News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

SMF & GDPR Personally Identifiable Information

Started by kitz, April 11, 2018, 01:35:54 PM

Previous topic - Next topic

petewadey

Quote from: Illori on May 12, 2018, 06:16:57 AM
Quote from: petewadey on May 12, 2018, 04:06:08 AM
I'm very curious why this forum hasn't done anything about GDPR yet? As it holds the same personal data as mine or anyone else's Simple Machines Forum?

we are in the process of consulting a lawyer for what we need to do.

Thanks. I will wait and see the outcome.

Si6776

Does the GDPR Helper record when members agree to the User Agreement and Privacy Policy?  If not, is there any way to do this, or is the fact that they have to have consented to access the forum enough?

Bigguy

I have over 1000 posts on my site. When I try to download my content I get this error:
QuoteMore than 1000 messages in selected range please make your range smaller to export
If I make the range smaller how do I download ALL my data. ??? An error comes with this:
Invalid argument supplied for foreach()Profile.template.php Line 1473

I am sorry if this post is in the wrong place. If it needs to be moved that's cool.

vbgamer45

Quote from: Si6776 on May 12, 2018, 06:13:40 PM
Does the GDPR Helper record when members agree to the User Agreement and Privacy Policy?  If not, is there any way to do this, or is the fact that they have to have consented to access the forum enough?
Yes it does.

Quote from: Bigguy on May 12, 2018, 10:16:45 PM
I have over 1000 posts on my site. When I try to download my content I get this error:
QuoteMore than 1000 messages in selected range please make your range smaller to export
If I make the range smaller how do I download ALL my data. ??? An error comes with this:
Invalid argument supplied for foreach()Profile.template.php Line 1473

I am sorry if this post is in the wrong place. If it needs to be moved that's cool.
So you would do in portions with a start and end index.
If the forum has 100k messages and you posted 2000 times. I would try first a starrt index of 1 and end index of 50000 then repeat for the second part a start index of 50000 and end index of 100000
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Bigguy


petewadey

Has the GDPR Helper unticked members "Allow users to email me" by default, or has that always been the case? It makes sense if it does.

Si6776

Quote from: vbgamer45 on May 12, 2018, 10:25:08 PM
Quote from: Si6776 on May 12, 2018, 06:13:40 PM
Does the GDPR Helper record when members agree to the User Agreement and Privacy Policy?  If not, is there any way to do this, or is the fact that they have to have consented to access the forum enough?
Yes it does.

Sorry to be thick, but where would this record be, should we be asked for it?

@rjen

Quote from: Si6776 on May 13, 2018, 04:47:19 AM
Quote from: vbgamer45 on May 12, 2018, 10:25:08 PM
Quote from: Si6776 on May 12, 2018, 06:13:40 PM
Does the GDPR Helper record when members agree to the User Agreement and Privacy Policy?  If not, is there any way to do this, or is the fact that they have to have consented to access the forum enough?
Yes it does.

Sorry to be thick, but where would this record be, should we be asked for it?

See this reply: https://www.simplemachines.org/community/index.php?topic=559841.msg3970969#msg3970969

But getting at the data now requires a query in PHP admin.
It would be nice to have a list of this data present in the admin menu as well, for easy access should this be requested in future...
Running SMF 2.1 with latest TinyPortal at www.fjr-club.nl

Si6776

Quote from: @rjen on May 13, 2018, 06:25:08 AM
Quote from: Si6776 on May 13, 2018, 04:47:19 AM
Quote from: vbgamer45 on May 12, 2018, 10:25:08 PM
Quote from: Si6776 on May 12, 2018, 06:13:40 PM
Does the GDPR Helper record when members agree to the User Agreement and Privacy Policy?  If not, is there any way to do this, or is the fact that they have to have consented to access the forum enough?
Yes it does.

Sorry to be thick, but where would this record be, should we be asked for it?

See this reply: https://www.simplemachines.org/community/index.php?topic=559841.msg3970969#msg3970969

But getting at the data now requires a query in PHP admin.
It would be nice to have a list of this data present in the admin menu as well, for easy access should this be requested in future...

Thanks, I missed that.  I agree, it would be good to have this available in the Admin Control Panel. 

jppialasse

Quote from: CoreISP on May 02, 2018, 09:44:35 AM
PDF, I'm not even sure if you can make a machine interpret the content normally?
In which case, I wonder if PDF is even an acceptable interchangeable format and would be more inclined to say it'd have to be something like CSV.

