Delete account information for unused accounts

Bug #457431 reported by root
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
psiphon
Fix Committed
High
Robert Vasilev

Bug Description

An important obligation under privacy legislation is to get rid of old data that is no longer required. This is especially true of personal data.

So we need to implement some sort of capability that removes all user accounts that have shown no activity for some period (e.g. 2 years).

1. This should be an automated process (ie. cron job)
2. The inactivity period should be configurable (in config.php)
3. Two different inactivity periods should be configured:
    3a. For non-disabled users
    3b. For disabled users
4. The user classes to which this applies should be configurable (by default, it should not apply to Admins)

Related branches

Revision history for this message
Adam P (adam+) wrote :
Adam P (adam+)
Changed in psiphon:
status: New → Confirmed
Revision history for this message
Chris (poser) wrote :

...of all _disabled_ accounts that have shown no activity...

Revision history for this message
Chris (poser) wrote :

Also, a user should have the option to fully delete his or her account, rather than just disabling it and waiting for this (as yet hypothetical) time-out.

tags: added: poser
Chris (poser)
tags: removed: poser
Rod (rod-psiphon)
visibility: private → public
Rod (rod-psiphon)
tags: added: category2
Adam P (adam+)
tags: added: category2.1
tags: added: sprint3
Revision history for this message
Rod (rod-psiphon) wrote :

Operational database backup policy may need to be changed to meet policy requirements. I.e., destroy older backups after some point in time so old copies of deleted user information is not retained.

Changed in psiphon:
importance: Unknown → High
description: updated
description: updated
Robert Vasilev (vasilev)
Changed in psiphon:
assignee: nobody → Robert Vasilev (vasilev)
status: Confirmed → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.