Jump to content

Invision Community Blog


Managing successful online communities

Matt
Sign in to follow this  
 

GDPR updates for Invision Community 4.3.3

Unless you've been living under a rock, or forgot to opt-in to the memo, GDPR is just around the corner.

Last week we wrote a blog answering your questions on becoming GDPR compliant with Invision Community.

We took away a few good points from that discussion and have the following updates coming up for Invision Community 4.3.3 due early next week.

Downloading Personal Data
Invision Community already has a method of downloading member data via the member export feature that produces a CSV.

However, we wanted Invision Community to be more helpful, so we've added a feature that downloads personal data (such as name, email address, known IP addresses, known devices, opt in details and customer data from Nexus if you're using that) in a handy XML format which is very portable and machine readable.

 

downloadPI.thumb.jpg.8b640409f0a61c4845fafe752ce300cc.jpg

You can access this feature via the ACP member view

The download itself is in a standard XML format.

pi.thumb.jpg.63811c7d7342de02bbc87f45036457fd.jpg

A sample export

Pruning IP Addresses
While there is much debate about whether IP addresses are personal information or not, a good number of our customers requested a way to remove IP addresses from older content.

There are legitimate reasons to store IP addresses for purchase transactions (so fraud can be detected), for security logs (to prevent hackers gaining access) and to prevent spammers registering. However, under the bullet point of not storing information for longer than is required, we have added this feature to remove IP addresses from posted content (reviews, comments, posts, personal messages, etc) after a threshold.

The default is 'Never', so don't worry. Post upgrade you won't see IP addresses removed unless you enter a value.

remove_ips.thumb.jpg.1aedba9f682760d54a8a2774d5f8050a.jpg

This new setting is under Posting

Deleting Members
Invision Community has always had a way to delete a member and retain their content under a "Guest" name.
We've cleaned this up in 4.3.3. When you delete a member, but want to retain their content, you are offered an option to anonymise this. Choosing this option attributes all posted content to 'Guest' and removes any stored IP addresses.

delete.thumb.jpg.3e76c4995f6306994947e491f79ae444.jpg

Deleting a member

Privacy Policy
We've added a neat little feature to automatically list third parties you use on your privacy policy. If you enable Google Analytics, or Facebook Pixel, etc, these are added for you.

privacy_acp.thumb.jpg.119f445df2f2d910521cb53006454422.jpg

The new setting

privacy_public.thumb.jpg.37618baa7c9ab9762d10393fd7a659c6.jpg

 

Finding Settings Easily
To make life a little easier, we've added "GDPR" as a live search keyword for the ACP. Simply tap that into the large search bar and Invision Community will list the relevant settings you may want to change.

gdpr.thumb.jpg.9c0cbf0abaa716061e07846d3f01ba14.jpg

 

These changes show our ongoing commitment to helping you with your GDPR compliance. We'll be watching how GDPR in practise unfolds next month and will continue to adapt where required.

Invision Community 4.3.3 is due out early next week.

Sign in to follow this  

Comments



Recommended Comments

8 minutes ago, Wolfie said:

I suppose you've never heard the term, "opinion of the court?"

We're talking about the European data privacy laws. I reside in Europe. With all due respect, I do not care about any other laws ?

The country Germany itself has lost in front of the court for storing IP addresses. The opinion of the court is a little bit more worthy than yours and mine. What matters at the end of the day is that the storage of IP addresses for a company is risky and was proven time and time again to be unlawful. No matter how you personally interpret the law.

Share this comment


Link to comment
Share on other sites
1 hour ago, Matt said:

That really is not required. It should all in the T&S and Privacy Policy which you have to opt-in to when registering, and this opt-in is recorded.

GDPR is not about putting a checkbox in front of every possible interaction with the site. What a nightmare that would be for everyone.

Note that you can use the contact form without agreeing to the ToS, I believe.  Probably there are other guest forms in a similar situation.

I'm checking European Commission websites to see how they are complying with GDPR, and their contact forms (or at least some) have the consent checkboxes.  So, even though I'm not particularly concerned with this issue, I think it would be wise to add this to contact forms and some other guest forms (maybe put it in the same places where you may place a CAPTCHA for avoiding guest spam messages).

Share this comment


Link to comment
Share on other sites

Update 4.3.3 is probably set in stone at this point in time.  Although it would be nice (from my perspective) to have many of the suggestions mentioned in various forum postings included in 4.3.3 it is a good start.  Many of the suggestions will require additional discussions in order to fully understand all of the pros and cons and determine how many customers will actually use it.  Should a suggestion be included in a future update or could one of the developers step up and create an app for the marketplace. Such conversations should probably occur in a separate forum posting.  I am only mentioning this as I seemed to have sparked an ongoing conversation around TSPs suggestion which has inspired others to offer up suggestions themselves.

Edited by Christopher Anderson

Share this comment


Link to comment
Share on other sites
6 minutes ago, ptprog said:

Note that you can use the contact form without agreeing to the ToS, I believe. 

Yes, the ToS are irrelevant in this case. But the user has the chance to check out the privacy policy to learn how his form data will be used. 

