Additional question: "Registration-Dialog need to have a button/step to agree the data processing. And to this belongs a button to disagree."
I guess user should be able to register only if he/she agree to data processing Registration should be impossible if user disagree So I guess having following controls at registration dialog would be sufficient: 1) "I agree my data will be processed" checkbox 2) "display agreement" button would it be OK? On Sat, Apr 21, 2018 at 11:17 PM, Maxim Solodovnik <[email protected]> wrote: > Hello Peter, > > this is partially implemented > Could you please test current implementation using latest nightly build? > > And maybe you can provide sample "personal data agreement" text? > > On Wed, Apr 11, 2018 at 6:38 PM, Peter Dähn <[email protected]> wrote: >> I try... ;-) >> >> >> Am 11.04.2018 um 13:11 schrieb Maxim Solodovnik: >> >> Will write it as a requirement, will see what can be done here >> Thanks a lot for the quick answers! >> >> On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn <[email protected]> wrote: >>> >>> ip-address is now a private date... it have to be at least anonymised >>> after 7 (maybe 14 days)... ipv4 addresses delete last 8 recommended 16 bit >>> (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or better 16 >>> Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done automated after >>> 7 Days? >>> >>> Greetings Peter >>> >>> Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik: >>> >>> According "Hash algorithm" I planned to use random UUID >>> so All fields will look like this: >>> "Purged_54cd4426-1c0a-4ab8-bb35-eb6d26da99cf" >>> >>> Are you sure IP should be cleaned-up? There will be no chance to "restore" >>> who was this user ..... >>> >>> On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn <[email protected]> wrote: >>>> >>>> Hi Maxim, >>>> >>>> I think this list is complete and you are right, this is a lot of stuff. >>>> >>>> The option that you suggest sound much more feasible. From my point of >>>> few this should be enough. >>>> >>>> Hash algorithm need to be state of the art. IP-address in ConferenceLog >>>> need to be cleaned. >>>> >>>> I think this is a good way. >>>> >>>> Btw... is there is a way/setting to anonymize IP-adresses while logging? >>>> Otherwise I need to write a script to do so. Maybe I need to do it anyway >>>> to >>>> kick out usernames. Logfiles need to be delete after 7 (maybe 14) days or >>>> they need to be without any userdata. >>>> >>>> Greetings Peter >>>> >>>> >>>> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik: >>>> >>>> Hello Peter, >>>> >>>> Here is the high level list of what need to done to "hard delete" user >>>> from the system: >>>> >>>> delete user >>>> delete all user contacts (also users, so we might have recursion here) >>>> delete user from all groups >>>> delete user from room moderators >>>> delete all appointments with owner == user >>>> delete all calendars with owner == user >>>> delete all meeting members in appointments where owner != user >>>> delete all Private Messages where user is in to/from fields >>>> delete all UserContact + Requests >>>> delete all invitation sent by this user >>>> delete all private rooms owned by this user >>>> delete all user private files/recordings >>>> delete all chat messages send/received by this user >>>> clean email messages >>>> clean all Polls/answers >>>> >>>> >>>> This list scares me a lot :((( >>>> >>>> So let's discuss the option: "Mark user deleted and clean-up sensitive >>>> information" >>>> >>>> What I would propose: >>>> >>>> In Admin->User area >>>> >>>> display all users (deleted should be "read-only" with restore and purge >>>> options only) >>>> add additional "Purge" button >>>> In case Purge will be selected: >>>> >>>> User will be marked deleted >>>> AsteriskSipUser and Address will be replaced with empty objects >>>> User fields "age, externaluserid, firstname, lastname, login, pictureuri" >>>> will be replaced with "Purged_some_hash" >>>> User profile picture will be deleted >>>> ChatMessage: fromName will be replaced with "Purged User" >>>> MailMessage: should be purged (some search by email will be required) >>>> >>>> ConferenceLog right now contains userId+UserIp right now, so it is 2 >>>> numbers should it be cleaned