Quote from: wiebke on May 02, 2018, 07:43:10 AM
Yes, I saw that and it's great work. But if the member wans to stay active, I would like to be able deleting the IP on older topics. Especially on those, where the member already have been deleted.

Maybe I understand wrong, but if a member wants to stay active, that means they keep giving you their consent.
In which case, I don't think they have the right to selectively ask you to "forget" things. You can't demand to only selectively give consent for an agreement. It's an all or nothing scenario, either you give consent or you retract consent; they can't demand "I give you consent for section A to E but not for sections F to K" - that's not how it works. That means everyone could potentially get a tailored agreement, that'd be disastrous.

Moreover, collecting IP's of active users is a genuine processing case to keep track of spam and account changes...

Sorry for the late answer to this post in the thread, but an option to delete IP, from ALL posts, after a certain amount of time is a legitimate option, even before GDPR.

If you take the situation in France, you can and even have to collect IP as a provider of services and keep them up to one year. After that you have to anonymize the IP ( for reference :  "La loi du 21 juin 2004 pour la confiance dans l'économie numérique et le décret  du 25 février 2011". ) .   Also with the GDPR, there is an emphasize on the fact that data has to be kept for the time it is useful for its initial purpose.

So I am ok with the fact that the ip are used to fight against SPAM, but what about an IP logged 12 years ago ? What is its purpose today ? Knowing that the user was in Barbados in July 2006 is a little intrusive, isn't it ? The geoiplookup might even not be accurate with possibles changes.

In other words we do not have a legitimate reason to keep them as SMF currently do and it should be purged after X months ( have to be set depending on your local legislation)

Si6776

Quote from: jppialasse on May 14, 2018, 12:01:02 PM
Quote from: CoreISP on May 02, 2018, 09:44:35 AM
PDF, I'm not even sure if you can make a machine interpret the content normally?
In which case, I wonder if PDF is even an acceptable interchangeable format and would be more inclined to say it'd have to be something like CSV.

Quote from: wiebke on May 02, 2018, 07:43:10 AM
Yes, I saw that and it's great work. But if the member wans to stay active, I would like to be able deleting the IP on older topics. Especially on those, where the member already have been deleted.

Maybe I understand wrong, but if a member wants to stay active, that means they keep giving you their consent.
In which case, I don't think they have the right to selectively ask you to "forget" things. You can't demand to only selectively give consent for an agreement. It's an all or nothing scenario, either you give consent or you retract consent; they can't demand "I give you consent for section A to E but not for sections F to K" - that's not how it works. That means everyone could potentially get a tailored agreement, that'd be disastrous.

Moreover, collecting IP's of active users is a genuine processing case to keep track of spam and account changes...

Sorry for the late answer to this post in the thread, but an option to delete IP, from ALL posts, after a certain amount of time is a legitimate option, even before GDPR.

If you take the situation in France, you can and even have to collect IP as a provider of services and keep them up to one year. After that you have to anonymize the IP ( for reference :  "La loi du 21 juin 2004 pour la confiance dans l'économie numérique et le décret  du 25 février 2011". ) .   Also with the GDPR, there is an emphasize on the fact that data has to be kept for the time it is useful for its initial purpose.

So I am ok with the fact that the ip are used to fight against SPAM, but what about an IP logged 12 years ago ? What is its purpose today ? Knowing that the user was in Barbados in July 2006 is a little intrusive, isn't it ? The geoiplookup might even not be accurate with possibles changes.

In other words we do not have a legitimate reason to keep them as SMF currently do and it should be purged after X months ( have to be set depending on your local legislation)

Does it have any bearing that only Admins can see IPs?  Also, I've been with my ISP for 11 years, and have always had the same fixed IP address, so it's quite possible that older IPs could still be attached to a current user.  The only way around this that I can see would be to delete all users who haven't logged in for a given period of time.  But, at the moment the legislation surrounding forums is quite woolly, so I'm not about to start deleting swathes of members, until I know that I have to.

jppialasse

Quote from: Si6776 on May 14, 2018, 12:21:04 PM

Does it have any bearing that only Admins can see IPs?  Also, I've been with my ISP for 11 years, and have always had the same fixed IP address, so it's quite possible that older IPs could still be attached to a current user.  The only way around this that I can see would be to delete all users who haven't logged in for a given period of time.  But, at the moment the legislation surrounding forums is quite woolly, so I'm not about to start deleting swathes of members, until I know that I have to.
It is still an issue as you shall not keep data for longer than they are intended to be used.