Share this comment


Link to comment
Share on other sites
16 minutes ago, opentype said:

Same logical fallacy as mentioned before. 

When hackers and scammers from across the world are able to go unidentified, that claim of 'fallacy' becomes incredibly weak.

 

11 minutes ago, DReffects2 said:

We're talking about the European data privacy laws. I reside in Europe. With all due respect, I do not care about any other laws ?

I reside in the U.S., and I don't care about European laws.  However, that is beside the point.  I'm sure if you dig into the history of European courts, you'll find many decisions that make no sense now, but were considered to be the correct interpretation of the law at the time.  I'm not talking about decisions where laws have since changed, but rather, decisions that were later realized to be in error.  There is a fine line between something being personal information because it is something that openly or easily identifies you (name, current address, etc), and numbers that are almost nothing more than a teeny tiny footstep that is mostly used for security or statistics.  It's hard to write common sense into laws, which is why things like this happen.

Share this comment


Link to comment
Share on other sites
8 minutes ago, DReffects2 said:

The country Germany itself has lost in front of the court for storing IP addresses. The opinion of the court is a little bit more worthy than yours and mine. What matters at the end of the day is that the storage of IP addresses for a company is risky and was proven time and time again to be unlawful. No matter how you personally interpret the law.

As I mentioned in other post, at least in the European Court, the decision was favorable to the use of legitimate interest as a reason to store IP addresses, even though they were classified as personal information.

But I agree when you say that storing IP addresses is risky, 

Share this comment


Link to comment
Share on other sites
3 minutes ago, opentype said:

Yes, the ToS are irrelevant in this case. But the user has the chance to check out the privacy policy to learn how his form data will be used.

For contact forms probably only Privacy Policy is relevant.  For guest posts I believe both are important.

(In general I agree with you that this is stupid, and it is unlikely anybody will have problems with this.  But I wouldn't be surprised if this is indeed required.)

Share this comment


Link to comment
Share on other sites
37 minutes ago, Wolfie said:

When hackers and scammers from across the world are able to go unidentified, that claim of 'fallacy' becomes incredibly weak.

1) They don’t. Hackers and scammers are identified and prosecuted all the time. Not all of them, maybe not even most of them, but they are. 

2) Even if your claim would be entirely true, it would be irrelevant! There is no logical connection from “some people cannot be identified” to “therefore IPs cannot be personal data in general”, i.e. it is a logical fallacy when you make that connection. It is not a requirement of personal data to clearly identify an individual in every situation. My name might be used dozens of times in my country — in fact it actually is. Many people will share my birthday. My address might be shared by many people over the course of years. So having a piece of this type of information might not be enough to identify me clearly in any situation. And still: That doesn’t mean those pieces of information are NOT personal data. They are, because they relate to me in one way or another — and so can an IP address. 

Edited by opentype

Share this comment


Link to comment
Share on other sites

My lawyer also heavily insists, that there must be a checkbox in the contact form.

@Matt

Another Thing:

I like the new download Feature for personal data. I would like to give that Option on my members in their account Settings. I don't see any harm in that. Maybe give the Administrator the choice if he want to give the members that Option.

Share this comment


Link to comment
Share on other sites
18 minutes ago, hjmaier said:

My lawyer also heavily insists, that there must be a checkbox in the contact form.

@Matt

Another Thing:

I like the new download Feature for personal data. I would like to give that Option on my members in their account Settings. I don't see any harm in that. Maybe give the Administrator the choice if he want to give the members that Option.

We can look at that in a future release.

One thing I'm always mindful of is security of the account.

What would a checkbox on a single use form do? 

Share this comment


Link to comment
Share on other sites

One question I have is regarding my adserver.  This is placed on a separate inaccessible domain and serves ads to my forum.  Putting a privacy policy on there isn't an option as the site isn't viewable.  What should I do in these circumstances?

Share this comment


Link to comment
Share on other sites

Somebody posted a privacy policy and offered to share it the other week.  Been trawling the 50 different GDPR threads currently running and can't find it.  Can anyone link me to it please?

Share this comment


Link to comment
Share on other sites
1 minute ago, Steve Bullman said:

Somebody posted a privacy policy and offered to share it the other week.  

You don’t need someone else’s. It needs to fit your website. 

Share this comment


Link to comment
Share on other sites
Just now, opentype said:

You don’t need someone else’s. It needs to fit your website. 

I realise that.  The one I read looked easily adaptable to my site though.

You've worked with me enough to know im not too intelligent ?

Share this comment


Link to comment
Share on other sites
1 hour ago, steel51 said:

Whats about Article 8 GDPR, https://gdpr-info.eu/art-8-gdpr/

How do we take care about this? @Matt, @opentype@DReffects2 Any plans and / or opinions regarding that?

Thanks for reminding me. I actually do not know. Following the WhatsApp example you'd basically have to ask every single member if he's over 16. If not you have to delete him.

I could imagine a check-box during sign up for new members.

