Hey Nextcloud Community 
,
I’ve got a couple of questions about anonymization settings in Nextcloud Polls and Forms 
.
Polls: Are there any backend options to tweak anonymization? Like, is there a way to configure it differently so that we get actual full anonymization in Polls?
Forms: Can anonymization settings be adjusted so that participants immediately see if the creator has turned it on or off? Or is there a way to make sure that once anonymization is enabled, it can’t be undone? So instead of just turning it off, you’d have to duplicate the form and set up a new one with personal attribution?
I guess this could be adjusted in the backend code, but I wanted to check if there are any best practices for this. I’m still relatively new to Nextcloud, so any advice would be awesome 
!
Thanks!
florianh
@florianh Regarding Forms there is a message in the header whether the responses will be anonymous. So the user can directly see it. It can be set on a per form basis.
Thanks for the response!
The issue is that if anonymity is turned off later, previously anonymous responses become visible. This raises privacy concerns, as it could be misused. Any ideas on how to prevent this?
No, previously submitted responses won’t be de-anonymized. This isn’t possible as we don’t store the username when anonymous submission is enabled.
2 Likes
I just tested forms, you’re right, responses stay anonymous. Thanks 
For polls, I guess you’d need a custom solution. Any specific solution in mind?
1 Like
Version 8 of Polls will have an advanced anonymization by “sealing” the poll to stay anonymous.
However in this version it can be reverted by changing a value inside the database and users are still stored with their names.
In a trusted administrated environment, this may increase anonymity as long as database access is restricted.
Further versions will get full unrecoverable anonymity.
I think saving the user in Nextcloud Polls is necessary so that registered users cannot vote more than once. In a real anonymised poll, individuals can vote as often as they like and thus destroy the overall result of the anonymous poll.
It’s great that Nextcloud Polls is being further developed in line with anonymity.
A really good hint is currently given in Nextcloud Polls. Nevertheless, many users probably think that this has nothing to do with anonymity. After all, you actually want to be anonymous to the person asking the question.
I think with a real anonymised survey that can only be used by registered users, you would have to generate just as many tokens as recipients on the Nextcloud. A Trusted Third Party (TTP) would receive the tokens and send them randomly to the email addresses. The Trusted Third Party (TTP) does not gain access to the Nextcloud. I currently see no way to do without it for Nextcloud Polls. 100% anonymity will not be given. But I don’t know of a corresponding solution for Microsoft 365 either.
That is the point. A full anonymization will result in access loss to the prior votes and lock the user’s votes when the session will be closed.
To prevent any surprising effects this will ill be introduced in steps.