Is MacRumors forum GDPR compliant?

[oneMadRssn]

I don't think this forum is GDPR compliant. There are lots of users here from the EU and some of the articles are targeting the EU audience. I believe it has to be GDPR compliant.

Yet I don't see anything about the the right to be forgotten, or any way to download all your data or to permanently delete all your data. Maybe I'm just not finding it though.

 

[Expos of 1969]

Good question. Looking forward to the response from Arn. Hopefully they have done what is required.

 

[oneMadRssn]

Their FAQ on topic says they won't delete posts for thread continuity reasons. https://macrumors.zendesk.com/hc/en-us/articles/201260797-How-do-I-cancel-my-account-

But this seems to fly in the face of the GDPR's right to be forgotten rule: "The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.” None of the exceptions that would allow MacRumors to keep the data apply.

 

[akash.nu]

I think it doesn’t apply to public forums as you’re accepting the terms that you’re going to talk about whatever it is in public. If you know what I mean.

 

[arn]

Regarding account deletion, we will delete personally identifying information and anonymize posts.

This is how Xenforo (forum software) officially approaches it: https://xenforo.com/community/threa...ompliance-in-xf1-and-xf2.146888/#post-1248611

Right to erasure

ICO said:
Under Article 17 of the GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.

Unfortunately, erasure does not relate to a 1980s pop duo but instead it relates to the inevitability that at some point, one of your members may want to leave your forum and in doing so, may want to have their personal data removed. This is also known as the "right to be forgotten".

Of course XenForo has always allowed you to delete members via the Admin CP, and this approach is still recommended, but this has traditionally left their content attributed to them. You have always been able to workaround this by changing the user's name prior to deleting the user. Although we're not at this stage looking to totally remove the user's content, we are making it easier to anonymise a deleted user's content.

When deleting a user, you will now be given the option to just delete them (as now) or change their name before deleting them. You can choose the pre-defined text (which is the content of the deleted_member phrase in your language, followed by their user_id) or change it manually to whatever name you prefer.

Which our lawyer has also deemed as compliance.

Also it seems it's documented here:

Is the Anonymization of Personal Data the Same as Data Erasure?

The GDPR requires that data is erased once it’s no longer being used for the purposes it was collected for. Does simply anonymizing the data count?

www.infogoto.com

WHAT COUNTS AS ERASURE?

That changed in a case decided last year (DSB-D123.270/0009-DSB/2018, German). The Austrian Data Protection Authority (DPA), a member of the EU GDPR authority, made a decision on a case that highlighted this question: Does it meet the regulation’s intent for personal data erasure if PI is anonymized (or de-identified) instead of deleted programmatically? In this case, the DPA ruled that the anonymization of personal data can be utilized to meet the regulation’s data erasure requirement.

The original case brought before the Austrian DPA had to do with a data subject’s request that all personal data be deleted. In this case, the company chose to erase some data and anonymize other data to maintain the usability of the anonymized data for other uses, i.e., data analytics.

The data subject’s issue was the company had only anonymized portions of his personal data instead of deleting it completely. This person expressed concern that there would be enough PI left to re-construct their identity. However, the DPA ruled that was not the case.

 

[akash.nu]

Ok that makes sense but what happens to the posts after the user gets deleted?! Placeholder username?!

 

[arn]

Ok that makes sense but what happens to the posts after the user gets deleted?! Placeholder username?!

Yep. Guest123 or something.

 

[Falhófnir]

Yep. Guest123 or something.

I did some modding on an unrelated XenForo site, we had some trouble with trolling, and we were able to nuke all the posts along with deleting the account - is that possible with MR? Or if not, are you able to add it via extension?

 

[arn]

I did some modding on an unrelated XenForo site, we had some trouble with trolling, and we were able to nuke all the posts along with deleting the account - is that possible with MR? Or if not, are you able to add it via extension?

Spammers get soft deleted, so their content doesn't show up and they get banned.

arn

 

[oneMadRssn]

Spammers get soft deleted, so their content doesn't show up and they get banned.

arn

Since you do this for spammers, can you do this for anyone requesting it?
[automerge]1586197962[/automerge]

This is how Xenforo (forum software) officially approaches it

What about subject matter that was entered through Zendesk? How do you handle delete requests for that?

 

[arn]

Since you do this for spammers, can you do this for anyone requesting it?

With spammers we are deleting a few posts with spammy links in it that no one has replied to.

If a user with 500 posts requests it, it can cause a lot of problems, which is why the anonymize approach is used.

arn
[automerge]1586198394[/automerge]

What about subject matter that was entered through Zendesk? How do you handle delete requests for that?

There is a process for that we can follow: https://support.zendesk.com/hc/en-us/articles/360022366893

 

[Doctor Q]

When an anonymized user's posts remain visible in the forums, the moderators and administrators can remove what they consider to be personal information from individual posts on request. For example, if a user makes a post mentioning their email address, and later identifies this post to the moderators or administrators, even after they've otherwise been anonymized, the personal information with be edited out of the post, or the post will be removed entirely. This balances the privacy needs of the user with the preservation of forum discussions.

 

[oneMadRssn]

With spammers we are deleting a few posts with spammy links in it that no one has replied to.

