Skip to main content
Topic: Poster email addy (Read 2490 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

Re: Poster email addy

Reply #15

Quote from: radu81 – What about this scenario?
- member register to your forum
- member is posting some illegal material on your forum
- you (as admin) don't see or notice that illegal stuff an nobody reports it
- member asks for deletion and you approve the account deletion
- the illegal staff remains on your forum
- you (as a forum admin) receive a complaint about that illegal material
Now what you prefer? Having some info about that post (like email, IP, etc) or have none of that info?

Hi radu81,

That's one reason why I argue against "account deletion", as opposed to "account disable". Deleting accounts, in my mind, is a "site clean-up" activity performed on occasion just to to keep operations "nimble" by removing legacy stuff when they start to bog things down. 

With disable, the user- account information remains (even if it's non-identifying information any more), if knowing what account created it is important.

(Please explain why I might care about those details? The account is already disabled - or "closed" or whatever we want to call it.  Personally, I'd just delete the offending post and thank the user who pointed it out for bringing it to my attention.)

Edit - since we can move "deleted posts" to a hidden archive, we have the ability to maintain a record of what was deleted and why, if there's a legal reason to preserve the notification and action-taken details, I suppose.)

(As for the IP address, given the dynamics of ip addresses and prevalence of VPNs, I'm not sure an ip addy can be considered "personally identifying information" any more, can it?)
 
Last Edit: February 02, 2022, 07:13:26 pm by Steeley

// Deep inside every dilemma lies a solution that involves explosives //

Re: Poster email addy

Reply #16

IP address is still considered personal information in parts of Europe. The provincial government of Munich has declared Google Fonts out of bounds because sites are giving IP addresses (by way of requests for fonts) to Google without the person’s consent.

As for posts, I thought I’d made it clear that posts in general were fine and protected under other parts of the GDPR as long as the posts didn’t contain personal information.

The unfortunate reality is that account deletion really should mean deletion where technically achievable but that there is no mandate on you to use it that way, as long as you are aware of what the platform does and when different options are relevant. Account deletion absolutely exists in the platform, currently it does not go far enough, and that is a thing that should be fixed to account for regions where it really does matter - even though large chunks of the law are stupid.

Re: Poster email addy

Reply #17

OK, so if IP addys need addressing in some jurisdictions, then add that to the "disable"  options in admin configuration.

Would this work?:

Account disable: {User only has option to "disable" account - account "deletion" is reserved to admin.]

  • sets the 'ban flag' {whatever EA does now so user can not login}
  • changes user email addy to 'null' account (disabled@yourdomain.com) admin creates that email addy on his box set to 'discard/no response' to avoid bounce notices
  • overrides  "email change confirmation" if set in admin options
  • changes IP addy to 999.9.9.9. {admin option} 
  • removes account from PM capabilities-
  • "hides" disabled account from general member listing (admin, global moderator {permission option} can see it)
  • sets disabled flag so admin, gm can see account is  'disabled' (currently a banned account looks no different from any other member listing in admin member view)
  • adds date account was disabled to the database if viewable by admin/GM, that would serve as the 'disabled flag' in the item above-
Quote"..GDPR as long as the posts didn’t contain personal information."

That was clear enough, but I'm not sure what is considered "personal information" as defined in GDPR? 
If this refers to linking the account to an identifiable person, then admin (or whomever disables the account) needs to edit out that data (if any) from the profile. (If the user has the ability to disable their own account then my opinion is that responsibility is on them). 
If they posted personal information in a post (name, addy, phone number, whatever), again, my opinion is 'shame on them'.
 
Account Deletion [admin only]

A process to completely remove the account from the database
  • Deletion (clean-up) function deletes accounts disabled earlier than some admin-chosen date
  • -further discussion required for handling account postings of disabled accounts as a database/forum 'clean-up' function. I'm old, and only one cup of coffee into my morning so my brain hurts working through the use-cases at the moment.

Off for more coffee..




// Deep inside every dilemma lies a solution that involves explosives //

 

Re: Poster email addy

Reply #18

Quote from: Steeley –
Would this work?:

Account disable: {User only has option to "disable" account - account "deletion" is reserved to admin.]

  • sets the 'ban flag' {whatever EA does now so user can not login}
  • changes user email addy to 'null' account (disabled@yourdomain.com) admin creates that email addy on his box set to 'discard/no response' to avoid bounce notices
  • overrides  "email change confirmation" if set in admin options
  • changes IP addy to 999.9.9.9. {admin option} 
  • removes account from PM capabilities-
  • "hides" disabled account from general member listing (admin, global moderator {permission option} can see it)
  • sets disabled flag so admin, gm can see account is  'disabled' (currently a banned account looks no different from any other member listing in admin member view)
  • adds date account was disabled to the database if viewable by admin/GM, that would serve as the 'disabled flag' in the item above-
Quote"..GDPR as long as the posts didn’t contain personal information."

