-
Improvement
-
Resolution: Duplicate
-
Minor
-
None
-
5.0
-
None
-
MOODLE_500_STABLE
Hello!
Today I used bulk delete to remove users, and I realized that it doesn't anonymizes the data.
Email adress is anonymized, but. The username is changed to the old email + a timestamp.
I replaced all usernames with a GUID, changed Firstname and Lastname to random names. And cleared out all the other fields "manually" (it was 9000 users, so ofc not line by line).
My suggestion is to change the user delete function, so that it changes username to a GUID, picks random firstname and lastnames and clears out the other fields.
Another approach would be to save the anonymizing part for tool_privacy. And let it handle it during data removal (Which actually don't remove the users from the database, nor makes them anonymous)
I can do the job. But I want a go or no-go before I do it.
At the moment, i'm not sure if we are truly GDPR compliant, without manual workarounds.