Page Index Toggle Pages: [1] 2 
Topic Tools
Hot Topic (More than 10 Replies) Disable user's ability to delete themself (Read 11,965 times)
AntonioK
Senior Member
****
Offline



Posts: 978
Location: Russian Federation
Disable user's ability to delete themself
May 8th, 2009 at 5:06pm
Post Tools
On the big forums admins fight with the user's clons. But YaBB allows users to delete themself in the profile. So, when bad-bad some user needs to "start from the beginning again", he just delete his profile. It is horrible!

Needed the enable/disable user self-deletion checkbox in admin center. It is 10 minutes of work. On my forum, I just killed this button in code.
  

If you're interested on History... If you have some sense of humour... The Historian of Female.
Back to top
IP Logged
 
deti
Legacy Dev Team
Development Team
****
Offline



Posts: 2,650
Location: Prien am Chiemsee, Germany
Re: Disable user's ability to delete themself
Reply #1 - Jun 15th, 2009 at 12:03am
Post Tools
Added checkbox to dis/enable users from deleting them self.

New files in SVN.
  

Was immer Du tun kannst
oder erträumst tun zu können,
beginne es.
Kühnheit besitzt Genie,
Macht und magische Kraft.
Beginne es jetzt.
Whatever you can do
or dream you can,
begin it.
Boldness has genius,
power and magic in it.
Begin it now.
J. W. Goethe
Back to top
WWW  
IP Logged
 
OH Eng
Past Team Members
Documentation Team
Offline



Posts: 4,026
Location: Pensacola, Florida USA
Re: Disable user's ability to delete themself
Reply #2 - Jun 15th, 2009 at 3:57am
Post Tools
Warning for users in the US:  Consult an attorney before you enable this feature.  Enabling this option can put your forum in violation of US Telecommunications law or state laws regarding retention of private information.  Two large firms in the US had their sites shut down just in the past month for not allowing internet users to delete information they placed on their websites (by submitting information required to sign up).

One upset user and $65 gets a court order blocking your entire domain (all of them) until it gets resolved in court (months).





  

 
Back to top
 
IP Logged
 
cepheid
Senior Member
****
Offline



Posts: 516
Re: Disable user's ability to delete themself
Reply #3 - Jun 15th, 2009 at 4:40am
Post Tools
OH Eng wrote on Jun 15th, 2009 at 3:57am:
Enabling this option can put your forum in violation of US Telecommunications law or state laws regarding retention of private information.Two large firms in the US had their sites shut down just in the past month for not allowing internet users to delete information they placed on their websites (by submitting information required to sign up).

I am not an attorney and this is not legal advice, but:
I don't think this is of any concern from a legal standpoint.  Even if a user may not delete himself/herself, s/he can still remove all private information.  The only private information required for sign-up is an email address, and that can easily be changed to any random address (real or not).  Any other required info is private only if the admin has enabled Extended Profiles, and even then that info can be replaced with fake info.  Since none of the user info is retained except in backups (whence the user's self-deletion wouldn't matter anyway), the user has the ability to remove all private info even if s/he can't delete his/her account entirely.

I'm not a lawyer so I could always be wrong, but I think that being able to remove or fake all private info fully satisfies these restrictions, which don't state that a user must be able to delete an entire account, but only private info.

Repeated disclaimer: I'm not a laywer. Smiley
  
Back to top
WWW  
IP Logged
 
deti
Legacy Dev Team
Development Team
****
Offline



Posts: 2,650
Location: Prien am Chiemsee, Germany
Re: Disable user's ability to delete themself
Reply #4 - Jun 15th, 2009 at 8:14am
Post Tools
Hmmm, I understood your concerns OH Eng and I think cepheid is right too.
But then, what with private info in posts a user might have written in there? He normally can't delete or modify it after a while!?!
« Last Edit: Jun 15th, 2009 at 8:16am by deti »  

Was immer Du tun kannst
oder erträumst tun zu können,
beginne es.
Kühnheit besitzt Genie,
Macht und magische Kraft.
Beginne es jetzt.
Whatever you can do
or dream you can,
begin it.
Boldness has genius,
power and magic in it.
Begin it now.
J. W. Goethe
Back to top
WWW  
IP Logged
 
cepheid
Senior Member
****
Offline



Posts: 516
Re: Disable user's ability to delete themself
Reply #5 - Jun 15th, 2009 at 8:28am
Post Tools
deti wrote on Jun 15th, 2009 at 8:14am:
He normally can't delete or modify it after a while!?!

Quite true.  This is why the Registration Agreement should specify that if a user wishes that any private information (including posts) be removed, s/he should email an admin and the information will be removed within some timeframe (say, 1 week).  That does put the onus on the admin to remove the info, but puts the onus on the user to request it.  This should avoid any legal issues (assuming the admin actually removes the info) because there is a "way out" for the user regardless.