That was clear enough, but I'm not sure what is considered "personal information" as defined in GDPR? 


One more "personal data item" per GDPR that probably needs to be addressed (reverted to "none"?) in account disable is the user Avatar..

But, GDPR considerations aside, EA definitely should prevent Emails from being sent to disabled/banned accounts, which it currently doesn't do (at least in v1.1.6)..

// Deep inside every dilemma lies a solution that involves explosives //

Re: Poster email addy

Reply #19

Quote from: Steeley – But, GDPR considerations aside, EA definitely should prevent Emails from being sent to disabled/banned accounts, which it currently doesn't do (at least in v1.1.6)..
That does sound wrong, I'll add it to the tracker to take a look

Re: Poster email addy

Reply #20

Quote from: Spuds – That does sound wrong, I'll add it to the tracker to take a look

Addressing badmonkey's issue (which started this discussion) could be addressed as well by just erasing the email addy when the 'ban-flag' is set (or changing it into a "fail-silent" addy set up by admin on the server during configuration, if deleting the email record breaks stuff).

Is there any other way to "disable" an account besides the ban function (other than just deleting the account completely)?

// Deep inside every dilemma lies a solution that involves explosives //

Re: Poster email addy

Reply #21

The problem with deleting the email when banning an account is that the system will at some point reevaluate the ban and go “I don’t know why this is banned”. In any case there are provisions for this in the GDPR for keeping records of bad actors in the interests of protecting the service from interruption.

You can also, as I mentioned, use the “pending deletion” flag which is an account status separate to banning, and which should prevent most if not all communications.

Re: Poster email addy

Reply #22

Quote from: Arantor – The problem with deleting the email when banning an account is that the system will at some point reevaluate the ban and go “I don’t know why this is banned”. In any case there are provisions for this in the GDPR for keeping records of bad actors in the interests of protecting the service from interruption.

Looks like a learning opportunity for me here..   I'll explore the above in a moment, but first...

Quote from: Arantor – You can also, as I mentioned, use the “pending deletion” flag which is an account status separate to banning, and which should prevent most if not all communications.

What admin settings, and then admin/moderator and/or user actions set the account into a 'pending deletion" status?

Now back to the first part...  what are you referring to when you say "The system" - the EA software? I can't think of any reason the software would need to know the "why" of anything, but that may be just my ignorance. To quote Ross Perot, "I'm all ears"..

I had given some thought to the need for retaining reasons/record for account actions taken - both for board operations and potential legal issues (in the case of GDPR, et. al.)
In response to the scenario radu81 proffered, I mentioned:
"..since we can move "deleted posts" to a hidden archive, we have the ability to maintain a record of what was deleted and why, if there's a legal reason to preserve the notification and action-taken details, I suppose.)"
In the case of an admin or moderator action to a bad actor leading to a ban,  Admin, or a moderator, can certainly attach an explanation/evidence (screen shots, whatever) to such a communication post or thread as it is deleted and sent to the "hidden board" (or after), for further disposition.  Then (Admin having also created a hidden "banned" board), that post or thread can be moved to the "banned" board (subtopic by user account).

On the other hand, a user initiated account "closure" , from my perspective, is operationally no different than an account ban - in the end, the only significant difference is why the account is disabled or suspended. In this case,  the simplest solution is to have two options to chose from to enter the process of account disable/suspension:

  • Disable
  • Ban

And all that does is change the flag on the account. Disabled, or Ban.

If the user has the privilege of "deleting" his/her  account (as is offered as an option now), the user sees the "disable" option in the profile (labeled "Disable/Delete"?)

Now, a moderator or admin can see in the user record the flag and know that a "disabled" account is eligible to be reactivated. 
If the flag is "ban", it's not eligible for reactivation, (or at least not without a lot of user whining and begging and moderator/admin consideration of the severity of the offense(s) as recorded in the hidden "banned" board for the account.)

Now, the only question remaining (functionally) is what the user(s) can observe in the member listings regarding a disabled account.
My preference would be that it doesn't appear in any member listing other than for a moderator or admin.  And the user account doesn't appear in a PM listing at all for anyone.

And again - IMHO "account deletion" is a forum clean-up function (with the caveat that I may change my mind on all this once I understand what "pending account deletion" is. - my first question above..)

 

// Deep inside every dilemma lies a solution that involves explosives //

Re: Poster email addy

Reply #23

Quote from: Spuds –
Quote from: Steeley – But, GDPR considerations aside, EA definitely should prevent Emails from being sent to disabled/banned accounts, which it currently doesn't do (at least in v1.1.6)..
That does sound wrong, I'll add it to the tracker to take a look

HI Spuds

As it stands now, a "banned" account:

  • Appears in the member listing
  • Displays no indication that the account is not active (except to forum staff with appropriate moderator privileges)
  • Any user can send an email to that account (if the account user selected allow emails in their account settings)
  • Any user can send a PM to that account.



// Deep inside every dilemma lies a solution that involves explosives //