Good morning Peter :) were you able to take a look at this issue?
On Mon, Apr 23, 2018 at 2:37 PM, Peter Dähn <da...@vcrp.de> wrote: > Hi Maxim, > > I will have a look right now. > > Greetings Peter > > > Am 21.04.2018 um 18:17 schrieb Maxim Solodovnik: >> >> Hello Peter, >> >> this is partially implemented >> Could you please test current implementation using latest nightly build? >> >> And maybe you can provide sample "personal data agreement" text? >> >> On Wed, Apr 11, 2018 at 6:38 PM, Peter Dähn <da...@vcrp.de> wrote: >>> >>> I try... ;-) >>> >>> >>> Am 11.04.2018 um 13:11 schrieb Maxim Solodovnik: >>> >>> Will write it as a requirement, will see what can be done here >>> Thanks a lot for the quick answers! >>> >>> On Wed, Apr 11, 2018 at 5:34 PM, Peter Dähn <da...@vcrp.de> wrote: >>>> >>>> ip-address is now a private date... it have to be at least anonymised >>>> after 7 (maybe 14 days)... ipv4 addresses delete last 8 recommended 16 >>>> bit >>>> (192.168.123.0 or 192.168.0.0) and ipv6 preserve first 48 -8 or better >>>> 16 >>>> Bit (2a00:1234:56:: or 2a00:1234::) Maybe this could be done automated >>>> after >>>> 7 Days? >>>> >>>> Greetings Peter >>>> >>>> Am 11.04.2018 um 09:31 schrieb Maxim Solodovnik: >>>> >>>> According "Hash algorithm" I planned to use random UUID >>>> so All fields will look like this: >>>> "Purged_54cd4426-1c0a-4ab8-bb35-eb6d26da99cf" >>>> >>>> Are you sure IP should be cleaned-up? There will be no chance to >>>> "restore" >>>> who was this user ..... >>>> >>>> On Wed, Apr 11, 2018 at 2:18 PM, Peter Dähn <da...@vcrp.de> wrote: >>>>> >>>>> Hi Maxim, >>>>> >>>>> I think this list is complete and you are right, this is a lot of >>>>> stuff. >>>>> >>>>> The option that you suggest sound much more feasible. From my point of >>>>> few this should be enough. >>>>> >>>>> Hash algorithm need to be state of the art. IP-address in ConferenceLog >>>>> need to be cleaned. >>>>> >>>>> I think this is a good way. >>>>> >>>>> Btw... is there is a way/setting to anonymize IP-adresses while >>>>> logging? >>>>> Otherwise I need to write a script to do so. Maybe I need to do it >>>>> anyway to >>>>> kick out usernames. Logfiles need to be delete after 7 (maybe 14) days >>>>> or >>>>> they need to be without any userdata. >>>>> >>>>> Greetings Peter >>>>> >>>>> >>>>> Am 11.04.2018 um 06:43 schrieb Maxim Solodovnik: >>>>> >>>>> Hello Peter, >>>>> >>>>> Here is the high level list of what need to done to "hard delete" user >>>>> from the system: >>>>> >>>>> delete user >>>>> delete all user contacts (also users, so we might have recursion here) >>>>> delete user from all groups >>>>> delete user from room moderators >>>>> delete all appointments with owner == user >>>>> delete all calendars with owner == user >>>>> delete all meeting members in appointments where owner != user >>>>> delete all Private Messages where user is in to/from fields >>>>> delete all UserContact + Requests >>>>> delete all invitation sent by this user >>>>> delete all private rooms owned by this user >>>>> delete all user private files/recordings >>>>> delete all chat messages send/received by this user >>>>> clean email messages >>>>> clean all Polls/answers >>>>> >>>>> >>>>> This list scares me a lot :((( >>>>> >>>>> So let's discuss the option: "Mark user deleted and clean-up sensitive >>>>> information" >>>>> >>>>> What I would propose: >>>>> >>>>> In Admin->User area >>>>> >>>>> display all users (deleted should be "read-only" with restore and purge >>>>> options only) >>>>> add additional "Purge" button >>>>> In case Purge will be selected: >>>>> >>>>> User will be marked deleted >>>>> AsteriskSipUser and Address will be replaced with empty objects >>>>> User fields "age, externaluserid, firstname, lastname, login, >>>>> pictureuri" >>>>> will be replaced with "Purged_some_hash" >>>>> User profile picture will be deleted >>>>> ChatMessage: fromName will be replaced with "Purged User" >>>>> MailMessage: should be purged (some search by email will be required) >>>>> >>>>> ConferenceLog right now contains userId+UserIp right now, so it is 2 >>>>> numbers should it be cleaned up? >>>>> >>>>> SOAPLogin contains clientURL and doesn't contains userId, so it is >>>>> impossible to associate SoapLogin object with particular user >>>>> >>>>> >>>>> Would it be enough? >>>>> >>>>> >>>>> On Fri, Apr 6, 2018 at 4:21 PM, Peter Dähn <da...