If a user with 500 posts requests it, it can cause a lot of problems, which is why the anonymize approach is used. That said, we don't prevent users from self-editing and removing content in their own posts. But in that situation, place holders posts are still there so people know there used to be content.

arn
[automerge]1586198394[/automerge]


There is a process for that we can follow: https://support.zendesk.com/hc/en-us/articles/360022366893

Thanks, that's helpful.

One more question: What about private messages to other users? I see those cannot be edited. If I select to delete it, I assume it is deleted on my end but on the other party's end, correct? If so, what is the process for getting that content deleted?

 

[arn]

One more question: What about private messages to other users? I see those cannot be edited. If I select to delete it, I assume it is deleted on my end but on the other party's end, correct? If so, what is the process for getting that content deleted?

Hmm... GDPR "Deletion" will anonymize the username in conversation, but we aren't able to go into individual private messages to check for actual identifying information. There is a separate function to delete conversations by a user, so we'll have to look at that closer.

arn

 

[oneMadRssn]

Hmm... GDPR "Deletion" will anonymize the username in conversation, but we aren't able to go into individual private messages to check for actual identifying information. There is a separate function to delete conversations by a user, so we'll have to look at that closer.

arn

Thanks, please let us know what you decide on this. Due to how transactions occur on the Marketplace forums, those private messages are probably where most of the actual identifying information resides - such as paypal email addresses and shipping addresses.

 

[arn]

Thanks, please let us know what you decide on this. Due to how transactions occur on the Marketplace forums, those private messages are probably where most of the actual identifying information resides - such as paypal email addresses and shipping addresses.

I'm looking into it.

If this is beyond just an academic question -- and you are concerned about specific conversations -- you can edit any private conversations that you have sent out to remove that information yourself. Private conversations are stored once in the database, visible to sender and recipient. If you edit it, the recipient's copy is also edited.

arn

 

[oneMadRssn]

I'm looking into it.

If this is beyond just an academic question -- and you are concerned about specific conversations -- you can edit any private conversations that you have sent out to remove that information yourself. Private conversations are stored once in the database, visible to sender and recipient. If you edit it, the recipient's copy is also edited.

arn

I don't see how you can edit private conversations. There is no edit button there.

It's not specific, nor academic really as I do actually want to do this at some point. With some extra time on my hands due to the present circumstances, I've been thinking more about my online presence and considering how I would go about removing myself from it. Before I go and start editing posts, I'd like to know whether there are mechanisms in place for all the little tidbits.

 

[arn]

@oneMadRssn ah, there may be a time limit on editing conversations.

Edit: still looking into it

arn

 

[oneMadRssn]

@oneMadRssn ah, there may be a time limit on editing conversations.

Edit: still looking into it

arn

Arn - any update on this?

Also, I have noticed that posts in a banned forum cannot be edited. In other words, if a user is banned from commenting in PRSI, that user also cannot edit their own prior posts in PRSI.

Is there any way around this?

 

[Doctor Q]

Also, I have noticed that posts in a banned forum cannot be edited. In other words, if a user is banned from commenting in PRSI, that user also cannot edit their own prior posts in PRSI.

Is there any way around this?

If there's a good reason to change a post, for example when there's a privacy issue involved, a user can ask the moderators to make a particular edit to a particular post of theirs. The moderators won't edit posts if the goal is to continue participating in a PRSI discussion.

 

[oneMadRssn]

If there's a good reason to change a post, for example when there's a privacy issue involved, a user can ask the moderators to make a particular edit to a particular post of theirs. The moderators won't edit posts if the goal is to continue participating in a PRSI discussion.

There are about 100 posts involving a privacy concern. How do you want me to message that to the mods?

 

[RobbieTT]

Regarding account deletion, we will delete personally identifying information and anonymize posts.

This is how Xenforo (forum software) officially approaches it: https://xenforo.com/community/threa...ompliance-in-xf1-and-xf2.146888/#post-1248611



Which our lawyer has also deemed as compliance.

Also it seems it's documented here:

Is the Anonymization of Personal Data the Same as Data Erasure?

The GDPR requires that data is erased once it’s no longer being used for the purposes it was collected for. Does simply anonymizing the data count?

www.infogoto.com

You may wish to consult your lawyer again as the GDPR case quoted is an unsteady handrail to base a judgement on. This specific case was a mixture of anonymised and deleted data held on a private company server that could only be accessed by that company for lawful purposes only.

PI data held on a public-facing system is held to a different standard and, if the right of erasure is exercised, it is considerably more difficult to anonymise publicly shared and potentially aggregated information to a level that ensures that the identity is truly unrecoverable by the end of the erasure process. This typically leaves deletion as the only practical remedy, otherwise it would be impossible to provide documentary evidence that all measures have been taken and, at completion of the process, the company (forum in this case) is left with no means either privately or publicly of ever reconstructing the identity of the subject.

Unfortunately the burden is on the information holder to document and retain the binding proof that the right of erasure has been exercised correctly and completely. This stuff is hard work.

 

[Doctor Q]

There are about 100 posts involving a privacy concern. How do you want me to message that to the mods?

Use the Contact form and explain the situation. If it's straightforward, the administrators can hand it off to the moderators. If it's not, the administrators will decide on the best action to take.