News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

SMF & GDPR Personally Identifiable Information

Started by kitz, April 11, 2018, 01:35:54 PM

Previous topic - Next topic

kitz

As a follow up to the above and a classic example of data portability.   

I've just this minute logged into my Asda account to do my weekly shop and I see Asda taking advantage of the new data portability rules and what they are intended for.

This is brand new and the first time I've seen it

QuoteImport your favourites

Add your favourite products from another supermarket to your Asda account and speed up your shop

...  and talking of such, I cant recall getting any notification from Asda about their new policy.  I shall have to check but  I certainly have not said 'yes' to anything.

-------------
ETA - nope no email about a new policy.   I did however get a "Asda uses cookies" pop up when I logged in.   Now considering I use them every week I will have given cookie consent on previous occasions, so it looks like they may have forced a new cookie within the past week.   


hugbear

Technically, personal messages in SMF, while definitely not public, are not private either. The forum software does not guarantee that a controller's representative (i.e. the website admin) can't access the content of PMs. Just nit-picking...

Kindred

right... nor does anything guarantee that your emails won't be read, in transit, by the NRA and Carnivore...

see Kitz's other statements, just above yours.   PMs are not portable - therefore, they don't count.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

hugbear

Right, I wasn't critical of the way SMF handles PMs, just pointing out the difference.

I don't think the size of the organization counts for much but rather what's being done with the PII in custody of the controller. If such information is being misused (e.g. sold to marketers or profilers), probably the consequences would be much harsher than if it's just collecting dust in the database of a stamp collector's forum. After all, misuse of PII is what this regulation is trying to protect users from.

Kindred

they just don't actually understand anything and therefore are going about the process in an idiotic way that actually makes no sense
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Louis

I don't think the PMs should be in focus for export - at least not now (nor in the near future).
This is opening Pandora's box. Making PMs exportable raises the same questions as deletion of all messages a user ever wrote in the forum: what if a PM contains a quote from another user's PM? Is the exporting user by any means entitled to "own" that quote - or is the quote rather property of the original author?
Let some judges go that route first before making any software mods - in worst case any SMF admin could always manually extract things directly from the database.


On the other hand I would as well vote for individual profile fields being included in the export - after all they are part of the user's profile and most probably not just there to fill some empty space on the page. Even without GDPR that would be a nice feature.
It is your mind that creates this world (Buddha)

Conay

Fair enough - it's a bit of a legal minefield but it's important these things are discussed. I don't know if anyone's tried downloading Facebook/Twitter data and whether it contains DMs, if not then not including PMs would be going against general practice.

Aleksi "Lex" Kilpinen

Any website selling anything can basically cite contractual necessity, and base their rights to the data on legal interests alone - so websites like Asda mentioned earlier do not actually need to ask any consent if you have bought something from them.
Slava
Ukraini!


"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

kitz

I've just noticed something about the mod and that is the fact that you can only export your own data.   Should admin (and only admin) not be able to export someone else's Data Information.

There may be times where say a user has been banned, but still has the right to request what information is held about them. 

Kindred

no. IMO the admin should NOT be able to export anyone's data.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Aleksi "Lex" Kilpinen

Quote from: Kindred on May 18, 2018, 09:52:00 AM
no. IMO the admin should NOT be able to export anyone's data.
Actually, why not if PMs are not included? I think for full compliance, it might in some cases be needed for an admin to do the actual export.
Slava
Ukraini!


"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

Si6776

Quote from: Aleksi "Lex" Kilpinen on May 18, 2018, 10:13:16 AM
Quote from: Kindred on May 18, 2018, 09:52:00 AM
no. IMO the admin should NOT be able to export anyone's data.
Actually, why not if PMs are not included? I think for full compliance, it might in some cases be needed for an admin to do the actual export.

If a banned member wants to export their data, they could be downgraded to a partial ban, so that they can still log into their account, and therefore export their own data, but cannot actually post anything.

Aleksi "Lex" Kilpinen

Quote from: Si6776 on May 18, 2018, 10:18:52 AM
Quote from: Aleksi "Lex" Kilpinen on May 18, 2018, 10:13:16 AM
Quote from: Kindred on May 18, 2018, 09:52:00 AM
no. IMO the admin should NOT be able to export anyone's data.
Actually, why not if PMs are not included? I think for full compliance, it might in some cases be needed for an admin to do the actual export.

If a banned member wants to export their data, they could be downgraded to a partial band, so that they can still log into their account, and therefore export their own data, but cannot actually post anything.
Well, true.. Could do it that way as well.
Slava
Ukraini!


"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

kitz

#173
TBF I'm not even sure if forum posts nvm PMs apply to the right to data portability. 

I've spoken to 2 people who have been dealing with GDPR, one of whom has had quote extensive legal advice and been delivering training to others.   I've had her look over my site as she offered free advice to small businesses who were customers of hers.  The only thing I still need to cover is a statement about the right to erasure and how I would go about this as I havent yet changed my ToS, but the previous example provided earlier in this thread covers everything. 

quote from ico

QuoteInformation is only within the scope of the right to data portability if it is personal data of the individual that they have provided to you.

