[BlueOnyx:21992] 5207R, 5208R and 5209R: EU-GDPR & EU-DSGVO compliance updates released

Mon Apr 30 21:30:31 -05 2018

Hi all,

We already discussed the upcoming deadline of 25th May 2018 until which
EU businesses must certify compliance under the new EU-GDPR (or in
German: EU-DSGVO) regulations.

The prior discussion can be found under this headline:

[BlueOnyx:21882] Re: EU-DSGVO - anonymize ip addresses in apache
logfiles / other logfiles?

I just published YUM updates for 5207Rm 5208R and 5209R which should
assist BlueOnyx server owners in the task of getting their servers
compliant.

Now as it is with any legal stuff I'll have to throw in the standard
disclaimer: I am no lawyer nor should anything I say be taken as legal
advice.

However: Just ticking a few checkboxes in the GUI will not make any
BlueOnyx "street legal" in the sense of the EU-GDPR/EU-DSGVO. Those who
are already familiar with the topic will know that proper certification
and compliance requires a thorough audit of servers, software, internal
procedures, record keeping, consent tracking and what not. (Am I glad
that I don't live in the EU anymore!)

But BlueOnyx now has an extra GUI page and some built in features that
help you to jump the new extra-hurdles that the clowns in Brussels have
set up for you.

You can read in detail about it here:

https://www.blueonyx.it/index.php?page=gdpr-dsgvo

It has also a screenshot of the new GUI page, which you can find under
"Server Management" / "System Settings" / "Data Retention".

Once you have these updates installed only two things will change
(mandatory) and all the rest is optional and can be configured via this
new GUI page:

Change #1: Logfiles in /var/log will only be retained for 14 days. It
used to be four weeks, but now it has been cut in half to err on the
safe side of things.

Change #2: Logfiles stored under Vsites (like: /home/sites/<site>/logs/)
now only inherit logfile snippets related to their Vsites which already
have the IPv4 or IPv6 addresses of visitors already anonymized. IPv4 IPs
get their last octet set to '0' and IPv6 IPs loose their least
significant byte, providing sufficient anonymization, yet still allow
attributability of traffic to some degree. As the data there is only
uses for historical or statistical purpose we can live with that.

However: This does NOT affect any data that has already been aggregated
before these updates got installed.

Means: You may still end up with Vsites that have 5 years worth of
logfiles with full IP addresses stored in their own logs directory.

For that reason the new GUI page allows you to purge both the server as
well as all Vsites of historical log data that was set aside for
statistical reasons.

Checkbox "Purge Usage Statistics" wipes the /logs/ directory of Vsites.

Checkbox "Purge Webalizer" cleans out all Webalizer directories.

Checkbox "Purge AWStas" only shows up if you have our AWStats PKG
installed and likewise allows you to remove all historical AWStats
statistic files.

Additionally you can configure SendmailAnalyzer to anonymize whatever
data it gathers for the onboard email statistics by setting a checkbox.

That - of course - does not retroactively anonymize any data that has
already been gathered. But there is a separate checkbox for that purpose
which allows you to remove all SendmailAnalyzer data files.

Lastly: If the AV-SPAM is installed this GUI page allows you to
configure that the Milter-GeoIP database records will be automatically
expired once they reach a certain age. The age at which it does expire
these SQL records is identical to the one in the "Vsite Usage
Information" pulldown on top of this page.

"Vsite Usage Information" (Pulldown). The default is 5 years.
--------------------------------------------------------------

Means:

- The logs of Vsites are kept that long.
- SendmailAnalyzer will keep its records that long.

A daily cronjob purges data that is older than that.

Individual Vsites might have different retention periods configured for
their logfiles and statistics.

However: If you now set this "Vsite Usage Information" to something
different like "1 year", then all Vsites that currently have their
retention period configured for *more* than one year will have it
reduced to "1 year". Furthermore no Vsite may change this value again to
something higher. Lower? Yes. Higher? No.

That way you can make sure that your siteAdmins don't keep their
logfiles indefinitely or for longer than you are comfortable with.

The AV-SPAM will also use this new maximum for expiring MySQL data if
the checkbox "AV-SPAM data expiry" is ticked.

I think that should cover BlueOnyx and EU-GDPR & EU-DSGVO compliance
from a vendor point of view.

Let me know if you have any questions.

-- 
With best regards

Michael Stauber