Connect to original account

Message boards : Questions and problems : Connect to original account
Message board moderation

To post messages, you must log in.

AuthorMessage
Canadaman

Send message
Joined: 8 Aug 22
Posts: 3
Message 109536 - Posted: 8 Aug 2022, 15:28:16 UTC

Greetings.

I first signed up to SETI back in 2007. I just re-installed the BOINC software and wanted to run it a bit in the background. I discovered I can't seem to connect to my old account.

Can anyone help me with that?
ID: 109536 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2005
United Kingdom
Message 109537 - Posted: 8 Aug 2022, 15:34:33 UTC - in response to Message 109536.  

Greetings.

I first signed up to SETI back in 2007. I just re-installed the BOINC software and wanted to run it a bit in the background. I discovered I can't seem to connect to my old account.

Can anyone help me with that?
SETI is dead. There are many other worthwhile projects you can sign up to though. Also due to GDPR regulations some projects have deleted accounts that have been inactive for longer than a certain period of time. With CPDN it was possible to get things going again by contacting a project admin through the moderators but not sure if that is still going.
ID: 109537 · Report as offensive
Canadaman

Send message
Joined: 8 Aug 22
Posts: 3
Message 109538 - Posted: 8 Aug 2022, 15:39:55 UTC - in response to Message 109537.  

I belonged to other projects too, the "combined statistics" page still lists for SETI, the rosetta and proteins projects.
ID: 109538 · Report as offensive
robsmith
Volunteer tester
Help desk expert

Send message
Joined: 25 May 09
Posts: 1209
United Kingdom
Message 109539 - Posted: 8 Aug 2022, 16:32:23 UTC

A quick check on the SETI website shows that there are three users registered with your current user name, plus one variation on it. None date from 2007. Three of these accounts have no credit, thus will not be accessible, the forth has a credit, but does not match your joining date.
One thing to remember is that the unique identifier of an account is not your username, but the unique id number (which we all forget), next best is the email address and password last used on the account. Don't worry about that email address being expired, as if you log in with the "old" address and change to a more current one.
ID: 109539 · Report as offensive
Canadaman

Send message
Joined: 8 Aug 22
Posts: 3
Message 109549 - Posted: 9 Aug 2022, 7:38:34 UTC - in response to Message 109539.  

Thanks rob.

Sent you PM with more details.
ID: 109549 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15189
Netherlands
Message 109550 - Posted: 9 Aug 2022, 7:50:16 UTC - in response to Message 109537.  

Also due to GDPR regulations some projects have deleted accounts that have been inactive for longer than a certain period of time.
???? Where in the GDPR does it say that this is a requirement?

I know that due to the GDPR you have the right to be forgotten, i.e. you can delete your account if that option is available on the project. But I know of no projects that remove inactive accounts just because they are inactive. I've not touched most BOINC projects for a long time, yet as far as I know I still have all my accounts everywhere.
ID: 109550 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2005
United Kingdom
Message 109552 - Posted: 9 Aug 2022, 9:40:28 UTC - in response to Message 109550.  
Last modified: 9 Aug 2022, 10:19:18 UTC

???? Where in the GDPR does it say that this is a requirement?


Don't know but that is how CPDN interpreted it.
Edit: Found the announcement from Andy.


To comply with the Data Protection Act 1998, we are required to only keep personal data for as long as it is absolutely necessary. We will therefore only keep records of inactive volunteers for three years from now on. Initially any records inactive since 2014 or before that date will be removed. We will continue to remove records that have been inactive for three years or more on an ongoing basis.
Therefore anyone who signed up prior to this and has been inactive for over three years but wishes to renew their engagement will need to set up a new account. If you have been inactive for the last couple of years and wish us to retain your email and username, please reactivate your account as soon as possible.

Project credits from these accounts will be retained but will no longer be linked to an email address or username.

Current, active, volunteers, or those who have been active in the last three years, will not be affected by this policy.
ID: 109552 · Report as offensive
robsmith
Volunteer tester
Help desk expert

Send message
Joined: 25 May 09
Posts: 1209
United Kingdom
Message 109553 - Posted: 9 Aug 2022, 9:57:07 UTC - in response to Message 109550.  

