Allowing users to censor their own requests
11 views
Skip to first unread message
Laurent Savaëte
Mar 19, 2021, 9:56:39 AM3/19/21
to alavet...@googlegroups.com
Hi all,
We're wondering if it possible to allow our users to censor certain things like their name or contact details from their own requests (and only those). The idea being that it would probably help us
save some admin time if users could just do it themselves. A typical use case is a user who needs to put their real name and maybe address in a request (or followup) for it to be accepted, but they
don't want that info publicly visible
Are there any major problems with making this possible? And if not already possible, any guess how hard it would be to implement something like this in the code?
Cheers,
Laurent (team madada.fr)
We're wondering if it possible to allow our users to censor certain things like their name or contact details from their own requests (and only those). The idea being that it would probably help us
save some admin time if users could just do it themselves. A typical use case is a user who needs to put their real name and maybe address in a request (or followup) for it to be accepted, but they
don't want that info publicly visible
Are there any major problems with making this possible? And if not already possible, any guess how hard it would be to implement something like this in the code?
Cheers,
Laurent (team madada.fr)
Gareth Rees
Mar 26, 2021, 6:09:05 AM3/26/21
to Alaveteli Dev
Hey Laurent,
It's not currently possible for users to redact information themselves.
Admins can currently add a censor rule to the user record, which applies to all requests made by that user.
> Are there any major problems with making this possible?
There are a few things that would need to be considered.
1. Allowing users access to find & replace anything on the requests is quite some power that could easily be used to manipulate the responses provided by authorities. If abused, this would be very damaging to the credibility of Alaveteli.
2. Censor rules are often ineffective [1], which in itself would generate quite a bit of user support. Of course, we should improve the redaction capabilities, but there's a lot of work in that.
There are a couple of more minor things – how do we present this capability to users and explain how and when to use it, how do we keep a better audit trail than we do right now – but those are relatively answerable. The two points above are less easy to solve.
> And if not already possible, any guess how hard it would be to implement something like this in the code?
We've written a fairly comprehensive guide about how we've approached this ourselves [2].
It's not something we've been super happy about though, since it's very hit and miss, especially with less structured data like addresses. At least with e.g. a national ID number it tends to be quite easy to match against.
Keen to hear your thoughts.
Best,
Reply all
Reply to author
Forward
0 new messages