[wp-trac] [WordPress Trac] #43175: Discussion - Pseudonymisation
WordPress Trac
noreply at wordpress.org
Mon Apr 23 17:03:20 UTC 2018
#43175: Discussion - Pseudonymisation
-------------------------+------------------------------
Reporter: xkon | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Resolution:
Keywords: gdpr | Focuses:
-------------------------+------------------------------
Comment (by David 279):
Pseudonymisation is important but not in the way you describe.
Under GDPR any personal data is still personal Data even just the IP
Address!, so if either DB is not encrypted then just gaining access to DB1
or DB2 allows the person doing so access to some personal data.
If you are going to use 2 Databases the the logical option is to stick all
personal data on DB2 and encrypt it with the key stored somewhere else.
Now I'm not a programmer etc, but the issue will be allowing people to
still login and post under their own name and letting them check their own
details, so you need to be able to encrypt/decrypt on the site, you also
need to be able to export the unencrypted personal data when requested,
further you need to be able to import and export users from a file as can
be achieved currently purely for admin purposes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43175#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list