as the example mentioned earlier, if you have some more personal info in posts. say if you are a professor in some major, you mentioned more other related things, it does not help find you directly, but if combine all these info, it might be pretty easily find who you are on the univ’s website … you could think of other examples as well …
you may not care about this, some people do care about this…
yes, this chance is low, but in some type of (non-tech) forums focusing on other topics, people talk about personal things a lot. the chance there is much higher, comparing to the forum like this.
again, this request is for an option, not force to…
your questioning on the chance is valid, nobody questioned about that, we did not miss the point.
while, the request for an option is valid too, hope you support this request too…
That example is actually against hiding IP, because it is matter of another data. But what ever. I don’t think this isn’t going forward now until comes out some realistic threat scenarios.
I don’t see this topic is worth of work time, that’s it.
Well, that’s it. You don’t have anything hard to show why IP shouldn’t see IP of an user. And this starts to be ridiculous now. So I’m out. Please, do not mention me anymore because it forces me follow this.
Whether or not it’s required by any specific law, we recognize that it would reduce friction for some organizations to adopt Discourse or to delegate moderator responsibilities more widely, due to their own internal policies or interpretation of risks associated with moderators seeing users’ IP addresses.
That said, it is not a current priority.
I’ll put pr-welcome on this feature, but if anyone is considering picking it up, check in here first to discuss how to approach it.
Unless you’re on Tinfoil Anonymous that sounds like a WILD exaggeration. I bet if you put up a poll on this site it would be almost NOBODY that cares, and likely even more in the “I don’t even know what that is” group then the “oh no stranger danger”
So in this case wouldn’t it be far easier to just…find them on Facebook? A “non-tech” forum consisting of people posting private information (such as in a professor working on this major lol you wouldn’t n ed an IP) wouldn’t be the people scared about being IP tracked (for one, they wouldn’t understand that, and two they’re already posting personal information) so this is literally the exact group that WOULDN’T care about it. Anyone paranoid enough or being hunted down by a public IP are not the people talking about themselves to thousands of random strangers on public message boards
oh, I got why you think the example is against hiding IP. I did not make it clear enough… let me try again… basically, on a forum, folks could talk about their personal things, like being a prof. major, research and so on, but they would not say the city or anything about location for privacy concern… while the location/city info could be inferred from IP for someone has access to it.
combining these together, someone could be easily identified. does this explain it ?
some people do care about this …
according to GDPR in EU, “ID addresses are indeed considered personal data,…” or PII.
There was several wrong claims and errors. And at same time you accused CDCK making really expensive crime because they are storing the IP that was used when registrated. Quite bold move.
And GDPR doesn’t say that. One interpretation suggests so. And again — if an article doesn’t even know how legislation happens in EU it isn’t very trustworthy. Plus out there is actually three different acts, and that was referring to gate keepers.
GDPR means that:
Typically, the IP address of visitors is stored in the server logs and is a required piece of information for technical operation and security purposes. In the administration of the forum, the IP address may be utilized to investigate instances of misuse. IP information is not publicly disclosed and may be accessed by designated forum roles for moderation purposes only. The IP information remains stored in the server logs for a period of X and in backups for a period of Y. In administrative records, the IP address used for login is retained for as long as the user remains registered or until it is changed by the user. The IP address is not used for any other purposes.
So. Now it is totally legal. You are welcome.
And now I will make things that way this topic defenetly not wake me up as I asked. Straightly said: this would be more useful if even would know what GDPR is made for:
don’t store unnecessary personal data
tell what you are collecting, why and how long, and who can use that data
In the US if someone is using their real IP you can find the general region they are in and then use that to phish for some general info and you can usually find their address through any of the websites that aggregate people’s personal information.