I've been looking with interest at the new privacy plugin and it is a great step forward. However we will not be able to use it in its current form and I wonder if we are alone in this (and to be honest - wonder how others are not in the same position).
I think the way it works: user making request, request approved by DPO role, user downloading data is very easy for an end users point of view but we still cant use it and will have to disable this on our live Moodle.
Why? Simply because the data the student gets direct from the database has not been looked at to see if there is anything that needs to be redacted. A user quoting another user for example, a user who may happen to write on a forum post personal data about someone else etc.
I have heard some arguments that suggest forum data does not need to be treated the same way, that something a user posts is their own data even if it includes data of others as this data was in the public domain. I have not found any evidence to support this or similar views however so I am left with the position of forum posts that may need to be redacted. When a student takes their download from Moodle - we may be actually giving them someone else's data along with their own.
Even if this isn't the legal problem I believe it is, our college policy is to go through data and redact where it does not apply to the data requested and legally entitled to, so we will have to do this regardless.
What are others thoughts on this? I can't believe I am the only one to think of this - but I have not heard any one else mention this issue?
Because of this I am going to have to have a "close to live as I can make it" MIS system that these requests are processed on - when the college receives a DSAR that I can then download myself and pass on to the DPO do deal with accordingly. I ill have to disable the functionality in our live Moodle.
It would be great to get some views on this matter from the community.
We are hoping to provide additional controls over how the generated exports will be made available but we have not yet completed this work.
We have taken care to only include the data that a user should have access to and it should not require any further manual intervention.
In the case of a user quoting another user, I believe that this should be included in the export - the DSAR should contain relevant contextual information - the content of parent posts is configured relevant and contextual in my opinion -- the fact that the information is readily available in the forum anyway makes this a little unusual anyway.
I would recommend that your organisation speak with a lawyer specialising in the GDPR and privacy law regarding these questions.
I think this is one of the areas that is a little grey and until case law makes it clear there will be two schools of thought on this. Speaking totally personally, I am inclined to agree with you - after all the user is only getting something that has already been shared with them. However the current college policy is that this has to be redacted - has been since before we were talking of GDPR.
Time will tell if this policy changes - but I suspect that even if they decide to no longer redact content like this they will still want to check through it before releasing the data.
Like many here, policy is outside of my control and I just have to try and implement it as best I can. Having the options you discuss will help give us the flexibility we need whatever the outcome - so this sounds very positive
Tim Gildersleeve, VLE Manager, Bradford College.