Problematic IP address fields

The GDPR is something I take very seriously.

However, my forums do not have legal teams to pick through this new and poorly-defined law.

The fines are huge, and there are always axe-grinding members looking to cause trouble for a forum. For me to keep running forums, I need to know the software I’m using is compliant with the new law.

If I interpret the law correctly then we need to ensure the following:

  • If IPs have been stored for users without their consent, they absolutely need to be scrubbed from our database and no longer stored for anonymous visitors.

  • When a signed up (or signing up) user visits the forum they need to see a consent screen with an unticked box and an explanation of how the IP will be used

  • If consent is not given, they cannot be allowed to use the forum.

For the record, I absolutely deplore laws like this as do a poor job of protecting our rights yet they harm millions of businesses and scare the hell out of well-meaning and ethical operators.

I’m absolutely relying on the Discourse team here to take some action to protect its forum operators.

1 Like