The idea is basically to be able to transfer personal data you may have given you such as email/phone nos to another organisation but could also include elsewhere as in the case of shopping lists, tracking data such as locations you've visited (read google traffic and location data) and data from smart meters (ie gas/electricity suppliers) so that you can easily move your data between one supplier and another. 


She didn't think forum post's applied for portability but suggested I ring the ico if I wanted to double check.   I hung on to their phone line listening to their "We are experiencing extremely high volume of calls to our helpline" for an hour before I hung up. :(
Their phone no is 0303 123 1113 if anyone else wants to try.


---------------
PS   After several convo's with her and not even taking into account data portability this is what she said after checking out my site and Privacy Policy

QuoteI reckon you're covered - detail is good, the main point of GDPR is explicit and transparent explanation on the use of the subjects data and the opportunity for the subject to choose to not share their data with you based on that explanation so I don't think you can be too detailed ! If you've explained everything and they've opted in then you're not going to be liable. And yeah once they leave guest account them - boom - oh one thing - add a line at the bottom stating that they can opt out of the forum at any time and data will be anonymised- that's a big one, making it clear you are offering the option to change their mind even if prior consent was given.

kitz

In view of the above can I ask a request from @vbgamer45 please.

Would it be possible from within the admin CP > GDPR Helper > Settings to break down the setting  "Allow members to export their own data" into 2 distinct settings

  • Export User Data Information
  • Export Posts

Despite not having had it switched on for long and not even making it public that its there,  I've already had one query about the Export post function in that nothing came up for them.
Obviously this was because they tried the lowest 1000 and they didn't join the forum until a few years after it started.   When you have a forum with hundreds of thousands of posts, then its obviously going to take quite a while to go through several hundred runs just to find if a user has made any posts in that particular batch of 1000.

~ I envisage this could cause more queries when more users notice that it's there and me repeatedly having to explain that they are going to have to run a check on each batch of 1000. 

~ I also have concerns over server load -  If you had someone repeatedly clicking that button just for the hell of it.

Therefore I'm quite happy to leave the "User Data Information" in place, but I'd like to be able to switch off Exporting Posts unless I got a specific request to me please.

Finally - Someone also brought up profile data.    From what I can gather it is far more important to put info they may have supplied (such as location) in the csv file than concerns over data portability, which is a separate issue and may not even apply.   

Si6776

Quote from: kitz on May 18, 2018, 02:41:28 PM
In view of the above can I ask a request from @vbgamer45 please.

Would it be possible from within the admin CP > GDPR Helper > Settings to break down the setting  "Allow members to export their own data" into 2 distinct settings

  • Export User Data Information
  • Export Posts

Despite not having had it switched on for long and not even making it public that its there,  I've already had one query about the Export post function in that nothing came up for them.
Obviously this was because they tried the lowest 1000 and they didn't join the forum until a few years after it started.   When you have a forum with hundreds of thousands of posts, then its obviously going to take quite a while to go through several hundred runs just to find if a user has made any posts in that particular batch of 1000.

~ I envisage this could cause more queries when more users notice that it's there and me repeatedly having to explain that they are going to have to run a check on each batch of 1000. 

~ I also have concerns over server load -  If you had someone repeatedly clicking that button just for the hell of it.

Therefore I'm quite happy to leave the "User Data Information" in place, but I'd like to be able to switch off Exporting Posts unless I got a specific request to me please.

Finally - Someone also brought up profile data.    From what I can gather it is far more important to put info they may have supplied (such as location) in the csv file than concerns over data portability, which is a separate issue and may not even apply.   

So, just to clarify, to export posts, does the user need to know the message ID of the range of posts they want to export?  That sounds incredulous and virtually impossible to action from a user perspective.  Surely that would be exempted from GDPR requirements on the grounds that it's not reasonably possible to provide such data in that way?  I can't really see that anyone would want to export all of their posts anyway, but if someone wanted to maliciously cause havoc by overloading a server, or making demands for the data from an Admin, that would seem a good way to do it.  :(

vbgamer45

It's a range. If Only if you have more 1000 posts. That is done not to overload the server. I could raise it. It is not really that taxing for the amount of data that is exported.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Si6776

Quote from: vbgamer45 on May 18, 2018, 04:33:41 PM
It's a range. If Only if you have more 1000 posts. That is done not to overload the server. I could raise it. It is not really that taxing for the amount of data that is exported.

Some of my members have many thousands of posts.  It would be good if there was some clarification as to whether we actually need to allow exporting of posts as well as profile data.

kitz

Quote from: vbgamer45 on May 18, 2018, 04:33:41 PM
It's a range. If Only if you have more 1000 posts. That is done not to overload the server. I could raise it. It is not really that taxing for the amount of data that is exported.

I'm not quite sure what you mean.   This is what shows if I try to export my own data (see attachment below)
0 - 372,816 which it total number of forum posts.  Yet if I view my stats I have made a total of 31,050 posts.


The member who queried me ran it for 0-1000 and it returned zero results.   Presumably this will be because he didn't have any posts within the message ID range 1-1000 as he only joined in 2011.  Yet he has made 22188 posts since then. 

Can you perhaps see the problem here?  How will any member know what range to enter when presented with 0-372,816
I'd probably have to run it 373 times to make sure I get all my own posts :(

vbgamer45

I see the issue. I guess could let no limit....Just was doing for server load reasons
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Advertisement: