Users can create privacy requests in behalf of other users

[tampe125]

Steps to reproduce the issue

1. Create two users, privacy1 and privacy2 with emails privacy1@exmple.com and privacy2@example.com
2. Log inside the site using privacy2 user
3. Create a new Privacy Request. When asked to, provide the email address privacy1@example.com instead of privacy2@example.com

Expected result

The request should be blocked or ignored

Actual result

An email arrives to user privacy1, with a token to confirm the Privacy Request.
First of all, this could be a little confusing, since out of nowhere a user could find an email with a privacy request.
Beside that, if by mistake user privacy1 confirms the request, there could be a lot of headaches especially if the malicious user asked to delete all data belonging to the user with email privacy1@example.com

System information (as much as possible)

Not applicable

Additional comments

Personally, I'd suggest to remove the ability to provide an email address. Users should be logged in to start a Privacy Request, so we already know who it is

[nikosdion]

The GDPR says that the DPO (or business owner, if the business is too small to warrant a DPO) must also accept requests by email or snail mail which solves this problem.

In the 3+ years I've been using my own GDPR compliance software I have received three emails asking for data deletion (all three had logins and logged into the site to delete their accounts) and served several hundreds automated requests on a user based of approximately 35,000 active users. This tells you the relative frequency of each mode of interaction.

Instead of doing that which is perfectly GDPR compliant, Joomla is allowing anyone and their dog to request actions be taken against the personally identifiable information of an unrelated party, thus potentially violating the GDPR. Sure, it requires the victim to confirm the request. However, the victim can be easily tricked by a spoofed email or some other social engineering method.

The most important problem I see is if someone is fooled into accepting a request to delete their user account. The business owner is legally required to honour this request and upon doing so is legally required to act as if the victim had never been a client of his business. I can see a massive issue for the victim and the business owner in this case. The victim has paid for a service they cannot get. The business owner is legally forbidden from providing this service or giving a refund. Should the victim make a chargeback request the business owner cannot defend themselves because any information they could use is legally off-limits. In the end of the day the business owner is shafted with a chargeback fee, the former client is pissed off and says nasty things about the business owner when it's neither party's fault.

Someone didn't think this one through at all. Sheesh!

[nikosdion]

So, it's a privacy toolkit which violates privacy laws. Got it.

Good thing that this morning I told Davide we should implement a workaround as a EDIT: OKAY I WILL NOT TELL YOU WHERE feature instead of bothering to fix it in the core...

[alikon]

can i suggest to tell @tampe125 to do a pr in the core instead ?
😄
there was some discussion on that in the 2018....
nothing that cannot be improved in 2021

@PhilETaylor can you please share the link for that old discussion....

[brianteeman]

Wow. No wonder Joomla users dont get to have nice things without paying for them. When you selectively quote comments completely out of context you do your opinion a disservice. Just as when you ignore the comment

"I'm reopening this as it is a valid issue to keep on the books and continue looking for ways to improve upon."

But you chose to ignore that and close it.

Don't bother including me in any comments. I've had enough of contributing my time voluntarily when others just see it as an opportunity to make money. Bye

[nikosdion]

@brianteeman EXCUSE ME?! Are you SERIOUSLY saying that I only care to make money out of Joomla? Are you kidding me?!

Let's begin with the fact that I have contributed to this project since 2009. I don't have a massive commit history like you, I'll give you that. However, you may have noticed that I am tackling the hard problems that nobody wants or knows how to tackle. I even contributed my backend framework to Joomla only for a PLT member to unilaterally decide I am not allowed to maintain it anymore and put my entire livelihood in jeopardy. You may have forgotten that I had to fork my own framework back in 2013 to make sure I still have a company to make a living, right about the same time I was hit hard by capital controls which threatened to put me out of business. I haven't forgotten that. And I STILL contributed to Joomla after that. So don't you EVER dare tell me that I am only interesting in making money off Joomla when Joomla itself has done its damnedest to put me out of business and I am STILL. CONTRIBUTING. TO. THIS. PROJECT. Your adding insult to injury is way too much, especially because you of all people should know better!

You may have noticed that I have just spent 80% of my last 10 days contributing a revamped Joomla Update extraction and fixing the issues which caused failed updates from 3 to 4 and even wrote the most detailed troubleshooting guide for updates instead of letting wrong and idiotic “advice” being peddled on the forum. Not only do I NOT receive any payment for that, not only I am taking time off the software people actually pay me to maintain, I am in actual fact making sure that nobody will know it has anything at all to do with me if lest they go through the Git commit log.

A big motivation for writing the Joomla Update PR is that it felt MORALLY WRONG for Joomla to include a file with my company's copyright as a vital part to its updater. So I put in the massive time commitment to rewrite this from scratch, in a way that Open Source Matters, Inc can claim copyright per the terms of the Joomla Contributors Agreement I signed all those years ago.

