Siduction Forum

BUGS => Forum & Website => Topic started by: vinzv on 2022/04/30, 00:49:21

Title: Should we purge old & unused accounts?
Post by: vinzv on 2022/04/30, 00:49:21
I just came across this posting over at Bunsenlabs (https://forums.bunsenlabs.org/viewtopic.php?id=8137) forum which I found interesting. Quoting:

Quote
We'll shortly delete all forum accounts that match the following criteria:
We'll delete all accounts which both have zero posts and have not been logged in to after 2021-04-01.

So I poked around the member list on our forum and gathered some figures:

Data

1. We currently have 2.010 activated accounts on this forum.

2. Of them there are...

3. Data stored for each account is at least:

4. Furthermore, what's stored more often than I'd had expected:
(I only did some spot checks.)

Resulting consequences

So all in all that's a relatively huge number of accounts and therefore quite a big set of personal data. With all consequences and liabilities for the siduction core team. Which is also covered in a way by the Bunsenlabs people:

Quote
The purpose of this exercise is to get rid of personally identifiable information associated with these dormant accounts such as email addresses and nicknames: Passive readers can always view the boards anonymously without signing up, and the best data protection for user data is simply not having any data on file. Also, if the user is not using the forums (as indicated by the 1+ year absence), we shouldn't continue storing the data as there doesn't seem to be a reason for that anymore (discontinued usage).

While this is all correct, it leaves out data protection laws (GDPR) that demand to store data as short as possible while (https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/principles-gdpr/how-long-can-data-be-kept-and-it-necessary-update-it_en). Furthermore, it recommends establishing review and deletion processes.

My proposal

So I want - and somehow we have to - do that "data hygiene" over here as well. But I'd like to add some additional steps:


Any thoughts on that? Otherwise, I maybe will just go for it... ;-)
Title: Re: Should we purge old & unused accounts?
Post by: fams on 2022/04/30, 10:55:19
Just necessary imho (GDPR).
Good plan.
Title: Re: Should we purge old & unused accounts?
Post by: edlin on 2022/04/30, 11:02:05
Gute Idee.
Ich würde in der E-Mail eine eindeutige Frist (14 Tage?) setzen, innerhalb derer ruhende Accounts wiederbelebt werden können.
Hinweis, dass die Nutzer nichts unternehmen müssen, wenn man seinen Account inklusive der damit verbundenen Daten verfallen und löschen lassen will. Dies erspart das rücksetzen von Passwörtern (viele werden ihres nicht mehr kennen) und die Fragen, wie und wo man seinen Account löschen kann.

Good idea.
I would set a clear deadline (14 days?) in the email within which dormant accounts can be reanimated.
Note that users do not have to do anything if they want their account, including the associated data, to expire and be deleted. This saves resetting passwords (many will no longer know theirs) and the questions of how and where to delete their account.

edlin
Title: Re: Should we purge old & unused accounts?
Post by: DeepDayze on 2022/04/30, 20:18:42
Totally in agreement with this idea as it will reduce the attack surface in case of a breach. Sending out a mass email to those old inactive accounts is one way to make members aware and if they want to keep their account active they should at least log in once each year or if they forgot their password or no longer have access to the email account used at registration there should be instructions (in both English and German).
Title: Re: Should we purge old & unused accounts?
Post by: vinzv on 2022/05/08, 21:52:20
Thanks for the input and the affirmation, all. I'll be starting the cleanup process soon.
Title: Re: Should we purge old & unused accounts?
Post by: vinzv on 2022/05/09, 22:41:17
Quick update: Currently I'm sending out the initial mail to ~1.700 accounts.

Furthermore, I found a way to automate the whole process. \o/
Once the initial cleaning is done, I will set the forum up in a way that:
All that is done with no interaction, which gives us a valid data handling strategy to comply with GDPR.