@vcrp.de> wrote: >>>>>> >>>>>> Hi Maxim, >>>>>> >>>>>> hard delete as only option would be the easiest way (for the admin). >>>>>> One >>>>>> doesn't need to remind "hard delete" at a given time... I think it >>>>>> need to >>>>>> be implemented anyway. I thought just the ones that doesn't need to >>>>>> take >>>>>> care about these regulation could keep things as they are now... >>>>>> >>>>>> Greetings Peter >>>>>> >>>>>> >>>>>> Am 06.04.2018 um 10:09 schrieb Maxim Solodovnik: >>>>>>> >>>>>>> I'm afraid there will be no option to "final delete one record" >>>>>>> It will be: perform total clean-up and hard delete all soft deleted >>>>>>> records >>>>>>> >>>>>>> Or better to perform: hard delete as the only option? >>>>>>> >>>>>>> On Fri, Apr 6, 2018 at 2:44 PM, Peter Dähn <da...@vcrp.de> wrote: >>>>>>>> >>>>>>>> Hi Maxim, >>>>>>>> >>>>>>>> "soft" and "final delete" should be enough I think... >>>>>>>> >>>>>>>> It just need to be "findable" and described for new admins that >>>>>>>> provide the >>>>>>>> service in the EU... >>>>>>>> >>>>>>>> jira in a second... >>>>>>>> >>>>>>>> Greetings Peter >>>>>>>> >>>>>>>> >>>>>>>> Am 05.04.2018 um 17:47 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Hello Peter, >>>>>>>>> >>>>>>>>> This sounds like lots of new testing :( >>>>>>>>> Will try to find time and include it in 4.0.3/4.0.4 >>>>>>>>> >>>>>>>>> (have very limited time right now :( ) >>>>>>>>> Will appreciated any help with testing >>>>>>>>> >>>>>>>>> Would it be OK to perform "final delete" in clean-up widget? i.e. >>>>>>>>> delete will be "soft delete", then in if will push "Clean-up" all >>>>>>>>> soft >>>>>>>>> deleted data will be hard deleted ... >>>>>>>>> Or it doesn't worth to have both? only hard delete will be enough? >>>>>>>>> >>>>>>>>> On Thu, Apr 5, 2018 at 5:55 PM, Peter Dähn <da...@vcrp.de> wrote: >>>>>>>>>> >>>>>>>>>> Hey there, >>>>>>>>>> >>>>>>>>>> new privacy regulations will take place on the 25th May 2018 in >>>>>>>>>> Europe. >>>>>>>>>> You >>>>>>>>>> could find informations about it by searching for General Data >>>>>>>>>> Protection >>>>>>>>>> Regulation (EU) 2016/679. >>>>>>>>>> >>>>>>>>>> To use openmeetings after the 25th of May (in Europe) there need >>>>>>>>>> to >>>>>>>>>> be a >>>>>>>>>> few >>>>>>>>>> changes. We use openmeetings integrated. So I will mainly be >>>>>>>>>> focused >>>>>>>>>> on >>>>>>>>>> the >>>>>>>>>> room. >>>>>>>>>> >>>>>>>>>> I have 3 points that are really necessary: >>>>>>>>>> >>>>>>>>>> 1. User deletion: Datasets of users that will be deleted need to >>>>>>>>>> be >>>>>>>>>> remove >>>>>>>>>> from the database, not just marked as deleted. Probably it is >>>>>>>>>> enough >>>>>>>>>> to >>>>>>>>>> hash >>>>>>>>>> those fields. >>>>>>>>>> >>>>>>>>>> I think critical fields are in table: >>>>>>>>>> >>>>>>>>>> om_user -> age, externaluserid, firstname, lastname, >>>>>>>>>> login, >>>>>>>>>> pictureuri (and picture itself) and sip_user_id >>>>>>>>>> >>>>>>>>>> conferencelog -> email, external_user_id, firstname, >>>>>>>>>> lastname, >>>>>>>>>> user_id, userip >>>>>>>>>> >>>>>>>>>> soaplogin -> client_url (contains the ip-address) >>>>>>>>>> >>>>>>>>>> sipusers (here empty so please check) -> >>>>>>>>>> defaultuser, >>>>>>>>>> host, >>>>>>>>>> ipaddr, name >>>>>>>>>> >>>>>>>>>> address -> email, fax, phone >>>>>>>>>> >>>>>>>>>> chat -> from_name >>>>>>>>>> >>>>>>>>>> e-mail_queue (if not empty) -> recipients, replyto >>>>>>>>>> >>>>>>>>>> 2. There need to be a place to place a (customized) privacy >>>>>>>>>> policy. >>>>>>>>>> >>>>>>>>>> 3. Registration-Dialog need to have a button/step to agree the >>>>>>>>>> data >>>>>>>>>> processing. And to this belongs a button to disagree. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> As far as I can see this need to be done in the first place. I'm >>>>>>>>>> sure >>>>>>>>>> there >>>>>>>>>> are more things to do. Maybe someone can complete it. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>> >>>>> >>>>> >>>>> -- >>>>> WBR >>>>> Maxim aka solomax >>>> >>>> >>>> >>>> >>>> -- >>>> WBR >>>> Maxim aka solomax >>> >>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >> >> >> > -- WBR Maxim aka solomax