I have NEVER peddled my contributions to Joomla as a valid reason for people to pay me anything. In fact, I have always said that you only ever need to pay me for my Professional software if and only if you actually find value in the additional features over the free version and/or you want support from me (I'd love to give everything away for free but I need to support my family). My business site mentions absolutely nothing about my contributions to Joomla (except for mostly private tickets when I'm asked point blank what do I know about how a feature I contributed actually works). I don't use my involvement with Joomla to attract clients. My blog makes a passing reference that I am a frequent contributor, not sparing more than 5 words for it. Would you like to tell us what your business site and your blog's about page reads? Right. You should hire Brian because he's the Joomla co-founder and the first person to do Joomla training. And you have the nerve to talk about people who make allegedly money off Joomla... This would be funny if it wasn't such a pathetic attempt at gaslighting.

Regarding this issue, we bumped into it while working on our own site, trying to upgrade it to Joomla 4 and discontinue our DataCompliance extension because it's competing with a core feature and it just doesn't feel right. We can't tell people to use the core and have us hypocritically use an extension we wrote instead of the nearly identical core feature. Speaking of which, my DataCompliance extension predates com_privacy by well over six months and @mbabker copied most everything I did in DataCompliance for com_privacy, down to using the term “domains”, the same plugin events concept for exporting and removing data and the same code I was using for a captive login. Do note that the captive login is a code pattern that before I wrote LoginGuard nobody had ever done. Not only that, the PLT members were telling me that it is impossible to do in Joomla. I got tired of that stupid spiel and wrote the code which proved it perfectly possible, very easy and then Joomla copied it. You're welcome for my opening your eyes and giving you the code to copy which, by the way, is licensed GPLv3 while your software is licensed GPLv2 and you were not allowed to copy it. I could raise a stink about that but I chose not to because, well, I'm neither a dick nor am I here to make money off Joomla. I'm happy that Joomla users get to enjoy the product of my R&D even without attribution.

In any case, we need our site to become operational in Joomla 4 by mid to late October. So of course the only reasonable course of action is a. implement a workaround (which proves that the problem i. does exist and ii. can be dealt with) and b. file an issue here. The first part is necessary because reporting an issue to Joomla is not a guarantee that Joomla will even accept there is an issue (see my issue about the extension updates, a saga which had been going on for 8 years before I had to file a public issue), let alone let us fix it (see more than half of the issues I have filed; I have created private workarounds for each and every one of them because Joomla wouldn't accept the fix).

Even if it's fixed, it's anyone's guess if it will make it to 4.0.x, 4.1.x or be killed off... sorry, I meant “delayed for the next major version” which is a nice way of saying ain't gonna happen in your lifetime (see: the promise to include U2F two factor authentication back in 2013 which was supposed to be revised in 4.0). So, yeah, we MAYBE WILL include the workaround in our paid version of our software because we are also pretty sure that this issue if it's ever fixed it's going to be fixed only in Joomla 4, not Joomla 3 and Joomla 3 is still going to be out and about for another 2 years.

If the Joomla project wants us to fix this issue we will gladly do so which means that I am paying out of my own pocket for Davide's time to write the code and go through the long process until it's RTC. How the hell am I making a profit from that?! It will cost me nearly 500 Euros to fix something in Joomla. If you think that I will make that money back because people will suddenly rush to buy Admin Tools Professional to address this issue that has gone mostly undetected for three years you are out of your mind and I wish the world would work like that; I'd have fifty times more clients and I'd actually be making more than a living.

In any case, I am going to tell Davide to not spend a single minute more on this issue unless we have a guarantee by the production leadership that they DO recognise this as an issue and they WILL merge the fix we will contribute. Otherwise I don't fancy spending hundreds of Euros while having every random person who put his name on a petition tell me that I'm making money off Joomla. Spending money and being accused of magically making money instead? Fuck that shit!

[ReLater]

Again one of these annoying and time wasting issues. Again a reason why I don't come daily to GitHub anymore.
1 issue, 1 related and constructive answer.

The rest is just blah-blah and self-congratulation from self-appointed godfathers.Take your private shit and ego to Facebook or somewhere else and stay on topic here like you should on GitHub.

Others just post a "Confirmed", issue related comments and a reference to older threads. Here unreferenced images, advertising for commercial extensions and uninteresting once-upon-a-time-stuff. "Whoo, how awesome I am!".

Take your private shit and ego to Facebook or somewhere else and stay on topic here like you should on GitHub.

Others just post a "Confirmed" and a reference to older threads. Give related input. Here unreferenced images, advertising for commercial extensions and uninteresting once-upon-a-time-stuff. "Whoo, how awesome we are!".
It would be nice if administrators of this portal, would find ways to make this here on Joomla-GitHub again a topic related, constructive exchange and not some babble portal for egomaniacs.

There are no ignore lists here, unfortunately.

[ReLater]

Sorry! I meant you! @PhilETaylor

[nikosdion]

@ReLater I am sorry that we reported an issue we found during the development of our site and our extension. If this is what you think of 3PDs reporting the issues they find and willing to spend their own time and money fixing them for everyone then we will stop reporting issues to Joomla and only implement paid workaround so you people don't bitch about us doing work for free.

[ReLater]

Yeah well we all know you hate me too... :) That is well documented here.

I hate your endless self-congratulations and this extreme profiling addiction that costs my time and that of others. Nothing more.

[tampe125]

Closing since this is getting useless.

[alikon]

for those interested only on the issue/topic and possible solutions see #35470
"polemic only" please abstain