Announcement

Collapse
No announcement yet.

Major Problem for GDPR: Deleting member does NOT attribute posts to Guest!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] Major Problem for GDPR: Deleting member does NOT attribute posts to Guest!

    vBulletin 4.2.5

    We had our first request under the GDPR to remove an account. When we complied, we were warned that all posts would be attributed to Guest. That's what we expected and wanted to happen.

    However, that is not what actually happened.

    Instead, all those posts now show this:

    Click image for larger version

Name:	posts-not-attributed-to-guest.png
Views:	205
Size:	9.4 KB
ID:	4399504

    This is clearly a very serious problem for anyone who has to deal with the GDPR.

    Now, two questions:

    1. How do I fix this? The member's account no longer exists so I cannot do a search for his 2300+ posts because it returns nothing found.And I cannot search for Guest because there are no posts attributed to Guest in a search.

    2. How do I prevent this happening in the future?
    Psychlinks Mental Health Support Forum
    Local Search Forum

  • #2
    What happens if you do a SQL search for a null value for the username field?

    Comment


    • #3
      Nothing in the user table. No rows returned for userid = 0 or username = "NULL" or username = NULL or username = "" or username = "Guest"

      But I discovered that in the post table still has username = {original username} and userid = 0 attached to that post

      So now what? Do I do an update for all posts matching those criteria?

      Even if that works for current posts, that won't prevent it happening for future GDPR requests.

      There currently is no Guest Account because Guest posting isn't allowed. Could that be the problem? If so, how do I create a Guest account?
      Psychlinks Mental Health Support Forum
      Local Search Forum

      Comment


      • In Omnibus
        In Omnibus commented
        Editing a comment
        I think all guest posts are assigned userid 0 but someone else could better answer that question. That being the case I don't think it''s possible to create a dedicated guest account. My thought is if you don't allow guest posting that the only posts which should meet those criteria are the ones from the GDPR case but you may want to backup the database before you execute any update SQL commands.

    • #4
      Step 1 is to update the post table to change {old username} to GDPR or something... userid can stay at 0... not sure of the SQL syntax for that update, though. Do you know?

      Then I thought of this as a procedure for the future:
      1. Create a new user account called GDPR (or whatever) and set that as a banned usergroup
      2. Instead of deleting a user who requests deletion under the GDPR, merge the user with GDPR.
      That should retain the data for the GDPR user (which is bogus) and then remove the actuak user's account.

      Are there any drawbacks to this? Am I missing anything? The goal is to get rid of identifying information for the GDPR request.
      Psychlinks Mental Health Support Forum
      Local Search Forum

      Comment


      • #5
        Would this work without destroying the post table?

        UPDATE `post` SET `username`='GDPR',`userid`=55631 WHERE `username`='olduser' AND `userid`=0
        Last edited by djbaxter; Sat 29th Sep '18, 5:33am.
        Psychlinks Mental Health Support Forum
        Local Search Forum

        Comment


        • #6
          Actually that worked.
          Psychlinks Mental Health Support Forum
          Local Search Forum

          Comment


          • #7
            This is default vB4 behaviour. vB4 is end of life and thus has not had any changes for GDPR added to it.

            I don't know if there are third party products that may assist.
            MARK.B | vBULLETIN SUPPORT

            TalkNewsUK - My vBulletin 5.5.4 Demo
            AdminAmmo - My Cloud Demo

            Comment


            • In Omnibus
              In Omnibus commented
              Editing a comment
              The best solution is to include in your terms of use that data will not be deleted under any circumstances.

          • #8
            Originally posted by Mark.B View Post
            This is default vB4 behaviour. vB4 is end of life and thus has not had any changes for GDPR added to it.

            I don't know if there are third party products that may assist.
            None that work. DBTECH has one which doesn't work and doesn't appear to be supported.Yilman has one that has its own limitations.
            Psychlinks Mental Health Support Forum
            Local Search Forum

            Comment


            • #9
              In Omnibus re: "The best solution is to include in your terms of use that data will not be deleted under any circumstances."

