GDPR EU legislation
In power from 28.05.2018.
What is stance of bbPress core about it ?
What needs to be done.
I have not seen anyone is working on a plugin for compliance.
Strange, funny coincidence.
Just today I checked what it is about one spam I am getting from one se(x) dating site. I noticed in last 1-2 years avalanche of this problem. Suspected someone is selling my e-mail address.
Went there and:
– Dedicated Page about how are they compliant with coming GDPR regulation.
– FAQ says if you want to delete account “simply do not login anymore”.
– Someone sold them my e-mail address.
– They simply take anything before @ and use as Username
– They sent password to my mail Inbox in clear text.
But OK, will wait end of the May, and URL (Username & Password too) goes directly to the “officer”. With pleasure. They are in the EU.
I guess this would count as second part of my theory. “Lie”, not just “do not tell”.
Would be enough with Gmail filter to directly delete all spam from this sender, if it is not that morons take people’s real names. If those are used in e-mail addresses.
Imagine my wife sees it.
Slack conversations can be hard to follow, anyways here’s a chat recap:
Thanks for this @casiepa 🙂
p.s. I’d also like to echo what Robin said, please keep the conversation about the GDPR and not make it personal, we all have differing opinions, and many of us are coming to this from different angles, for example I’m in Australia, we’ve got no legal privacy protections (this isn’t quite true, but it seems like it most of the time) but I’m more than happy to try to understand what the GDPR entails and how we can make bbPress GDPR compliant 🙂
We have released a plugin to help with bbPress GDPR compliance: https://wordpress.org/plugins/bbp-gdpr/
We’ve released a plugin to help with bbPress GDPR compliance:
I am planning to launch an WordPress website with a forum, and GDPR compliance is a key concern of mine.
The “Right to be forgotten” can be implemented in two ways:
=> Option 1: automatically anonymize posts/discussions member (i.e. the community isn’t losing content). I know some forum software have this anonymization function.
=> Option 2: automatically delete posts of that member and discussions started by that member. This would mean also deleting posts from other members (e.g. discussions they’ve answered).
From an admin perspective, I would much prefer option 1 (the community isn’t missing out on useful discussions/content).
However, despite extensive searches I am not finding which option(s) is(are) supported by bbPress.
Also, all opinion pieces on how Forums can cope with GDPR date back to 2018, whereas I am sure there has been some learnings since then.
I hope it’s OK for me to continue this 2018 discussion, if not i’ll gladly create a new one 🙂
if you want option 1, then on user deletion you get prompted as to where to allocate any topics/replies made by the user, including allocating to another user.
So some people create a user called anything name you like eg ‘anonymous’ or ‘deleted user’, and assign the posts to them.
to see how this works, create a ‘deleted user’ account, then create a test user and make some topics/replies using their username.
then go to
dashboard>users>all users and delete the test user, and you will see the prompt to let you assign to your ‘deleted user’ account.
Thanks Robin, a much appreciated, reassuring reply for me!
So, I’ll recap my understanding below (maybe useful for others too):
bbPress baseline features, when it comes to GDPR
–Right to be forgotten: when admin deletes a user (WordPress Dashboard > Tools > Erase Personal Data), it triggers WordPress’ “Personal Data Erasure” feature, and for bbPress content (posts/topics) will offer to re-assign to another user.
–Right to data portability: when admin hits (WordPress Dashboard > Tools > Export Personal Data), it triggers WordPress’ “Personal Data Export” feature, but the exported file won’t include posts/topics from the forum.
Extra functionality is available via this plugin: https://bbpress.org/forums/topic/make-bbpress-gdpr-compliant/
–Right to be forgotten: when admin deletes a user (WordPress Dashboard > Tools > Erase Personal Data), forum posts/topics will be deleted (no chance to re-assign to another user).
–Right to data portability: when admin hits (WordPress Dashboard > Tools > Export Personal Data), forum posts/topics will be included in the exported file.
I like the ability to re-assign posts (deletion time) but at export time, I like the idea to include those posts. Sounds like a “best of both worlds” to me. Would you or anyone know if that is a possibility? Seems like the above plugin is an “all or nothing”.
Sorry if my questions seem numb, a bit of testing would certainly get the answer, but my website project is at its infancy: I don’t even have a host/wordpress yet, I am investigating which solution/plugins to assemble to achieve my vision.
In fact, I am probably going to use the BuddyBoss platform, which is a fork of bbPress, so I am making the assumption that bbPress’ baseline features are available in BuddyBoss platform, but I might well be wrong!
All-in-one, I will certainly do thorough testing on those aspects, but you know the V cycle idea, I don’t want to find-out late that I am in a dead end 🙁
- You must be logged in to reply to this topic.