Of course, I am not a lawyer. Wink
  
Back to top
WWW  
IP Logged
 
LoneWebSurfer
Past Team Members
Offline



Posts: 1,279
Re: Disable user's ability to delete themself
Reply #6 - Jun 15th, 2009 at 9:16am
Post Tools
deti wrote on Jun 15th, 2009 at 8:14am:
But then, what with private info in posts a user might have written in there? He normally can't delete or modify it after a while!?!

I have searched and searched for information regarding forums and legal ramifications of not being able to delete ones account. not much out there on the subject, however there was some questions on ask yahoo and the general conception is posts.. are property of the site and nothing can legally happen to site owners for not deleting a post.
That being said.. I think OH_Engs advice is directed more to a users inability to delete there account if this feature is enabled...not necessarily their posts.
I my humble oppinion however.. If a user wants to delete there account.. then they can but thats just me.. and if they wanted any of there posted edited.. then I would go thru the pains to try to edit them within reason of course.
  

Closed all my sites due to lack of Internet access
Back to top
WWW  
IP Logged
 
OH Eng
Past Team Members
Documentation Team
Offline



Posts: 4,026
Location: Pensacola, Florida USA
Re: Disable user's ability to delete themself
Reply #7 - Jun 15th, 2009 at 2:37pm
Post Tools
The issue resulted from a person who signed up on a company's website.  They purchased a product from the company and in the literature packed with it was a site they could go to with information about how to use the product.  They went to the site and signed up.

After a few weeks, they were hammered with spam and knowing that was the only place they used that email address, they elected to delete their account.  There was a delete feature - a button - but it was intentionally disabled.  Calls to the company asking to delete the account resulted in promises to do it, but they didn't.

So the customer sought legal recourse and filed suit.  Along with the suit they petitioned the court to disable the domain until it could be resolved... and that's what the court ordered.  They disabled all 11 domains owned by the company and scheduled a hearing for 3 weeks.  Imagine how much money they lost just in 3 weeks?

The court referenced language in the last two US telecommunications act and in state law that prohibits retention of personal information on a sign up type account.  Of particular note was that a delete account feature was available, but blocked.  That was the thing that made them issue the domain block.

I'm not a lawyer either... but I work for a telecom company and this is all over the trade publications and many are scrambling now to put something like this in place to keep from getting shut down over a single user issue.  I was briefed by guys in our corporate legal department about it, and I don't know the full implications of it.

But I would rather warn users they may run afoul of the law by doing this than have them find their domains blocked one day.

  

 
Back to top
 
IP Logged
 
deti
Legacy Dev Team
Development Team
****
Offline



Posts: 2,650
Location: Prien am Chiemsee, Germany
Re: Disable user's ability to delete themself
Reply #8 - Jun 15th, 2009 at 3:14pm
Post Tools
No probem to add something like this OH Eng. What text do you suggest? The one from above?

Quote:
Allow users to delete their Profile?
If checked a Submit-Button will be added to the users Profile to remove himself from the forum.
Consult an attorney before you enable this feature.  Enabling this option can put your forum in violation of Telecommunications law or state laws regarding retention of private information.
  

Was immer Du tun kannst
oder erträumst tun zu können,
beginne es.
Kühnheit besitzt Genie,
Macht und magische Kraft.
Beginne es jetzt.
Whatever you can do
or dream you can,
begin it.
Boldness has genius,
power and magic in it.
Begin it now.
J. W. Goethe
Back to top
WWW  
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 3,981
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: Disable user's ability to delete themself
Reply #9 - Jun 15th, 2009 at 3:41pm
Post Tools
OH Eng makes a good point here. 

This week I'll do some research on the EU's data privacy laws. They are much more restrictive that those in the U.S. 

A 'hot-off-the-presses' warning about data privacy from the EU.

http://www.msnbc.msn.com/id/29957812/

For those in the U.S, I have to say that IF a forum used (for instance) the proposed digest e-mail, it would most likely be covered by the CAN-SPAM Act

http://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003

Here's a sample of current sentiment:

http://redtape.msnbc.com/2009/06/kevin-a-40-year-old-from-sacramento-calif-likes...

Why am I posting this in THIS Topic? Because who owns your data, and do you have the right to rescind things is A BIG Issue.

As a webmaster and content developer, I agree totally that (given a proper notification) postings become the intellectual property of the site owner IN THAT CONTEXT - not for reuse in a different venue or distribution medium.

However, I would say the idea of a forum I could not delete MY membership from would really pee me off.  Particularly if i was not given a notification at the time of joining.

