Page MenuHomeMiraheze
Create Task
Maniphest T5495

We are not compliant with the GDPR
Closed, ResolvedPublic
Actions

Description

Today i found out we are not compliant with the GDPR. This is because just merging the account from <user> into GDPRAccount, does not mean all PII is deleted. Some extensions could hold PII that CentralAuth does not touch, or it could be ips.

https://github.com/miraheze/MirahezeMagic/blob/master/maintenance/PIIRemoval.php should be updated to initiate merging user accounts into GDPRAccount and deleting any PII.

Event Timeline

Paladox created this task.Apr 29 2020, 17:21
Herald added a subscriber: Zppix. · View Herald TranscriptApr 29 2020, 17:21
John raised the priority of this task from High to Unbreak Now!.Apr 29 2020, 17:35
Herald added a project: Amanda Catherine. · View Herald TranscriptApr 29 2020, 17:35
John assigned this task to Paladox.May 2 2020, 19:56
Paladox closed this task as Resolved.May 5 2020, 16:47
John changed the visibility from "Custom Policy" to "Public (No Login Required)".Apr 3 2022, 12:56
John changed the edit policy from "Custom Policy" to "All Users".
John edited projects, added Security; removed acl*security.
Herald added subscribers: Unknown Object (User), RhinosF1, Void. · View Herald TranscriptApr 3 2022, 12:56