Many projects have adopted an "opt-in" approach to allowing access to historic user data.
GDPR actually has two strands:-
The first is the right to be forgotten.
The second is the right for data to be retained but not visible.
The former is quite obvious, but the latter less so - you have the right for specific data holders to retain your data but not reveal it to others without your permission. A number of projects have their default user data access set to "keep this data but don't show it to anyone else", with options to delete the data (although a pseudo user "deleted user nnnn" required for the project to function) and reveal data to other parties.



(*) The deleted user id has no link back to the removed record for user "Joe Soap" who no longer exists. Typically this is used to allow the wing-man function to work - all users will see when looking at a task where the wingman user has been deleted is something like "computer x, no data, deleted user" with no links to other work or computers belonging to the deleted user.
ID: 109553 · Report as offensive
Les Bayliss
Help desk expert

Send message
Joined: 25 Nov 05
Posts: 1654
Australia
Message 109554 - Posted: 9 Aug 2022, 10:23:21 UTC - in response to Message 109552.  

Hi Dave

I remember that post, a long time ago now.
ID: 109554 · Report as offensive
Grumpy Swede
Avatar

Send message
Joined: 30 Mar 20
Posts: 208
Sweden
Message 109555 - Posted: 9 Aug 2022, 14:55:52 UTC - in response to Message 109550.  
Last modified: 9 Aug 2022, 14:56:14 UTC

I know that due to the GDPR you have the right to be forgotten, i.e. you can delete your account if that option is available on the project. But I know of no projects that remove inactive accounts just because they are inactive. I've not touched most BOINC projects for a long time, yet as far as I know I still have all my accounts everywhere.
WCG will delete accounts that have not interacted with World Community Grid for 36 months.
https://www.worldcommunitygrid.org/about_us/article.s?articleId=561
ID: 109555 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15189
Netherlands
Message 109563 - Posted: 9 Aug 2022, 23:03:49 UTC

Well, if they feel they need to, they can go ahead and delete my accounts. And my credit. I'm not interested in those points anyway, never was.

But I must say WCG's reason is a weird one: We collect data to help us serve and communicate with volunteers, and keeping this information safe has always been very important to us. Because data are collected primarily to help us communicate and engage with volunteers, we will remove data once it no longer serves this purpose. Therefore, we will delete any accounts that have not interacted with World Community Grid for 36 months.

Uhm, so you collect data (from and about me) to communicate to me and when you deem it no longer necessary to do so (because I fell silent), you remove the data about me? Why? 😲 Can't I ever re-engage in contact with you? I doubt it's because of the size of the database as that's quite small.

As for CPDN and its compliancy to the now defunct Data Protection Act 1998 (as it's superseded by the DPA 2018, which is also no longer in force as the UK left the European Union and so it doesn't need to follow their laws anymore, it only follows the GDPR). And nowhere in the GDPR does it say that personal details must be removed within a certain time limit, only that the users have a right to erasure of their data under certain circumstances: they should ask for it.
ID: 109563 · Report as offensive
robsmith
Volunteer tester
Help desk expert

Send message
Joined: 25 May 09
Posts: 1209
United Kingdom
Message 109564 - Posted: 10 Aug 2022, 6:40:20 UTC - in response to Message 109563.  
Last modified: 10 Aug 2022, 6:44:39 UTC

From the wiki page you link to:
The Data Protection Act 2018 (c. 12) is a United Kingdom Act of Parliament which updates data protection laws in the UK. It is a national law which complements the European Union's General Data Protection Regulation (GDPR) and replaces the Data Protection Act 1998.


While it is a "new law" it is in the core exactly the same as the old one, and since CPDN and others based n the UK had followed the old law they continue to follow the new one, and may, under wider UK law continue to refer to their compliance with the new one.
{edit to add}
But of course we are talking abut a project that was run by IBM, not hosted in the UK, and now run by Kemble again not based in the UK, so they can choose whichever law (or in the case of a superseded law "guidance" they choose. But it would be nice if they referred to the correct EU legislation wouldn't it.
ID: 109564 · Report as offensive
Profile Dave
Help desk expert

Send message
Joined: 28 Jun 10
Posts: 2005
United Kingdom
Message 109565 - Posted: 10 Aug 2022, 6:59:21 UTC

To comply with the Data Protection Act 1998, we are required to only keep personal data for as long as it is absolutely necessary.
That phrase also appears I believe in the newer legislation in the UK. I would imagine that even given identical set ups, "as long as it is absolutely necessary" will get interpreted differently by different organisations.
ID: 109565 · Report as offensive
Richard Haselgrove
Volunteer tester
Help desk expert

Send message
Joined: 5 Oct 06
Posts: 4929
United Kingdom
Message 109566 - Posted: 10 Aug 2022, 7:15:30 UTC - in response to Message 109565.  

