Will write it as a requirement, will see what can be done here Thanks a lot for the quick answers!
On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn <[email protected]> wrote: > ip-address is now a private date... it have to be at least anonymised > after 7 (maybe 14 days)... ipv4 addresses delete last 8 recommended 16 bit > (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or better 16 > Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done automated > after 7 Days? > > Greetings Peter > > Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik: > > According "Hash algorithm" I planned to use random UUID > so All fields will look like this: "Purged_54cd4426-1c0a- > 4ab8-bb35-eb6d26da99cf" > > Are you sure IP should be cleaned-up? There will be no chance to "restore" > who was this user ..... > > On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn <[email protected]> wrote: > >> Hi Maxim, >> >> I think this list is complete and you are right, this is a lot of stuff. >> >> The option that you suggest sound much more feasible. From my point of >> few this should be enough. >> >> Hash algorithm need to be state of the art. IP-address in ConferenceLog >> need to be cleaned. >> >> I think this is a good way. >> >> Btw... is there is a way/setting to anonymize IP-adresses while logging? >> Otherwise I need to write a script to do so. Maybe I need to do it anyway >> to kick out usernames. Logfiles need to be delete after 7 (maybe 14) days >> or they need to be without any userdata. >> >> Greetings Peter >> >> >> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik: >> >> Hello Peter, >> >> Here is the high level list of what need to done to "hard delete" user >> from the system: >> >> >> 1. delete user >> 2. delete all user contacts (also users, so we might have recursion >> here) >> 3. delete user from all groups >> 4. delete user from room moderators >> 5. delete all appointments with owner == user >> 6. delete all calendars with owner == user >> 7. delete all meeting members in appointments where owner != user >> 8. delete all Private Messages where user is in to/from fields >> 9. delete all UserContact + Requests >> 10. delete all invitation sent by this user >> 11. delete all private rooms owned by this user >> 12. delete all user private files/recordings >> 13. delete all chat messages send/received by this user >> 14. clean email messages >> 15. clean all Polls/answers >> >> >> This list scares me a lot :((( >> >> So let's discuss the option: "Mark user deleted and clean-up sensitive >> information" >> >> What I would propose: >> >> In Admin->User area >> >> 1. display all users (deleted should be "read-only" with restore and >> purge options only) >> 2. add additional "Purge" button >> 3. In case Purge will be selected: >> 1. User will be marked deleted >> 2. AsteriskSipUser and Address will be replaced with empty objects >> 3. User fields "age, externaluserid, firstname, lastname, login, >> pictureuri" will be replaced with "Purged_some_hash" >> 4. User profile picture will be deleted >> 5. ChatMessage: fromName will be replaced with "Purged User" >> 6. MailMessage: should be purged (some search by email will be >> required) >> >> ConferenceLog right now contains userId+UserIp right now, so it is 2 >> numbers should it be cleaned up? >> >> SOAPLogin contains clientURL and doesn't contains userId, so it is >> impossible to associate SoapLogin object with particular user >> >> >> Would it be enough? >> >> >> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn <[email protected]> wrote: >> >>> Hi Maxim, >>> >>> hard delete as only option would be the easiest way (for the admin). One >>> doesn't need to remind "hard delete" at a given time... I think it need to >>> be implemented anyway. I thought just the ones that doesn't need to take >>> care about these regulation could keep things as they are now... >>> >>> Greetings Peter >>> >>> >>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik: >>> >>>> I'm afraid there will be no option to "final delete one record" >>>> It will be: perform total clean-up and hard delete all soft deleted >>>> records >>>> >>>> Or better to perform: hard delete as the only option? >>>> >>>> On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn <[email protected]> wrote: >>>> >>>>> Hi Maxim, >>>>> >>>>> "soft" and "final delete" should be enough I think... >>>>> >>>>> It just need to be "findable" and described for new admins that >>>>> provide the >>>>> service in the EU... >>>>> >>>>> jira in a second... >>>>> >>>>> Greetings Peter >>>>> >>>>> >>>>> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik: >>>>> >>>>>> Hello Peter, >>>>>> >>>>>> This sounds like lots of new testing :( >>>>>> Will try to find time and include it in 4.0.3/4.0.4 >>>>>> >>>>>> (have very limited time right now :( ) >>>>>> Will appreciated any help with testing >>>>>> >>>>>> Would it be OK to perform "final delete" in clean-up widget? i.e. >>>>>> delete will be "soft delete", then in if will push "Clean-up" all soft >>>>>> deleted data will be hard deleted ... >>>>>> Or it doesn't worth to have both? only hard delete will be enough? >>>>>> >>>>>> On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn <[email protected]> wrote: >>>>>> >>>>>>> Hey there, >>>>>>> >>>>>>> new privacy regulations will take place on the 25th May 2018 in >>>>>>> Europe. >>>>>>> You >>>>>>> could find informations about it by searching for General Data >>>>>>> Protection >>>>>>> Regulation (EU) 2016/679. >>>>>>> >>>>>>> To use openmeetings after the 25th of May (in Europe) there need to >>>>>>> be a >>>>>>> few >>>>>>> changes. We use openmeetings integrated. So I will mainly be focused >>>>>>> on >>>>>>> the >>>>>>> room. >>>>>>> >>>>>>> I have 3 points that are really necessary: >>>>>>> >>>>>>> 1. User deletion: Datasets of users that will be deleted need to be >>>>>>> remove >>>>>>> from the database, not just marked as deleted. Probably it is enough >>>>>>> to >>>>>>> hash >>>>>>> those fields. >>>>>>> >>>>>>> I think critical fields are in table: >>>>>>> >>>>>>> om_user -> age, externaluserid, firstname, lastname, >>>>>>> login, >>>>>>> pictureuri (and picture itself) and sip_user_id >>>>>>> >>>>>>> conferencelog -> email, external_user_id, firstname, >>>>>>> lastname, >>>>>>> user_id, userip >>>>>>> >>>>>>> soaplogin -> client_url (contains the ip-address) >>>>>>> >>>>>>> sipusers (here empty so please check) -> defaultuser, >>>>>>> host, >>>>>>> ipaddr, name >>>>>>> >>>>>>> address -> email, fax, phone >>>>>>> >>>>>>> chat -> from_name >>>>>>> >>>>>>> e-mail_queue (if not empty) -> recipients, replyto >>>>>>> >>>>>>> 2. There need to be a place to place a (customized) privacy policy. >>>>>>> >>>>>>> 3. Registration-Dialog need to have a button/step to agree the data >>>>>>> processing. And to this belongs a button to disagree. >>>>>>> >>>>>>> >>>>>>> As far as I can see this need to be done in the first place. I'm sure >>>>>>> there >>>>>>> are more things to do. Maybe someone can complete it. >>>>>>> >>>>>>> >>>>>>> Greetings Peter >>>>>>> >>>>>> >>>>>> >>>>>> >>>> >>>> >>> >> >> >> -- >> WBR >> Maxim aka solomax >> >> > > > -- > WBR > Maxim aka solomax > > -- WBR Maxim aka solomax
