Visibility of the usernames in content status info should be configurable (for privacy reasons) - DONE!

This would be a really nice feature for this plugin.

In Germany we have strict data protection guidelines.
Please develop a feature to disable the user and the timestamp for "last viewed". Especially for non system administrators.
Currently every user can see the the name of the last viewer. That could be a reason for deactivation the addon after a inhouse vertification.

I have to agree with Florian Scheer that is is an issue for German customers. We have strict policies and works council wouldn't accept using the add-on with this functionality. 

Right. The issue is addressed by employment law and company agreements. Would be sad when we are required to discontinue the use of this plugin just because of an unexpected side effect of the core functionality. And this request doesn't touch this core.

If you have pages with sensitive content you don't want everyone to be able to see who last viewed these pages.  Other arguments were already written

Just FYI I moved this user story to next sprint, so this should be available in the next app version. (There is no public release date, though.)

@aron, thats great to hear!

We have the same issue at our firm: because of that we had to switch off the Content Status Indicator Module, but it still would be great to reatin the Status indicator without showing the last viewer of the page.

Dear Aron Gombas,

It's September 2018, any news on this feature? Is it ncluded in the meantime?
This feature is vital for us, otherwise we can´t buy/start with your tool

Looking forward to your response!

Regards

 Niko

Good thought to ask, Niko. I second this request. it's still relevant for us too. And as we start budgeting, for now it is OFF our list. i'd like to bring it back.

We already use Archiving Plugin,

but this would be an interesting feature for us, too.

Dear everyone, thanks for pushing this!

Last week I looked deeper into this and outlined the simplest approach to implement this. We're now working on the first prototype!

I really hate making promises about moving parts, but if we are lucky, then it should be out in 1-2 weeks max. I will keep you posted here!

Dear Aron,

Thanks for your answer, I appreciate that!

Pls. keep us informed, if there are news regarding release date.

Regards

 Niko

Hey Everyone,

Need your quick opinion here.

We have a working prototype which works like this (simplified!): if the corresponding option is turned on, then "N/A" or some other static text will be displayed instead of the actual username of the last viewer and/or last updater. But, the view and update tracking itself will work like before and will store the usernames in the database. In other words, it is a display-only feature.

Question is: is this approach compatible with the legal regulation you mentioned?

1. Is this sufficient not to display the actual usernames?

2. Or, it is required not even store those?

Dear Aron,
In my mind this is sufficient. As with web/ip tracking much more is possible (but illegal) the main concern was the pure visibility of this for everybody without any restrictions.
Unfortunately it is after working hours here in Germany I can‘t ask my lawyer before Monday. Then I get the safe answer.
Thank you for this update!
Michael

Dear Aron,

this solution could be accepted by users, it is a good first step. But the problem in the whole European Union (not only Germany) is the fulfillment of the EU GDPR (General Data Protection Regulation) since May 2018.

The question is: What is the purpose of storing the viewer's usernames? Is it necessary for any function?

The EU GDPR says in Chapter II, Article 5, 1.(b) and (c):

- Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; [...]

- Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

So, if there is a specified purpose for storing the names and the users know about it, it is okay and the solution is fine. If not, the principle of data minimisation is violated.

Great summary Ralf.

My legal Department gave me two answers:
1. It would be ideal if these data were not stored when there is no clear purpose - just as you explain, Ralf. Is there a purposeful reason to achieve the archiving functionality, then it is fine.

2. If the effort (to modify the plugin so it does not store the data) is too big (f.ex. doulble the plugin price) then it would be sufficient to anonymize the display (principle of proportionality) - but then it is required that the stored data cannot be extracted by admins to create user-specific reportings. How easy is it to get the Data? Is this visible to every admin or is it deep down in a database and just programmers can see them? 

Hope this helps, Michael

Thanks for your feedback on this.

So, the data is stored in the database, therefore it is visible only for those who can access the database and run SQL queries. In other words, it is not visible even for your Confluence admins.

The purpose of storing this data as the "page view tracking" feature is designed to be symmetrical with the "page update tracking" feature. With page updates, it is critical to understand who updated the content. You can argue if this is critical to know the same with page views, but keeping consistent behavior between two "identical twin" features is important for many.

All in all, we will first implement this with "hide the info from the UI" approach.

UPDATE: in the meanwhile, we have a working prototype! I am looking into this now, and will share with you soon (hopefully).

Another update: although the prototype is promising, this change has a wider effect on the app that I initially anticipated.

We need to work a little more on this, thanks for the patience!

Hello, here are some preview screenshots. As you see, we implemented "anonymization" on 4 screens. Right now we are implementing this for notification emails.

Can you confirm these cover all contexts in which you wanted to hide usernames?

(Note that "last viewer" and "last updater" can be shown / hidden separately, using two separate switches.)

Context 1: Content Status Indicator

Context 2: Content Status Browser

Context 3: Expired Pages list

Context 4: Not-viewed Pages list

Context 4,5,...: Notification emails

(No screenshot for now.)

Hint: Zendesk is pretty lame with high-resolution images, it seems. If you wanted to see the screenshot in full size, just right-click on them and select "open image in a new tab".

I Like it.
That would meet our requirements.
Two Independent switches are very good, because I think "last updater" is not necessary critical.

Dear Aron,

"(Note that "last viewer" and "last updater" can be shown / hidden separately, using two separate switches.)"

Perfect, this is what we need!

Thanks and looking forward to see the results!

Regards
 NIko

cool. want it! Or as we say here habbewill:-)

Quick heads-up: we're currently running functional and stress tests with 1M anonymized pages. So far, so good.

I have great news to share!

The fully functional, tested preview of the next Archiving Plugin version can be downloaded here. It comes with the two switches that hide the usernames of the last viewer and last updater persons. The preliminary documentation of this feature is here.

Like I wrote before it was thoroughly tested and works perfectly.

We want to include some more changes in this version, so the official release will come a little later. But I thought you may want to use this feature before the official release, so thought this "early access" would create.

Happy anonymizing!

Perfect, thank you!

deep bow of appreciation, Aron:-)

Glad to hear you found it useful, guys.

If you wanted to express your appreciation, may I ask you to write a short review on the app's page?

That'd be a tremendous help.

Dear Aron,

Thanks a lot for your effort.

Is this version ready for productive use, or should we wait for the final release?

Thanks again and great job!

 Niko