek:

-Don't PM me for support-
User avatar
noth
Registered User
Posts: 2528
Joined: Fri Jan 07, 2005 7:10 pm
Location: North Surrey
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by noth »

Who can use Facebook
When people stand behind their opinions and actions, our community is safer and more accountable. For this reason, you must:
Use the same name that you use in everyday life.
are you suggesting that you join a website and simply break their terms and conditions from Day 1?

that is your advice?
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26508
Joined: Fri Aug 29, 2008 9:49 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Mick »

Use the same name that you use in everyday life
:lol: seriously?

How is that policed?
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
User avatar
noth
Registered User
Posts: 2528
Joined: Fri Jan 07, 2005 7:10 pm
Location: North Surrey
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by noth »

am I to take it that unless a terms and condition can be "policed" ....... we just ignore it?
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26508
Joined: Fri Aug 29, 2008 9:49 am

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by Mick »

No, I’m just saying how do you know if the name a user is using is his everyday name any more than anybody filling out the COPPA agreement is over thirteen?
  • "The more connected we get the more alone we become" - Kyle Broflovski©
  • "The good news is hell is just the product of a morbid human imagination.
    The bad news is, whatever humans can imagine, they can usually create.
    " - Harmony Cobel
User avatar
noth
Registered User
Posts: 2528
Joined: Fri Jan 07, 2005 7:10 pm
Location: North Surrey
Contact:

Re: New GDPR (General Data Protection Regulation) and phpBB

Post by noth »

david63 wrote: Wed May 30, 2018 2:45 pm More fool them, I say
yes quite

and more fool anybody who puts their real name too eh? do you agree with that?
Post Reply

Return to “phpBB Discussion”