To be honest I'm a bit surprised at your cavalier approach to user data but if you aren't concerned about having no control over website security or data then the current solution should be fine. I would definitely recommend speaking to anyone who was around when it because clear the police are/were scraping data from Pepipoo en masse to see if allowing even easier access this time is a good idea.
Maybe users won't mind posting knowing police forces are analysing every post on the site.
Scraping data from a public website is something anyone can do anyway, and has nothing to do with security?
I don't know what you mean by even easier access, to the extent that any security is required, I'm sure this website has better security than pepipoo.
It was either you or someone else who pointed out that with modern techniques, it would be child's play for anyone with the right skills to get anyone's pepipoo password (including presumably Fredd's password) and have a look at whatever they wanted.
To get IP addresses UK police forces would need to launch an international investigation in partnership with US authorities, which makes zero sense for anything but the most serious of crimes. If we were talking about murder, people smuggling, importing machine guns or terrorism then sure, they'd get warrants in the US in no time. For minor traffic offences, not so much.
I'm sure you could come up with some super-duper security solutions that could make this website an impenetrable vault, but it seems to me that you've got a solution looking for a problem.
And frankly I think the idea that the police sit around all day trawling forums like this one is for the birds, after all there's people who openly advertise drugs for sale on facebook or gumtree and nothing seems to get done about that.
As far as I recall, the one guy who got sent to prison was the one who bragged about perverting the course of justice on the forum, and it was a forum member who actually reported him to the police.