up? >>>> >>>> SOAPLogin contains clientURL and doesn't contains userId, so it is >>>> impossible to associate SoapLogin object with particular user >>>> >>>> >>>> Would it be enough? >>>> >>>> >>>> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn <[email protected]> wrote: >>>>> >>>>> Hi Maxim, >>>>> >>>>> hard delete as only option would be the easiest way (for the admin). One >>>>> doesn't need to remind "hard delete" at a given time... I think it need to >>>>> be implemented anyway. I thought just the ones that doesn't need to take >>>>> care about these regulation could keep things as they are now... >>>>> >>>>> Greetings Peter >>>>> >>>>> >>>>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik: >>>>>> >>>>>> I'm afraid there will be no option to "final delete one record" >>>>>> It will be: perform total clean-up and hard delete all soft deleted >>>>>> records >>>>>> >>>>>> Or better to perform: hard delete as the only option? >>>>>> >>>>>> On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn <[email protected]> wrote: >>>>>>> >>>>>>> Hi Maxim, >>>>>>> >>>>>>> "soft" and "final delete" should be enough I think... >>>>>>> >>>>>>> It just need to be "findable" and described for new admins that >>>>>>> provide the >>>>>>> service in the EU... >>>>>>> >>>>>>> jira in a second... >>>>>>> >>>>>>> Greetings Peter >>>>>>> >>>>>>> >>>>>>> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik: >>>>>>>> >>>>>>>> Hello Peter, >>>>>>>> >>>>>>>> This sounds like lots of new testing :( >>>>>>>> Will try to find time and include it in 4.0.3/4.0.4 >>>>>>>> >>>>>>>> (have very limited time right now :( ) >>>>>>>> Will appreciated any help with testing >>>>>>>> >>>>>>>> Would it be OK to perform "final delete" in clean-up widget? i.e. >>>>>>>> delete will be "soft delete", then in if will push "Clean-up" all >>>>>>>> soft >>>>>>>> deleted data will be hard deleted ... >>>>>>>> Or it doesn't worth to have both? only hard delete will be enough? >>>>>>>> >>>>>>>> On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn <[email protected]> wrote: >>>>>>>>> >>>>>>>>> Hey there, >>>>>>>>> >>>>>>>>> new privacy regulations will take place on the 25th May 2018 in >>>>>>>>> Europe. >>>>>>>>> You >>>>>>>>> could find informations about it by searching for General Data >>>>>>>>> Protection >>>>>>>>> Regulation (EU) 2016/679. >>>>>>>>> >>>>>>>>> To use openmeetings after the 25th of May (in Europe) there need to >>>>>>>>> be a >>>>>>>>> few >>>>>>>>> changes. We use openmeetings integrated. So I will mainly be focused >>>>>>>>> on >>>>>>>>> the >>>>>>>>> room. >>>>>>>>> >>>>>>>>> I have 3 points that are really necessary: >>>>>>>>> >>>>>>>>> 1. User deletion: Datasets of users that will be deleted need to be >>>>>>>>> remove >>>>>>>>> from the database, not just marked as deleted. Probably it is enough >>>>>>>>> to >>>>>>>>> hash >>>>>>>>> those fields. >>>>>>>>> >>>>>>>>> I think critical fields are in table: >>>>>>>>> >>>>>>>>> om_user -> age, externaluserid, firstname, lastname, >>>>>>>>> login, >>>>>>>>> pictureuri (and picture itself) and sip_user_id >>>>>>>>> >>>>>>>>> conferencelog -> email, external_user_id, firstname, >>>>>>>>> lastname, >>>>>>>>> user_id, userip >>>>>>>>> >>>>>>>>> soaplogin -> client_url (contains the ip-address) >>>>>>>>> >>>>>>>>> sipusers (here empty so please check) -> defaultuser, >>>>>>>>> host, >>>>>>>>> ipaddr, name >>>>>>>>> >>>>>>>>> address -> email, fax, phone >>>>>>>>> >>>>>>>>> chat -> from_name >>>>>>>>> >>>>>>>>> e-mail_queue (if not empty) -> recipients, replyto >>>>>>>>> >>>>>>>>> 2. There need to be a place to place a (customized) privacy policy. >>>>>>>>> >>>>>>>>> 3. Registration-Dialog need to have a button/step to agree the data >>>>>>>>> processing. And to this belongs a button to disagree. >>>>>>>>> >>>>>>>>> >>>>>>>>> As far as I can see this need to be done in the first place. I'm >>>>>>>>> sure >>>>>>>>> there >>>>>>>>> are more things to do. Maybe someone can complete it. >>>>>>>>> >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> >>>>>> >>>>>> >>>>> >>>> >>>> >>>> >>>> -- >>>> WBR >>>> Maxim aka solomax >>> >>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >> >> >> >> >> -- >> WBR >> Maxim aka solomax > > > > -- > WBR > Maxim aka solomax -- WBR Maxim aka solomax
