GDPR Compliance

  • Plugin Author Lester Chan

    (@gamerz)


    6 years, 6 months ago

    I have pushed a small fixed to GitHub and hopefully, this will solve the GDPR issue.

    This plugin stores your IP address and Hostname when you vote. So what this fix does is just masked the last bit of IP address before storing to the database. Example: 127.0.0.1 will become 127.0.0.xxx. And a Hostname of 127-0-0-1.isp.com.sg will become just isp.com.sg.

    Of course, there are side effects. This means that any user within the same subnet can only vote once. There is no way around it. If you need it to be unique, you have to allow the user to register before they can vote.

    You can download it here https://github.com/lesterchan/wp-postratings/archive/master.zip. I will need more people to test it before I officially release it.

Viewing 15 replies - 1 through 15 (of 22 total)

  • Thank you. I have tested it and it works for me.
    But what is with the older Ratings? Better were when the IP also change…
    Is it possible?

    Plugin Author Lester Chan

    (@gamerz)

    Nope. It is going forward. The existing ratings will not be changed. You can always truncate the whole wp_ratings table when the GDPR starts. It will not have any effect on the ratings since that table is just used for logging purposes.

    Hi Lester, this change was not enough?
    https://www.ads-software.com/support/topic/how-to-remove-ip/#post-9921281

    Plugin Author Lester Chan

    (@gamerz)

    Not really. The change is a blanket sweep. This is sort of a better fix as it still logs IP but mask the last bit of it.

    Hi Lester,

    I installed the new version of the plugin from github in order to make your plugin suitable for the new law here in Germany. Unfortunately all the old ratings are gone now. I have a backup of my sql database, but: How can I restore th ratings from the backup file? Which tables have to be restored and how?

    Thank you and Best Regards,
    Michael

    Hi Lester, your update works fine for me too. Thank you very much!

    Hi, yep, it works.

    Will you make an official Update for the fix???

    thanks

    Plugin Author Lester Chan

    (@gamerz)

    I am still thinking of a better fix. Does anyone know if hashing an IP and storing it violates GDPR?

    Worked for me, too.
    Thanks.

    Hi Lester,
    is it not easier to permanently delete IP, and leaving only cookies?

    Plugin Author Lester Chan

    (@gamerz)

    No. Because cookie can be deleted and people can re-vote easily. Sorry, I would not sacrifice the feature of the plugin because of EU users.

    Plugin Author Lester Chan

    (@gamerz)

    I have hashed the IP instead of anonymizing it to remove the side effect. It seems most ratings/polls plugin are doing the same thing.

    I install the plugin, i active it and when i got to setup i get 404

    I am still thinking of a better fix. Does anyone know if hashing an IP and storing it violates GDPR?

    What about an option to disable IP/Hosting storing. Just blank this field.

    I just emptied rating_ip, rating_host and rating_username from my database.

    The most offending piece of code right now are cookies.

    In the future, a new law will force them to go, all of them.

Viewing 15 replies - 1 through 15 (of 22 total)
  • The topic ‘GDPR Compliance’ is closed to new replies.