Current List of unresolved issues:

  • Check-boxes to get consent from guests for contact forms, comments etc.
  • Age verification during sign-up and reevaluation of existing members
  • Data processing agreement

 

@Wolfie

What matters is, that webmasters and publishers are being protected from the fraudulent claims of all those cease and desist letters ("Abmahnung"). This concept is non existent in other countries. There's a dedicated industry to these kind of claims here. While in the US the lawyer chooses his rate, in most European countries he does not. Theres a fixed rate that only allows for a small variance. So if you have to defent yourself in court against a stupid claim in relation lets say the checkboxes it will cost you 10-15.000 USD. Unless you win entirely of course. And that's not the case most of the time - because as you've stated yourself: even judges do not understand most of the internet stuff. Heck even our chancellor proclaimed in an infamous speed in 2015 that the internet is a "undiscovered country".

So setting all the personal thoughts and opinions aside: there's a strong uncertainty with the new guidelines and an enormous potential for Abmahnungen. Even the government does not exactly know how to interprete the laws.

So you see government-run pages with checkboxes for contact forms an one with simple data privacy statments while a select few laywers here point out that infact no data privacy notice at all need to be given.

I care a great deal about my wallet. And if state-run websites implement a certain method, my laywer recommens it and tons of so called experts tell you to implement checkboxes "just to be safe" well... I do like to be safe.

Oh and btw: of course video recordings in front of a bank are personal information. In fact they are so intensively personal that such recordings are not allowed in EU law.

 

@Matt

Thanks for your ongoing patience with this matter!

Share this comment


Link to comment
Share on other sites

One question: is scheduled for future release a way to prevent specific cookies to be stored? (can members disable some cookies during navigation?)

Thanks for updates

Share this comment


Link to comment
Share on other sites
6 hours ago, Matt said:

We can look at that in a future release.

One thing I'm always mindful of is security of the account.

What would a checkbox on a single use form do? 

I think it would be good to have the option (admins decision) for a member to download not only any information we have on them but also the content/media they have posted. Much like LinkedIn provides.

Share this comment


Link to comment
Share on other sites
39 minutes ago, Steve Bullman said:

No, I was referring to a copy/paste of someones privacy policy directly into a topic somewhere.  but thank you for this link

This one?

 

Share this comment


Link to comment
Share on other sites

On the subject of deletion. 

Does 4.3.3 fix the issue with quotes and edits present in earlier versions?

Example:

A user named Anton posts something, he later edits the post (it now contains 'Edited by Anton' in the bottom),
a second user named Bertha quotes Anton's post and gets a post which contains "2 hours ago, Anton said:" 

Anton now wants to be deleted. His account is now called 'Guest' and the content stays. How is the "edited by Anton" in the bottom of the first post, and the "2 hours ago, Anton said:" in Bertha's post handled? 

Both clearly identifies Anton as Anton as should (according to our legal counseling) be removed to be compliant.

Is the option to "delete and rename" available through the API? 

 

 

Share this comment


Link to comment
Share on other sites
56 minutes ago, JMRD said:

On the subject of deletion. 

Does 4.3.3 fix the issue with quotes and edits present in earlier versions?

Example:

A user named Anton posts something, he later edits the post (it now contains 'Edited by Anton' in the bottom),
a second user named Bertha quotes Anton's post and gets a post which contains "2 hours ago, Anton said:" 

Anton now wants to be deleted. His account is now called 'Guest' and the content stays. How is the "edited by Anton" in the bottom of the first post, and the "2 hours ago, Anton said:" in Bertha's post handled? 

Both clearly identifies Anton as Anton as should (according to our legal counseling) be removed to be compliant.

Is the option to "delete and rename" available through the API? 

 

 

Excellent observation! This needs to be addressed asap ?

Share this comment


Link to comment
Share on other sites

Moreover, Anton can said to the post "I am Anton Popov from Leninskaya street, d. 16. Love cooking, my weigh is 80 kg, red eyes. I'm a christian, have a vegetovascular dystonia. Bisexual"

Bertha quoted Anton.

Certha copy-paste part of Anton's post directly.

Dertha made a screenshot of Anton's post, save it to local computer. And after some time posted it. Don't care about behavior. But. Some time later Anton made a account removal request and his account and data deleted and anonimyzed. After that Dertha posted screenshot.

I just want to say - you can't manage personal data information, stored as a part of content. If you try to do that - you can fail on the time, when someone post personal data after delete. So you (and moders) don't know anything about Anton, so you can't know about his previous delete. Of can? If can - you dont' clean up his ) Our lawyer get an answer for that question from our Controller. He said - content posted by users became a part of public domain. And for better understanding that we put the notify about that to top of all editors. May be that is too much for that. But we want to provide better service and undestanding to our users.

Share this comment


Link to comment
Share on other sites

If Anton decides to write his personal information as content in a post we are required to remove it. How... Noone knows yet. 

C will not apply as long as it does NOT say "originally posted by Anton" 

& D does not apply as they are doing something outside our control, especially AFTER the  deletion request. 

"Edited 2 hours ag by Anton" IS our responsibility - And quotes that do exist at the time of the delete request are as well. 

Share this comment


Link to comment
Share on other sites

Guest
This is now closed for further comments