GDPR and Boards.ie post removal policy **update linked in OP 24/5/18**

beauf

Franz Von Peppercorn wrote: »

The big technical problem is that quoted posts contain the name and I believe that’s pretty much hard coded.

Must be able to write a script that changes a username if found in the comments in the same thread in which that username has posted.

Tbh this was always a problem and boards took the line of keeping old posts while making it obsolete by locking old threads.

Permabear

This post has been deleted.

hullaballoo

As a lawyer who's also happily an expert on data protection, I don't see the issues as starkly as above or some of the other posts on this thread thus far.

I've not been asked for my views and I await the official response as much as anyone else but I don't think the GDPR goes where many people seem to incorrectly, in my view, think it does.

Permabear

This post has been deleted.

hullaballoo

They should have drafted the law in that way, if that's what they were aiming for.

As it is, it's a swing and a miss. (In my view.)

beauf

hullaballoo wrote: »

As a lawyer who's also happily an expert on data protection, I don't see the issues as starkly as above or some of the other posts on this thread thus far.

I've not been asked for my views and I await the official response as much as anyone else but I don't think the GDPR goes where many people seem to incorrectly, in my view, think it does.

I think people under-estimate how much you can build from disparate bits of information seemingly un-connected. People who are used to mining such information are perhaps more aware of it.

Steve

1984 is upon us... just a bit late.

What happened to common sense?

If you post stuff on the internet, you may as well spray paint it on the wall outside your house. Anyone that hasn't copped on to that in this day and age needs to be unplugged from the rest of the world.

beauf

I think its a little more nuanced than that. Companies (people) cant say they will use your data for one thing, then use it for another thing, or indeed keep it after its no longer needed for its original purpose.

Jeff2

Steve wrote: »

1984 is upon us... just a bit late.

What happened to common sense?

If you post stuff on the internet, you may as well spray paint it on the wall outside your house. Anyone that hasn't copped on to that in this day and age needs to be unplugged from the rest of the world.

Do you know any forum can hide a thread rather than lock it.
Or just delete it.

Permabear

This post has been deleted.

hullaballoo

What I've been driving clumsily at is that there is more nuance to it than absolute rights to x, y and z. There are, as always, competing rights of individuals, be they private individuals or corporate.

Franz Von Peppercorn

hullaballoo wrote: »

What I've been driving clumsily at is that there is more nuance to it than absolute rights to x, y and z. There are, as always, competing rights of individuals, be they private individuals or corporate.

That’s not saying very much. One thing is certain information shouldn’t be kept when an account is closed. The only reason boards would have to do that is to track old accounts. The only byudiness case they have got that is to ban re reg trolls. But that’s probably not enough.

Permabear

This post has been deleted.

.......

This post has been deleted.

BowSideChamp

Are PM's on boards.ie still sent via html, not through secure ssl? GDPR requires personal information to be encrypted. Surely there is sensitive information vulnerable.

Nody

....... wrote: »

This post has been deleted.

You are aware that the existing functions to be forgotten were set up with the approval of the Irish Data Protection Inspection, right? Hence they met all the requirements as they don't keep the personal data of a closed account; they get a hashtag number of the data which can only be used to check against another hashtag number to see if they match or not. Hence the e-mail address, name etc. are unknown when the closing of the account has happened and they can not go in and check if closed account Y has e-mail joe.blogs@gmail.com or joes.blogs@gmail.com any more.

.......

This post has been deleted.

Permabear

This post has been deleted.

beauf

"identifiable" is a game changer.

Considering all the companies and technologies that string lots of snippets together to get meaningful data on people.

Boards.ie: Niamh

We will always remove, if requested to, any identifying information that someone has posted either purposely or inadvertently - their real name, phone number, email address, Eircode, address, employers, etc. Often posts of this nature are reported by other eagle-eyed users, however occasionally someone will contact us about a post they made in their distant past with their mobile number or something similar and ask us to remove it. It is never an issue to edit or remove these posts and this has always been the case.

It's interesting to hear the different interpretations of the legislation and it'll also be interesting to see how it will shape things for the future for the internet/companies in general, not just us.

As Mark and dudara posted on Friday, we will have an announcement about this soon after we have received all legal advice.

Franz Von Peppercorn

Nody wrote: »

You are aware that the existing functions to be forgotten were set up with the approval of the Irish Data Protection Inspection, right? Hence they met all the requirements as they don't keep the personal data of a closed account; they get a hashtag number of the data which can only be used to check against another hashtag number to see if they match or not. Hence the e-mail address, name etc. are unknown when the closing of the account has happened and they can not go in and check if closed account Y has e-mail joe.blogs@gmail.com or joes.blogs@gmail.com any more.

They must be tracking multiple ip addresses because they can link accounts. We can’t reuse email accounts. I’ve changed isp 3 times in 3 years and I believe I’ve also changed house or country since I started posting. I have 3 old accounts and a mod banned me for a day recently due to my record in old accounts despite no previous infraction in this one in that forum.

How does that linking work? Can’t be a hash of all the dara since some of the data changed.

Permabear

This post has been deleted.

.......

This post has been deleted.

Boards.ie: Niamh

....... wrote: »

This post has been deleted.

They can be but not immediately. For example, if you were to close your account today and then decided to open a new account the following day, you cannot reuse the same email address. It will still be associated with the closed account for a specific period of time in a hashed version on our servers. However, it is no longer visible to staff or admins from the moment you've closed the account. The hashed version of the email address is deleted after a certain amount of time and could be reused at that point. To the best of my recollection that period of time is either 30 or 40 days but I'd have to check that. That is the current situation.

_Dara_

Permabear wrote: »

This post had been deleted.

I'm not sure about this. There are many 10+ year posters here who have written a lot about their lives but yet what they have written is pretty generic and I have no idea who they are despite all that they have written.

The people I have successfully identified have tended to be people who couple this generic information with clues to their real name in their username. Without that, it becomes much harder.

beauf

I have identified people simply because their adverts username is similar to their boards, and when you look at the two together, it became obvious from what they were selling who they were, in conjunction with what they posted. I only stumbled across them looking for something else.

Permabear

This post has been deleted.

Chorus_suck

This post has been deleted.

Soulsun

Permabear wrote: »

This post had been deleted.

Any legal eagle's or gdpr experts out there?

I suspect boards will back down completely.

Permabear

This post has been deleted.