Opened 7 years ago
Closed 6 years ago
#7825 closed enhancement (fixed)
Privacy: Erase/anonymize user content
Reported by: | boonebgorges | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Core | Keywords: | 2nd-opinion |
Cc: |
Description
Parent ticket: #7698
GDPR guarantees the Right to Erasure, which we must respect.
We already do a fairly thorough (perhaps too thorough) job of deleting data on user deletion. On 'delete_user'
, we do the following:
- delete all of a user's friendships and friendship requests
friends_remove_data()
- delete all of a user's notifications
bp_notifications_delete_notifications_on_user_delete()
- delete all activity items belonging to the user (matches
user_id
)bp_activity_remove_all_user_data()
- delete all "user blogs" - metadata about user-blog connections from
wp_bp_user_blogs
-bp_blogs_remove_data()
- delete all of a user's group memberships, all group invitations/requests, and all groups of which the deleted user was both the creator and the sole administrator (yikes)
groups_remove_data_for_user()
- delete user's custom avatar
bp_core_delete_avatar_on_user_delete()
- delete user's last activity
bp_core_remove_data()
(redundant with activity deletion) - delete user's xprofile data
xprofile_remove_data()
Stuff we don't delete:
- Messages. Instead, we anonymize username and content. See
bp_get_the_thread_message_content()
. - Cover images. See #7636.
Are there things I've left off the list?
In terms of GDPR, I'm uncertain that there's anything else we need to do here. In terms of having a better system more generally (like allowing admins to retain certain kinds of info that might be legally required for other reasons), we have a lot of work to do, but it's perhaps less urgent than other GDPR-related tasks.
Anyone else have thoughts about whether anything additonial needs to be done here for 3.1?
Change History (2)
#2
@
6 years ago
- Milestone 4.0 deleted
- Resolution set to fixed
- Status changed from new to closed
I think that there are no technical tasks here for 4.0, so I'm going to close. In the future, we may look at building better tools for "deleted" statuses, but that's part of a separate project that's not necessarily related to GDPR.
Milestone renamed