Filter/hide users in different groups - missing GDPR compliance?

[blu-IT]

Hello,

I add serveral users to my nextcloud server, that are stored in the mysql-database. I even have the imap-auth backend up and working for user authentication.
As nextcloud admin I configured two groups, let's say employees and customers. Now I log in as a customer and I can see all other customers even the employees in the right top button with the user symbol.

What I want, is that users separeated by groups (e.g. customers) first of all can't see users of another group (e.g. employees). Even a customer should not see other customers on this nextcloud.

I think this is an essential requirement for GDPR compliance, isn't it?

Thanks!

Regards

Server configuration

Operating system: n.a.

Web server: n.a.

Database: mysql 5

PHP version: 7.0

Nextcloud version: 13.0.1

[nextcloud-bot]

GitMate.io thinks possibly related issues are #8234 (Feature Request - Hidden users/groups from "collaboration"), #8698 (need a group or folder for all user), #4789 (Group admins cannot see disabled users), #3217 (Triangle of user menu missing), and #4493 (Design forward: How we handle Users / Groups / Circles).

[MorrisJobke]

In the sharing settings in the admin section you can disable the autocompletion or limit it to groups a user is part of. This should solve your issue.

[blu-IT]

Hi,

sorry for that!

OK, hiding users of other groups works now, but what if I also want to achieve that only in a special group (e.g. customers) they should not be able to see each other in the same group?

Thanks!

Regards

[MorrisJobke]

OK, hiding users of other groups works now, but what if I also want to achieve that only in a special group (e.g. customers) they should not be able to see each other in the same group?

That one would be a special feature that needs to be implemented separately. It is as of now also not on our roadmap.

[blu-IT]

Hi,

OK - thanks for the information!

Personally I would consider that feature very important - especially regarding some GDPR and privacy compliance.
Do I have to state this feature wish somewhere else to have a chance to get it on the roadmap? ;-)

Regards

[MorrisJobke]

Do I have to state this feature wish somewhere else to have a chance to get it on the roadmap? ;-)

Just create a new ticket for this new refined feature request. But then there is also no guarantee that it will land on the roadmap.

If you wish some consulting work, then Nextcloud GmbH provides professional services to develop features or give some influence on the roadmap in the Nextcloud subscription. Learn more about this at https://nextcloud.com/enterprise/

[blu-IT]

OK, thanks!

Seems I have to refine/redefine very exactlay: Now that members of each group can't see the members of the other groups, employees can't share data with customers - so hopefully there has to be another way in future to achieve this.

I will open another ticket.