And different courts. Sigh.
ID: 109566 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15189
Netherlands
Message 109567 - Posted: 10 Aug 2022, 7:18:16 UTC
Last modified: 10 Aug 2022, 7:19:26 UTC

You guys don't get it. And I wrote this for CPDN only: the DPA 1998 and 2018 are no longer regulations for the UK, as they are EU Laws, and you left the EU. Brexit remember? You get to make your own laws.

For the EU, the DPA 1998 and 2018 were superseded by the GDPR.

The UK adopted to follow the GDPR without any changes by choice. The GDPR states that the project can remove personal data but only if the user asks for it.
ID: 109567 · Report as offensive
robsmith
Volunteer tester
Help desk expert

Send message
Joined: 25 May 09
Posts: 1209
United Kingdom
Message 109573 - Posted: 10 Aug 2022, 10:37:03 UTC - in response to Message 109567.  

Not true.
GDPR, or more correctly "REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016" states in article 28, clause 3(g):
at the choice of the controller, deletes or returns all the personal data to the controller after the end of the provision of services relating to processing, and deletes existing copies unless Union or Member State law requires storage of the personal data;


Which places a role on the data controller to delete personal data at the end of a person activity. There is no definition contained in the regulation, but there is a need for the data controller to define the end of activity. Now obviously if a person says "remove me, I don't want to be a member any longer that is one case, but the data controller may define a period of inactivity as being an end of activity.
ID: 109573 · Report as offensive
Richard Haselgrove
Volunteer tester
Help desk expert

Send message
Joined: 5 Oct 06
Posts: 4929
United Kingdom
Message 109575 - Posted: 10 Aug 2022, 11:51:17 UTC - in response to Message 109573.  
Last modified: 10 Aug 2022, 12:02:38 UTC

Data protection law in UK after Brexit 2020
Here are the overall changes to UK data privacy law after Brexit –

  • The EU’s GDPR has been lifted into a new UK-GDPR (United Kingdom General Data Protection Regulation) that took effect on January 31, 2020.
  • The Data Protection Act 2018 has been amended to be read in conjunction with the new UK-GDPR instead of the EU GDPR.
  • An adequacy decision for the UK was adopted on June 28, 2021 by the EU, securing unrestricted flow of personal data between the two blocs until June 2025.
  • It is likely that the UK government will move to consolidate the two amended laws (UK-GDPR and Data Protection Act 2018) into one, comprehensive piece of data protection law at a later point.
  • It is likely that the EU will grant an adequacy decision before June 2021, removing the UK from the list of “third countries” and ensuring unrestricted data flow between the two blocs.

from https://www.cookiebot.com/en/data-protection-act-2018/

or see https://uk-gdpr.org/chapter-4-article-28/ paragraph 3(g)

ID: 109575 · Report as offensive
Bryn Mawr
Help desk expert

Send message
Joined: 31 Dec 18
Posts: 238
United Kingdom
Message 109576 - Posted: 10 Aug 2022, 18:09:31 UTC - in response to Message 109567.  

You guys don't get it. And I wrote this for CPDN only: the DPA 1998 and 2018 are no longer regulations for the UK, as they are EU Laws, and you left the EU. Brexit remember? You get to make your own laws.

For the EU, the DPA 1998 and 2018 were superseded by the GDPR.

The UK adopted to follow the GDPR without any changes by choice. The GDPR states that the project can remove personal data but only if the user asks for it.


Sorry to disagree but you are wrong.

The DPA is UK legislation and is not affected by Brexit - it would have to be revoked by an act of parliament which has not happened.

It does state that data should be kept only for as long as necessary and that applies to any data collected in the UK regardless of the jurisdiction of the organisation collecting the data.
ID: 109576 · Report as offensive

Message boards : Questions and problems : Connect to original account

Copyright © 2022 University of California. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.