"Forget me" feature

[fedir]

Let's find how we could implement "Forget me" feature (one of the most important points of GDPR).

What it could be :

• Creation of transversal layer in all TYPO3 system, where all contents and data, related to the FE user are tracked via, for example, "feuser_private_data_mm" relations, where any FE user generated content could be tracked;
• Backend module for controlling all these records by admins;
• Mechanism of safe deletion request, which will safely remove those data and contents.

Ressources:

• https://gdpr-info.eu/art-17-gdpr/
• https://techblog.bozho.net/gdpr-practical-guide-developers/

[georgringer]

TBH I dont see this as so important for TYPO3 as in only rare cases fe_users create content and if this is done on a system, this can easily be embeded in the custom extension

[nostadt]

I see your point but such a feature or configurable service would be handy. Yet I understand that this feature may should be located in an additional ext.

Let's say EXT:gdpr provides a configurable Service and a respective fe plugin & each 3rd party providing fields for custom data comes along with the required configuration. An admin or editor just needs to place the fe plugin on a desired page once and with each additional activated ext. the new custom data are deleted automatically. Further it's always the same configuration and admins or editors - depending on the configured acl - can easily figure out the configuration. On the other hand, if every ext. develop it own it's own there will be surely various implementation and sometimes not well structured.

[nostadt]

I can imagine this feature is somehow related to #6 as basically same data needs to be gathered and then processed. May be a good call to wait for the implementation of https://typo3.org/community/teams/typo3-development/initiatives/persistence/ either.