Jibeji Posted December 5, 2018 Posted December 5, 2018 Hi, In the context of the GDPR, I am wondering wether there is a way to anonymize all the content refering to un unsbscribed user. In my forum, everybody uses its real name, not a pseudo. I know that the content a user has posted can by anonymized while deleting it in the Admin CP, but the user can also request his name to be deleted everywhere it appears. Is there a way replace the name of that user in every post (quotation, @user, etc...) ?
ptprog Posted December 6, 2018 Posted December 6, 2018 On 12/5/2018 at 4:35 PM, Jibeji said: [...] but the user can also request his name to be deleted everywhere it appears. That would mean you could forbid others from mentioning your name. I don't think that GDPR requires that level of anonymization.
Jibeji Posted December 6, 2018 Author Posted December 6, 2018 Unfortunately yes. As the name is a personal information, a user can request it to be deleted.
opentype Posted December 6, 2018 Posted December 6, 2018 12 minutes ago, Jibeji said: Unfortunately yes. As the name is a personal information, a user can request it to be deleted. Parts of the GDPR read very strictly can be interpreted that way, but there are also clauses which can explicitly overrule that, e.g. “for exercising the right of freedom of expression and information” or “for archiving purposes in the public interest”, which might apply to forum discussions. Just stating what “Jon Doe” said publicly in a forum might be a typical case for both points. For a definitive answer, we would have to wait for a court ruling which specifically deals with that. Note that GDPR is about data processing and the (mis)use which can follow from that. It is not a tool for people to never being mentioned again on the internet. That’s not the goal since it would have tons of bad consequences as well. Joel R 1
Jibeji Posted December 6, 2018 Author Posted December 6, 2018 I know that, but the whole sentence is : Quote Paragraphs 1 and 2 shall not apply to the extent that processing is necessary: for exercising the right of freedom of expression and information; It has been declared by the local regulator in France that keeping a name public on a forum is not a such necessity.
opentype Posted December 6, 2018 Posted December 6, 2018 Interesting. Then you better post it in the Feedback forum as feature request. There is no way currently to find username in posts and to anonymize them.
ptprog Posted December 6, 2018 Posted December 6, 2018 (edited) 59 minutes ago, Jibeji said: It has been declared by the local regulator in France that keeping a name public on a forum is not a such necessity. Can you provide a source? (I'm trying to understand to what extent that position applies. It makes sense for the post metadata, but not for contents written by others. We could say that quotes are metadata too. When we are talking about content directly written by other users, we would be constraining the freedom of expression of such users, though.) Edited December 6, 2018 by ptprog
Jibeji Posted December 6, 2018 Author Posted December 6, 2018 The source is a registered letter from the CNIL (Commission nationale de l'informatique et des libertés) I received at home... 😞
Nathan Explosion Posted December 6, 2018 Posted December 6, 2018 This will allow you to display names in quotes and mentions as 'Guest' instead of the original name of the account at the time the quote/mention was made. Note that it doesn't make any changes to the saved content in the database at all - the changes are performed at display time. Maxxius, Cyboman and AndyF 2 1
bfarber Posted December 7, 2018 Posted December 7, 2018 What happens (or should happen) exactly if I visit a random forum on the internet right now and post about "Jibeji"? Is the site liable to remove that? Is that "personally identifying information"?
Nathan Explosion Posted December 7, 2018 Posted December 7, 2018 (edited) On 12/5/2018 at 4:35 PM, Jibeji said: everybody uses its real name @bfarber - Jibeji's requirement is based on the above, which is 'personally identifying information' as it's their name. 😉 Edited December 7, 2018 by Nathan Explosion
Jibeji Posted December 7, 2018 Author Posted December 7, 2018 Hi, I'll sql / replace in the database to sort this quickly out. Thanks for your answers.
tonyv Posted December 7, 2018 Posted December 7, 2018 (edited) I love this whole real name thing insofar as the internet is concerned. Even an IP address doesn't prove who posted something. For example, every one of my posts on this forum, even if attributed to the same IP address, could have been made by a different person … even from the same computer! I take note of the varying levels of brainwashing in other areas of life, too. For example, I don't care for the whole "legal signature" thing either. I'll sign my name however I want -- differently every time if I like. Here's how that has gone down in a bank when cashing a check I endorsed with some scribble in front of the teller: Teller: Is this your actual signature? Me: You just witnessed me sign it! Teller: Well, could you please sign it so it looks like it does on the ID ... Me: Okay Yea, I guess no one else in the world could have done that. And the picture on the ID even kind of looks like me … Edited December 7, 2018 by tonyv
bfarber Posted December 10, 2018 Posted December 10, 2018 On 12/7/2018 at 8:07 AM, Nathan Explosion said: @bfarber - Jibeji's requirement is based on the above, which is 'personally identifying information' as it's their name. 😉 Doesn't really answer my question, however. I can go to any site and post someone's name...that's not the same as retaining records of a user unnecessarily. But anyways, I'm not going to get drawn into a legal debate about GDPR right now. 😛 Jennifer M and AndyF 2
Jibeji Posted December 10, 2018 Author Posted December 10, 2018 (edited) Just in case it is needed by someone else, here is what I have done: $sql = "select member_id from ibf_core_members where name = '".$name."'"; $result = $pdo->query($sql); $row = $result->fetch(); $member_id = $row['member_id']; require_once('/path/to/forums/init.php'); $IPSLogin = new \IPS\Login\Internal; $IPSLogin->init();$member = \IPS\Member::load( $member_id ); $member->delete(false); $sql = "update ibf_forums_topics set starter_name = 'Nickname You Want' where starter_name = '".$name."'"; $pdo->query($sql); $sql = "update ibf_forums_topics set last_poster_name = 'Nickname You Want' where last_poster_name = '".$name."'"; $pdo->query($sql); $sql="update ibf_forums_posts set post = replace(post, '".$name."', 'Nickname You Want'"; $pdo->query($sql); $sql = "update ipb.ibf_forums_posts set author_name='Nickname You Want',edit_name='Nickname You Want' where author_id=".$member_id; $pdo->query($sql); Edited December 10, 2018 by Jibeji
bfarber Posted December 11, 2018 Posted December 11, 2018 That worked? Because this looks like a broken query: $sql="update ibf_forums_posts set post = replace(post, '".$name."', 'Nickname You Want'";
Jibeji Posted December 11, 2018 Author Posted December 11, 2018 A parenthese is missing. In my case, 'Nickname You Want' field contains a paranthese, I messed the paste up. 🙂 $sql="update ibf_forums_posts set post = replace(post, '".$name."', 'Nickname You Want')";
jesuralem Posted December 10, 2020 Posted December 10, 2020 Hi there, I know i am very late on this subject but i have a related question, when we delete a member and we want to keep the content, we only have to options : now i know gpdr requires us to remove all personal information if the user requests it, but our "internet host" status also requires us to store IP addresses of content published by the members so they can be identified if they post something illegal. I would thing keeping the IP addresses of deleted accounts posts qualifies as legitimate interest and thus we do not have to delete them. Anyway, basically what i am saying is i would very much like a third option with anonymization of the posts but keeping the IP addresses. At the moment i do it manually by renaming the users prior to deleting him with the "continue to attribute" option.
Recommended Posts