fep and GDPR

Hi @georgio-1
GDPR confuse me a lot. Which messages of a user should be deleted, all messages or only messages which have personal data in it? when a message is deleted, what about other replies from other users? in “threaded view” if a parent message is deleted then there is no way to show replies. So if a user delete its message other users can not see their own replies also. What if other users have any important information in their replies? That will be gone forever even they did not request to delete his message.

Hi again @shamim51

The headlines of the GDPR law are: you can store personal data only for a purpose where they are needed and only for the period they are needed, for ex. to perform a transaction. In all the other cases, you must erase the data or have the user’s consent to store them. You must inform the user how the stored data will be used and if you share them with external services and who. The user may have access to that data and ask for their erasure or correction.

I think that deleting messages is not realistic for the reasons you mention above.
What is mandatory, in my opinion, is the user’s agreement for storing their messages. Optionnaly, users may have the possibility to export their messages.

The messages are not personal data per se, but they may contain personal information. Personal data is every thing that can identify a physical person directly or indirectly. This means that if a user, for whatever reason, publishes another user’s message (I mean publicly) with personal data or personal data go public after hacking, the admin may have a legal problem, if these data are stored without consent.

What I propose:
In the Settings (user frontend) you could add a checkbox (unchecked by default) with text <I agree that my messages may be stored by this site>. Otherwise, the user should not be able to use the messenger.

Once a user gives their consent, an entry will be created in the plugin’s Settings (Dashboard) in a special tab for consents with nickname, email and date.

Exporting messages is not mandatory, in my opinion, because a user can see all their messages in one place (Message box) and manage them, but it is a good practice for legal reasons (a report for legal use, if a problem occurs). If you implement export feature, I think it would be better to integrate it in the report of popular GDPR plugins that make global personal data reports. I will write another post later about that integration.

Thank you @georgio-1
Export is not an issue here. I can integrate with core export feature (which added in 4.9.6). But which messages should i export? All messages for that user or only messages which contain personal data? How will i determine which messages contain personal data? Export all messages for that user will be easy, but a website having lots of messages will create a big export file.

We can add an option for user to agree before use messaging system (admin can on/off this option).

But still deleting messages is an issue. May be we can replace messages with dummy text. Maybe “Message deleted”.

@shamim51
You cannot determine which messages contain personal data, so all messages of a user should be exported.

If deleting messages is an issue, then replacing messages with “Message deleted” is a good idea.

What happens now:
If I delete a conversation (threaded message) with John, the conversation is “deleted” only on my side, but John doesn’t know it and may reply to that conversation. In this case I will receive his reply and all the “deleted” conversation will be restored. That’s not GDPR compliant, because the conversation is not deleted or anonymized but only hidden.

What could be done:
If I delete a conversation, it should disappear on my side, and all the text written my me that appears on John’s side should be replaced by “Message deleted”.
Optionnaly, John should not be able to reply to such a message as it’s obvioys I don’t want to continue that conversation. In the case of multirecipients, my nickname should be removed from the participants.

In the case that both sides delete the same conversation, this could be permanently erased from the database.

Does all that make sense?

@shamim51
About report integration

While integrating with wp core export feature is a good idea, I think that many of us will prefer a GDPR plugin that offers more features. The wp core feature doesn’t have a frontend for the user (to make requests) and it is not an automated process.

The most popular GDPR plugins are WP GDPR Compliance
and GDPR

The first one supports plugins on demand by popularity. I will request support for FEP and I suggest the FEP users that read my post to do the same thing.

The second one supports partially FEP but their report information is rather useless. You can see how many messages and announcements are read/unread and that’s all. The report is raw data where you see even fep tables with the database prefix and I am not sure this is safe.

If you think that it is necessary you could communicate with the developers of these plugins to see how they can integrate FEP in a proper way.

I didn’t explore other GDPR plugins so far.

Cheers

@georgio-1
I will try to implement first with core.
Then will try to implement with one or two popular GDPR plugin.
As i am redesigning this plugin, i will do this after more testing of current beta version. You can also assist me for testing. Please see https://www.ads-software.com/support/topic/need-help-for-testing-new-beta-version-10-0-1beta1/

Hi @shamim51

I have just installed your FEPM ver 8.4 plugin and am impressed with it’s functionality we are looking to purchase the pro vision after more testing as we need a PM system with email capabilities.

In agreement with @georgio-1 about GDPR requirements I will say that the WordPress core GDPR reporting is miles better the that of GDPR (true knowledge) I know everybody is making great efforts with gdpr but Trew knowledge report needs to be a lot more coherent before I would use it, and it also clashes with many users existing cookie setup.

Just a seed of thought, could I suggest if the FEPM directory could be more obfuscated and have the option to show either the current default or show the members first and last name only instead of first part of the email address. this would be better for our members to chose when creating a group for continuous use.

As we are testing your new version 10.x do you need more input on your new version or have you received enough feedback?

The only feedback I can give currently on ver 8.4 is that the login top banner seems a little buggy as regards logging in I had to de-check it so that it would not display as every time I clicked a button option (say to go to message box from new message) it wanted me to login again when I was already logged in so after disabling the top banner the problem went away.

Otherwise a great plugin addition, and we are another potential customer for the pro version after testing.

Let me know your thoughts about testing V10.x

Andrew

• This reply was modified 6 years, 7 months ago by andrewmperryman.

Hi @andrewmperryman
Thank you for your interest.
You can set which name of user will show using fep_filter_show_which_name filter.
Can you please elaborate a little where it showing to log in, if already logged in? You can create a new topic for that.

I have already added personal data export feature in 10.x beta version.
Eraser is little bit tricky here, Need more thinking about that.

Need more feedback for 10.x beta testing. Please see https://www.ads-software.com/support/topic/need-help-for-testing-new-beta-version-10-0-1beta1

Hi @shamim51

Thanks for the heads up as regards fep_filter_show_which_name

As you don’t have any documentation on the above filter on your site, I did eventually find this filter in your function.php and made the necessary changes now all is good.

Ill do what you asked and start a new topic for the login reprompt when the top banner is enabled.

This plugin is fantastic and well structured and exactly what we want as a private email prompting messaging facility for our members and group leaders.

Once I get the go ahead I will purchase the Pro version for a single site or should I wait until you release version 10.x?

Andrew

• This reply was modified 6 years, 7 months ago by andrewmperryman. Reason: added missing text

i prefer for version 10.x. because some part of the current version will not be compatible for that version.