Skip to:

Opened 6 years ago

Closed 6 years ago

#7825 closed enhancement (fixed)

Privacy: Erase/anonymize user content

Reported by: boonebgorges's profile boonebgorges Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Core Keywords: 2nd-opinion


Parent ticket: #7698

GDPR guarantees the Right to Erasure, which we must respect.

We already do a fairly thorough (perhaps too thorough) job of deleting data on user deletion. On 'delete_user', we do the following:

  • delete all of a user's friendships and friendship requests friends_remove_data()
  • delete all of a user's notifications bp_notifications_delete_notifications_on_user_delete()
  • delete all activity items belonging to the user (matches user_id) bp_activity_remove_all_user_data()
  • delete all "user blogs" - metadata about user-blog connections from wp_bp_user_blogs - bp_blogs_remove_data()
  • delete all of a user's group memberships, all group invitations/requests, and all groups of which the deleted user was both the creator and the sole administrator (yikes) groups_remove_data_for_user()
  • delete user's custom avatar bp_core_delete_avatar_on_user_delete()
  • delete user's last activity bp_core_remove_data() (redundant with activity deletion)
  • delete user's xprofile data xprofile_remove_data()

Stuff we don't delete:

  • Messages. Instead, we anonymize username and content. See bp_get_the_thread_message_content().
  • Cover images. See #7636.

Are there things I've left off the list?

In terms of GDPR, I'm uncertain that there's anything else we need to do here. In terms of having a better system more generally (like allowing admins to retain certain kinds of info that might be legally required for other reasons), we have a lot of work to do, but it's perhaps less urgent than other GDPR-related tasks.

Anyone else have thoughts about whether anything additonial needs to be done here for 3.1?

Change History (2)

#1 @DJPaul
6 years ago

  • Milestone changed from 3.1 to 4.0

Milestone renamed

#2 @boonebgorges
6 years ago

  • Milestone 4.0 deleted
  • Resolution set to fixed
  • Status changed from new to closed

I think that there are no technical tasks here for 4.0, so I'm going to close. In the future, we may look at building better tools for "deleted" statuses, but that's part of a separate project that's not necessarily related to GDPR.

Note: See TracTickets for help on using tickets.