The easy solution I see, is for all posts older than X months/years, replace the ip by 127.0.0.1 or another local loop IP in  smf_members and smf_messages  and for all elements also older than this amount of time   just flush the lines from  smf_log_errors smf_log_floodcontrol

vbgamer45

What is the time period for that intended use? I would argue at times it could be a long time if you have ever encounter a legal issue.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Si6776

It would be difficult to define a period of use.  If someone joins a forum, seeing as that's what we're talking about here, it's not usually stipulated how long they will be a member for, therefore the 'period of use' can only be determined as indefinite, or until the member closes their account. 

I guess it could be argued that any members who don't re-consent could be considered no longer active members, but it's all ifs buts and maybes.  My understanding is that data does not have to be deleted unless there is a request to do so.  So, who is to decide whether and when to delete a member through inactivity?

Also, what happens in the event of a deceased member?  They obviously can't request that their account and data is deleted, so should forum owners take that decision upon themselves?

Kindred

I disagree with your contention, jppialasse - and I would disagree with the removal of IP being a standard feature in SMF.

The GDPR allows the user to request the removal when the account is deleted.... other than that... nope, it stays!
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

petb

Quote from: jppialasse on May 14, 2018, 02:39:14 PM
........... as you shall not keep data for longer than they are intended to be used.
I agree with this point.
The EU requires the data to be deleted as soon as they are no longer needed to fulfill the service.
The EU generally says that only data may be stored which are essential for the service to be granted.
Since the IP address for the operation of the forum is not mandatory (?) It should not be stored at all.
Why does the forum need the IP?
There is no legal obligation to keep an IP.

vbgamer45

I disagree there is a legal need to keep an ip address if someone posts/uploads something. You  will need to turn off over some information.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Si6776

Quote from: petb on May 14, 2018, 04:04:55 PM
Quote from: jppialasse on May 14, 2018, 02:39:14 PM
........... as you shall not keep data for longer than they are intended to be used.
I agree with this point.
The EU requires the data to be deleted as soon as they are no longer needed to fulfill the service.
The EU generally says that only data may be stored which are essential for the service to be granted.
Since the IP address for the operation of the forum is not mandatory (?) It should not be stored at all.
Why does the forum need the IP?

Every website uses an IP address to connect to the user.  IP addresses are essential on forums to manage bans, guard again spammers / hackers, and in case there is a legal request for information.

petb

There is no obligation to collect data to make it easier for criminal authorities to identify disturbers.
Because that would put any user under criminal suspicion, which may not be synonymous.

For a long time, there have been initiatives that investigate exactly storing the IP addresses as illegal.
Why else were there e.g. the Telekom allowed only a storage time of 80 days?
Only because they were granted that they are needed for 80 days for settlements or their complaint by the participant, as proof of the settlement.

There have been many discussions that the IP is just not needed for flatrates. Etc. etc..
And the whole thing is exacerbated by the GDPR now.

Quote from: Si6776 on May 14, 2018, 04:12:15 PM
Quote from: petb on May 14, 2018, 04:04:55 PM
Quote from: jppialasse on May 14, 2018, 02:39:14 PM
........... as you shall not keep data for longer than they are intended to be used.
I agree with this point.
The EU requires the data to be deleted as soon as they are no longer needed to fulfill the service.
The EU generally says that only data may be stored which are essential for the service to be granted.
Since the IP address for the operation of the forum is not mandatory (?) It should not be stored at all.
Why does the forum need the IP?

Every website uses an IP address to connect to the user.  IP addresses are essential on forums to manage bans, guard again spammers / hackers, and in case there is a legal request for information.
If this is listed as a reason, then it is worth considering which law is rated higher.
The right to your own data or the possible defense against interferers?
Since it is clear what a judge will say, "the potential risk of possible interference weighs less"
And to ward off interferers hackers, etc., the IP may indeed be saved!
But just "not burdensome long" in a post by a user.
And that's the point here.

It is not necessary to save the IP for the post of a user.
If it interferes, the user account can be locked.
No IP storage is necessary for this.

Storing the IP detached from the user name to prevent further interference via firewalls, acceslists, etc. is another matter.
The context of storage is important.

Si6776

So, how are dynamic IP addresses dealt with?  And how do you deal with users who, like myself, access the forum from different locations, and therefore, have different IP addresses all the time?

Advertisement: