Bitcoin Forum
April 25, 2024, 02:04:05 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Meta > Request for forum privacy policy statement
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Request for forum privacy policy statement  (Read 538 times)
5cMXezpBtm (OP)
Full Member
***
Offline Offline

Activity: 233
Merit: 100


View Profile
May 28, 2015, 08:37:44 PM
 #1
Hello,

in response to the answer to my question about registration IP address storage policy in this thread, I would request a forum privacy policy statement about what user specific data is stored for what reason how long and who has access to it, and if there is any data retention policy. The posts are stored, obviously, but what about other data, especially data, that the user cannot see himself.

I think this forum provider, as taking part of the high technical profile of the Bitcoin spirit should be an example for having a good transparent privacy policy and therefore should create and state this privacy policy in a permanent link, readble for everyone, if registered or not, and that link should be advised for every user that wants to register.
1714053845
Hero Member
*
Offline Offline

Posts: 1714053845

View Profile Personal Message (Offline)

Ignore
1714053845
1714053845
Reply with quote  #2
1714053845
Report to moderator
Even in the event that an attacker gains more than 50% of the network's computational power, only transactions sent by the attacker could be reversed or double-spent. The network would not be destroyed.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1714053845
Hero Member
*
Offline Offline

Posts: 1714053845

View Profile Personal Message (Offline)

Ignore
1714053845
1714053845
Reply with quote  #2
1714053845
Report to moderator
1714053845
Hero Member
*
Offline Offline

Posts: 1714053845

View Profile Personal Message (Offline)

Ignore
1714053845
1714053845
Reply with quote  #2
1714053845
Report to moderator
1714053845
Hero Member
*
Offline Offline

Posts: 1714053845

View Profile Personal Message (Offline)

Ignore
1714053845
1714053845
Reply with quote  #2
1714053845
Report to moderator
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1616
Merit: 1003



View Profile
May 29, 2015, 12:52:04 AM
 #2
I second this request, in particular to defining a data retention policy for items such as:
- user access logs
- cookies, IP address and user agent
- deleted posts and messages
- archived database backups

For example, if the policy states that deleted posts are first soft-deleted and kept one the database for 5 years before hard deletion, and database backups are kept for 2 years before being destroyed, then it would be clear to everyone that deleted posts can be recovered for up to 7 years after the initial deletion.

It can be a liability for the forum to keep data around indefinitely.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5180
Merit: 12884


View Profile
May 29, 2015, 01:31:26 AM
 #3
- Logged IPs are kept forever. However, not all IPs that you use to access the forum end up getting logged.
- There are no per-user access logs (aside from what you're doing now, the last-read post in topics, etc.). There are normal web server access logs, but these can't be reliably tied to specific users; these logs tend to be deleted after a month, but no guarantees.
- Deleted posts are kept forever. Edit logs are kept forever. But if I ever start running low on space, I reserve the right to delete some of this.
- PMs are deleted from the database when everyone who can read the PM deletes it, except for certain users who for legal reasons have additional retention. These users are warned of this condition (except where required by law), though there's no warning when communicating with such users.
- Changes/deletions to trust ratings and settings are currently not saved.

Note also that data deleted from the database may still exist in backups, potentially forever.
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
dogie
Legendary
*
Offline Offline

Activity: 1666
Merit: 1183


dogiecoin.com


View Profile WWW
May 29, 2015, 01:39:19 AM
 #4
Quote from: theymos on May 29, 2015, 01:31:26 AM
- Changes/deletions to trust ratings and settings are currently not saved.

Probably a good idea to start recording those.
ASICMiner Blade | ASICMiner Cube | ASICMiner Tube | ASICMiner Prisma | Avalon2 | Avalon3 | Avalon4 | Avalon6 | Spondoolies SP10 | Spondoolies SP20 | Spondoolies SP30 | Spondoolies SP35 | Technobit HEX8A1 | HEX16B | HEX4M | 2HEX4M | AntMiner S1 | AntMiner S2 | AntMiner S3 | AntMiner S4 | AntMiner S4+ | AntMiner S5 | AntMiner S7 | AntMiner S9 | AntMiner C1 | AntMiner U3 | RockMiner R-Box | RockMiner New R-Box | RockMiner R3-Box | RockMiner T1 | HashCoins Apollo | HashCoins Ares | KNCMiner Jupiter | Noncetech Sampo | Yiazo Bitfury | BTCGarden AMV1 | Bitmine Coincraft Desk | HashRatio Tsunami | XBTec Pacific 1250 | BitCrane T-110 | Black Arrow X1 | AMT 1.25TH | HexFury | BiFury | NanoFury II | Gigampz PSU | Power Supplies | Manufacturer Trustworthiness | Disclaimers | Meta
TECSHARE
In memoriam
Legendary
*
Offline Offline

Activity: 3318
Merit: 1958


First Exclusion Ever


View Profile WWW
May 29, 2015, 04:12:22 AM
Last edit: May 29, 2015, 06:50:57 PM by TECSHARE
 #5
Quote from: theymos on May 29, 2015, 01:31:26 AM
- Logged IPs are kept forever. However, not all IPs that you use to access the forum end up getting logged.
- There are no per-user access logs (aside from what you're doing now, the last-read post in topics, etc.). There are normal web server access logs, but these can't be reliably tied to specific users; these logs tend to be deleted after a month, but no guarantees.
- Deleted posts are kept forever. Edit logs are kept forever. But if I ever start running low on space, I reserve the right to delete some of this.
- PMs are deleted from the database when everyone who can read the PM deletes it, except for certain users who for legal reasons have additional retention. These users are warned of this condition (except where required by law), though there's no warning when communicating with such users.
- Changes/deletions to trust ratings and settings are currently not saved.

Note also that data deleted from the database may still exist in backups, potentially forever.

It might not be a bad idea to contact a lawyer and have him help you write a policy out for your own personal liability reasons. I know you usually shy away from this kind of stuff if you can, but it could cause you and the forum problems down the road if you don't. Making a TOS for the site also protects you.
Leeroy Jenkins
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250


Mmmh mhmhh mmmm.


View Profile
May 29, 2015, 08:07:53 AM
 #6
Quote from: dogie on May 29, 2015, 01:39:19 AM
Quote from: theymos on May 29, 2015, 01:31:26 AM
- Changes/deletions to trust ratings and settings are currently not saved.

Probably a good idea to start recording those.

I agree. 1) why not? and 2) we should always remember abusive cases like Inaba.
.























Federal Trade Commission vs Butterfly Labs













Made ya look. ; )



























brush242 ( https://bitcointalk.org/index.php?action=profile;u=199652 ) aka TheBitcoinimist aka Rush Reid aka Ken Hunlenton aka Steve Reid aka perfectlycromulentword aka Stephen Mark Reid says: "BFL is fucked" READ THE EARTH-SHATTERING COMMENTARY AT >>>> https://bitcointalk.org/index.php?topic=150803.msg9614841#msg9614841 <<<<
Pages: [1]
  Print  
Bitcoin Forum > Other > Meta > Request for forum privacy policy statement
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!