I think that either for recent Cambridge Analytica affair or new EU law about privacy (GDPR), it could be better to enable users to delete all the data relating their accounts by themselves.
At the moment ketkew rightly introduced a new scenario. He said "What if I need to give to the authorities all the data regarding a certain period?". Currently I don't know how big have to be this period. I don't know what different countries laws says. But the main item was focused on the capability of the user to delete his own account. Maybe it could be useful to have a lawyer in this topic...
I think that backup data daily is a separate process which is already arranged by the backup plugin. If the account is postponed deletion for x time it has 2 advantages:
1. if the user has deleted their data but after 2 days he/she has regrets the choice, the user is able to activate their account again (especially if the user has x years of user data on your site)
2. as said earlier, in case of irregularities with a user (or more important: more users), you have the user data directly availabl... moreI think that backup data daily is a separate process which is already arranged by the backup plugin. If the account is postponed deletion for x time it has 2 advantages:
1. if the user has deleted their data but after 2 days he/she has regrets the choice, the user is able to activate their account again (especially if the user has x years of user data on your site)
2. as said earlier, in case of irregularities with a user (or more important: more users), you have the user data directly available. Restoring a backup is time consuming and you have to do that in a separate environment (next to your live and dev sites)
I think the period should be variable set by the admin so that everybody could decide by themselves how long this period will be. GDPR is EU only, other continents/countries handles different privacy laws, therefore the time slot should be variable
Ow and Dusty Lor, just for your information: I just read the GDPR rules and also the "right to be forgotton" rule is applicable for backups. So if a user ask to delete their account it also should be removed from the backups...
ketkew so which could be the best practice? Deleting all the backups after a user deleted his account in a couple of days or something like this... maybe?
The law says that the user data should be removed from backups as quick as possible but it doesn't indicate the period. Because it is not workable to delete user data per request from the backup you can apply the policy to store the backup for one week or month and after that remove it from your storage. If you notice this procedure in your terms-of-service or privacy policy then it would be transparent enough.
Deleting all the backups after a user deleted his account in a couple of days or something like this... maybe? -> lol, if i want to hack your backup file, just sign up and then delete my account
7
votesDeleting User account by the User himself