All that said, I think it is a bad idea.  Let there be some other mechanism.  Like one I have suggested before 'Inactive Members' (I'll resubmit this separately) , and something a little more graceful than 'ex-members' (maybe an Admin definable text field or Icon)

Besides, if you want to risk it, put it in a mod with the right disclaimer.  I'll be nice about what the disclaimer should be! "Use with caution and consult an attorney".

My opinion only.

Smiley
  

I find your lack of faith disturbing.
Back to top
IP Logged
 
OH Eng
Past Team Members
Documentation Team
Offline



Posts: 4,026
Location: Pensacola, Florida USA
Re: Disable user's ability to delete themself
Reply #10 - Jun 15th, 2009 at 4:55pm
Post Tools
deti wrote on Jun 15th, 2009 at 3:14pm:
No probem to add something like this OH Eng. What text do you suggest? The one from above?


Deti, to be honest I'm not even comfortable suggesting a text to be placed next to a feature, because I suppose some legal opinion somewhere would require something I'd miss.

All I'm trying to say is that in the past this has never been an issue, but because of things like Google cataloging everything on websites, sites collecting information without telling you, the public concern is starting to shift from a sentiment of "it's not that big a deal" to "Hey, what are they doing with my personal info?"  It doesn't help matters when things like Google Maps street view captures everyone's home in a picture, EXCEPT for the Google executives whose homes are not shown.  This leads to public skepticism about the purposes and intent of collected data.

I'm sure you've noticed over the years lots of little text at the bottom of sites telling you what they collect, links to explain what their cookie does/doesn't do, etc.  This is just the next generation concern over that kind of stuff.  The person filing the first lawsuit is asking - and I think rightly so - why is a site keeping my information if I choose to no longer participate in their optional program?  The thrust of the complaint was over the e-mail address, but there was other information addressed also.

The telecom industry has not had enough time to react to this new challenge yet.  It could have far reaching effects.  To give you an example, some things like ICQ or MSN allow you to restrict who can "add" you to their contacts.  Once you give them permission, there is no way to take it back, or change your mind.  So if you allow some spamming pest to add you to contacts, you are stuck with them having your contact info.  You can block them, but you can't take your info back.  No one yet knows how the industry will change or even IF they will change as a result of these legal challenges.

So I don't know what to suggest, really, it's too early to try and guess what is going to become of this.

Edited:
Suggesting a user enter bogus information instead of being able to simply delete their private information?   I'd like to see someone sell that idea to a court of law.  "Yes, your honor, we expected Mr. Jones to change his email address to yours, that way we wouldn't have his information any more.  We expected him to know that intuitively when he couldn't find a delete button."

I'm sure that would fly! Roll Eyes
« Last Edit: Jun 15th, 2009 at 10:12pm by OH Eng »  

 
Back to top
 
IP Logged
 
bokic
YaBB Newcomer
*
Offline



Posts: 1
Re: Disable user's ability to delete themself
Reply #11 - Jun 15th, 2009 at 8:51pm
Post Tools
Could anyone please send me PM with part of the code that enables / disables this part of the code? i'm using YABB 2.2.1.

Thanks in advance!
« Last Edit: Jun 15th, 2009 at 9:43pm by Jet Li »  
Back to top
 
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 3,981
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: Disable user's ability to delete themself
Reply #12 - Jun 16th, 2009 at 12:18am
Post Tools
@Bokic

This discussion pertains to a future version of YaBB - "YaBB3", these features are not implemented in the current releases.

Thanks for your interest.
Smiley
  

I find your lack of faith disturbing.
Back to top
IP Logged
 
ZachMatthews
Full Member
***
Offline



Posts: 107
Re: Disable user's ability to delete themself
Reply #13 - Jan 26th, 2010 at 2:50pm
Post Tools
I'm bringing this back to the top because I don't like the idea of my users getting into a spat with each other and then "taking their toys and going home."  The 'Ex-member' tag is way, way, way too prominent and leads to trouble when one member decides to delete himself.

Further, I actually AM a lawyer and I am not worried about the legal ramifications at all.  The only thing the intellectual property law requires is that boards and board owners not inappropriately claim copyright or ownership of content on their servers.  You could disclaim this, but in all reality, all someone who wanted to delete content would need to do would be to send an email to the board admin.  That puts the onus on the admin to delete content if the law requires it; users DO NOT have to have the ability to delete things on their own to comply with the law.  I'd much rather handle such requests personally than allow my board to look like a war zone.

Zach
  
Back to top
 
IP Logged
 
ZachMatthews
Full Member
***
Offline



Posts: 107
Re: Disable user's ability to delete themself
Reply #14 - Jan 26th, 2010 at 2:51pm
Post Tools
PS I'd also appreciate knowing where this code is so I can kill that option in users' CP menus.

Zach
  
Back to top
 
IP Logged
 
Page Index Toggle Pages: [1] 2 
Topic Tools
 
  « Board Index ‹ Board  ^Top