[Suggestion] Please add group-based options to enable/disable pii data requests and account deletion

[MMXII]

Please add group-based options to enable/disable pii data requests and account deletion requests so that these frontend options do not neccessarily show up for every user.

[balazsp]

Agree. 

In lieu of this functionality previously we developed a completely different workflow that is working well, the users have accepted it - we have no intention changing that. 

Please make the new delete requests function optional or configurable for specific groups only. 

Thank you.

[Teddy Rogers]

Agree, please add options to enable or disable these features...

Ted.

[Adriano Faria]

Free plugin awaiting approval.

[MMXII]

28 minutes ago, Adriano Faria said:

Free plugin awaiting approval.

Very nice! Can it also honor pii requests as a 2nd option?

[Dll]

As the removal of the data a legal right (in the EU / UK), how does that sit with only giving the option to certain members?

[MMXII]

There are limitations to that right.

[Adriano Faria]

13 hours ago, MMXII said:

Very nice! Can it also honor pii requests as a 2nd option?

It can be done too. Let me see if it will be approved then I'll add on a new version.

[Adriano Faria]

On 6/15/2023 at 5:51 PM, Adriano Faria said:

Free plugin awaiting approval.

 

[Adriano Faria]

On 6/15/2023 at 6:20 PM, MMXII said:

Can it also honor pii requests as a 2nd option?

 

Free plugin awaiting approval.

[MMXII]

6 hours ago, Adriano Faria said:

Free plugin awaiting approval.

Very nice, thank you!

I really hope this (and the option to allow/disallow account deletion requests) will make their way into the core software.

[PatrickRQ]

IPS should finally learn after all the years, that every time they add new feature they should ask themselves a question: "is per group permission required?" personally I miss it in many areas.

Edited June 20, 2023 by PatrickRQ

[MMXII]

7 minutes ago, PatrickRQ said:

they should ask themselves a question: "is per group permission required?"

Yes, although "required" might be the wrong term: Almost everything is not "required" per se. 😉 But I totally understand what you are saying here and I, too, would love to see everything being configurable. The more that can be enabled/disabled/configured the better, especially when it comes to frontend features that can be used by members or moderators.

I understand that too many options might be overwhelming. However we are talking about AdminCP features here, a backend that is only used by very few experienced users, so lots of options should not be a real issue.

[PatrickRQ]

8 hours ago, MMXII said:

Yes, although "required" might be the wrong term: Almost everything is not "required" per se. 😉 But I totally understand what you are saying here and I, too, would love to see everything being configurable. The more that can be enabled/disabled/configured the better, especially when it comes to frontend features that can be used by members or moderators.

I understand that too many options might be overwhelming. However we are talking about AdminCP features here, a backend that is only used by very few experienced users, so lots of options should not be a real issue.

Too many configs is not good as well, however there is few types of configs IPS @Matt should always consider when designing a system. One of them is per group permission to display or use something. In past, at times of IPB 3x they were adding more of such, starting from IPB4 they somehow stopped doing that.

[Marc Stridgen]

I can certainly assure you we do indeed consider what should be added 🙂 

[PatrickRQ]

5 minutes ago, Marc Stridgen said:

I can certainly assure you we do indeed consider what should be added 🙂 

I know world is going to treat all equally but I still prefer "grouping people". I guess it was against political correctness? 😂

[Matt]

Why would you want to restrict some groups from downloading their PII or exercising their right to be forgotten? These are universally needed features.

[PatrickRQ]

11 minutes ago, Matt said:

Why would you want to restrict some groups from downloading their PII or exercising their right to be forgotten? These are universally needed features.

Not my business here, however my personal opinion is: rules are not the same for entire world, therefore admin should be able to decide how to treat selected world areas.

Some regions of the world should not be have right to be forgotten upon request. That works mostly for countries with high chance of fraud - some people call it "3rd world countries". When you sell services to such countries, some data should remain longer to protect you against eventual fraud. E.g. I specialized and designed my services to work for such countries, to avoid most of stupid EU regulations, VAT etc. I am telling you from my experience that if you have not worked with such people you will have no basic idea of how different world may look like.

Group permission, as additional factor may be helpful depending of construction of specific community.

Do not find my post as disrespectful to any nation or region of the world. I just state facts.

Edited June 21, 2023 by PatrickRQ

[Matt]

So you're not sure why you want us to add a feature?

I can see the need for a global on/off depending where you're operating from, and to prevent confusion for when you use SSO and user management is remote.

But a per-group option doesn't make any sense in this context.

[PatrickRQ]

3 minutes ago, Matt said:

So you're not sure why you want us to add a feature?

Not sure on what basis you determined that. I just joined someone's topic and expressed my opinion. I know some communities base/categorize their users within groups.

 

3 minutes ago, Matt said:

I can see the need for a global on/off depending where you're operating from, and to prevent confusing for when you use SSO and user management is remote.

Likely per country/IP, global on off is useless if you allow entire world.

Edited June 21, 2023 by PatrickRQ

[Matt]

Just now, PatrickRQ said:

Likely per country/IP

How is this related to a per-group setting? I'll sidestep how inaccurate geolocation is, and that VPNs exist.

[PatrickRQ]

1 minute ago, Matt said:

 I'll sidestep how inaccurate geolocation is, and that VPNs exist.

Who said there is a perfect solution? 😛

2 minutes ago, Matt said:

How is this related to a per-group setting?

 I know some communities base/categorize their users within groups.

[MMXII]

17 hours ago, Matt said:

So you're not sure why you want us to add a feature?

I can see the need for a global on/off depending where you're operating from, and to prevent confusion for when you use SSO and user management is remote.

But a per-group option doesn't make any sense in this context.

Not sure about the others, but for me group-based permissions allow me to moderate. Right now you can request pii data and account deletion over and over again, even if you have downloaded the data a second ago. And for every request the admin has to react and take action. So in those cases, in order to force a member to not spam this functionality, I would (temporarily) move him to a group that is not allowed to request this information.

Despite that at least a global on/off option is needed -- in order to have control whether or not you want to have this workflow. Again, even in the EU the right to be forgotten has limitations to it. Not everyone under every circumstances can refer to it, so there are situations where you don't want to offer these options.

[PatrickRQ]

2 hours ago, MMXII said:

Not everyone under every circumstances can refer to it, so there are situations where you don't want to offer these options.

🙌🍺

Guys in IPS have now little piece of the mess people in EU have to deal with on daily basis 😄

Edited June 22, 2023 by PatrickRQ

[MMXII]

From the v4.7.12 changelog:

Added ability to disable or redirect PII data requests & account deletion.

So this means there will be an option to enable/disable these features? Nice! What about redirecting? Which cases does that cover?