              That would be nice but unfortunately if the site is in the EU it really isn't an option.
              Psychlinks Mental Health Support Forum
              Local Search Forum

              Comment


              • In Omnibus
                In Omnibus commented
                Editing a comment
                If a user specifically waives their rights by agreeing to your terms of service I'm not sure they would have a case. They certainly wouldn't have one in the United States Of America. What are they going to argue? That they didn't read the terms? That they didn't know that to which they were agreeing? There are also exceptions written into the GDPR itself. If, for instance, data is retained as part of a historical record it is not required to be deleted, even upon request.

              • djbaxter
                djbaxter commented
                Editing a comment
                This is a European site I'm working on and the EU doesn't care about individuals waiving their rights - the EU is not waiving any rights and they are aggressive.

            • #10
              Here's the procedure that I have now set up to delete an account requested under the GDPR:
              1. Set up a new dummy account from the AdminCP that doesn't belong to anyone. I called it GDPR.
              2. Make a new usergroup (I called ours GDPR Deleted Accounts) and assign the dummy account to that usergroup. Make the new usergroup a banned users account.
              3. When a GDPR request is received, first require some confirmation of ownership of that account. In our first case, I sent an email to the account attached to the account to confirm that the owner could receive email there.
              4. Once ownership is confirmed, do not use delete the account to remove the member. Instead, merge the account to be deleted with the GDPR account.
              5. Finally, Update User Titles and Ranks and Rebuild Thread Information to erase the deleted member's name from "last post by" and similar labels.
              Last edited by djbaxter; Sat 29th Sep '18, 3:11pm. Reason: Forgot one of the steps
              Psychlinks Mental Health Support Forum
              Local Search Forum

              Comment


              • #11
                I've had this problem too - even if you delete according to the manual, it retains the username but redefines them as 'guest'.

                The only way I've been able to 'satisfy" GDPR is to use prune to remove all posts - I had to get rid of 18k worth of threads/posts and even then I think a few didn't get removed. Of course it causes all sorts of issues with counts which have to be adjusted.

                Comment


                • #12
                  Originally posted by djbaxter View Post
                  Here's the procedure that I have now set up to delete an account requested under the GDPR:
                  1. Set up a new dummy account from the AdminCP that doesn't belong to anyone. I called it GDPR.
                  2. Make a new usergroup (I called ours GDPR Deleted Accounts) and assign the dummy account to that usergroup. Make the new usergroup a banned users account.
                  3. When a GDPR request is received, first require some confirmation of ownership of that account. In our first case, I sent an email to the account attached to the account to confirm that the owner could receive email there.
                  4. Once ownership is confirmed, do not use delete the account to remove the member. Instead, merge the account to be deleted with the GDPR account.
                  5. Finally, Update User Titles and Ranks and Rebuild Thread Information to erase the deleted member's name from "last post by" and similar labels.
                  Does this remove posts from the database?

                  Comment


                  • #13
                    Originally posted by jagtpf View Post

                    Does this remove posts from the database?
                    No. It just attributes them to the dummy user instead of the original user.
                    Psychlinks Mental Health Support Forum
                    Local Search Forum

                    Comment


                    • #14
                      1) Change the user's name to something like "Guest-3021931".
                      2) Update Post Information under General Update Tools.
                      3) Delete user.
                      Translations provided by Google.

                      Wayne Luke
                      The Rabid Badger - a vBulletin Cloud customization and demonstration site.
                      vBulletin 5 Documentation - Updated every Friday. Report issues here.
                      vBulletin 5 API - Full / Mobile
                      I am not currently available for vB Messenger Chats.

                      Comment


                      • #15
                        Originally posted by Wayne Luke View Post
                        1) Change the user's name to something like "Guest-3021931".
                        2) Update Post Information under General Update Tools.
                        3) Delete user.
                        Technically that would work, but they could argue their posts are still on the Forum - and accessible to anyone who knew what a thread title was - plus you would at the same
                        time as changing their name, also have to delete all the entries in their profile including email and IP address.
                        It's not a single one button operation.

                        Comment

                        Related Topics

                        Collapse

                        Working...
                        X