ST Alpha - "One of the GDPR rules is for "data portability". So when a service shuts down or shits the bed or whatnot, users aren't left in the lurch." (Reading a Post)

SlickerTalk
Search Archives
The Leaderboard
The FAQ

Down to Post

Backboards:

Posts: 155

One of the GDPR rules is for "data portability". So when a service shuts down or shits the bed or whatnot, users aren't left in the lurch.

Posted by Beryllium (aka grayman) Jul 15 '23, 16:23

One of the other GDPR rules is for "forget requests". If a user submits one, everything about them should be expunged from the system.

I think both of those are broken on a platform like ST.

Portability is broken because "export all of a user's posts" does not make sense when the posts are replies or threads - the data of other users must be included to maintain any value in the archive.

Forget Requests are broken, because deleting all of a user's posts will utterly destroy any threads they were part of. I can maintain data integrity with stub placeholders, but the conversation would be destroyed.

And of course, they can't work together. If I offer downloads that include the posts of other users, then forget requests are impossible because I can't control the data once downloaded.

I think both of the regulations are good. Important, even. I just don't think they apply sanely to conversations.

Responses:

Regarding the right to be forgotten, it is sufficient for you to anonymize the data. - Fuzzy Jul 15, 16:56 10
- As for portability, I've exported my content from Twitter, LinkedIn, Facebook, Google, and a few others. Quality varies. -- nm - Beryllium Jul 15, 17:00 4
  - I'm a bit surprised. Since you aren't a citizen of a GDPR country, I would not have fulfilled those requests -- nm - Fuzzy Jul 15, 17:48 3
    - I haven't received any requests of that nature. I'm contemplating what it would mean in an abstract way, as part of a larger concern. - Beryllium Jul 15, 17:54 2
      - Sorry, let me clarify. - Fuzzy Jul 15, 18:07 1
        
        Ah, yes. Thanks. -- nm - Beryllium Jul 15, 18:09
- I am not sure that that is true, because the content of the conversations may also be personally identifying, and I have no way to identify that. -- nm - Beryllium Jul 15, 16:59 4
  - I think that your biggest exposure would be two things - Fuzzy Jul 15, 17:19 3
    - Ah, good thoughts. Thanks. Although I don't control or own the file mentioned in #2. -- nm - Beryllium Jul 15, 17:24 2
      - And a reminder again that IANAL and I'm 2-3 years out of this game. Things may have changed since I did this stuff -- nm - Fuzzy Jul 15, 17:41
      - Doesn't matter, unfortunately -- nm - Fuzzy Jul 15, 17:27
That all makes sense to me but I'm neither a tech expert or a politician. -- nm - Krusty Jul 15, 16:56
^ sorry, thinking out loud for a portion of an upcoming blog post -- nm* - Beryllium Jul 15, 16:25 1
- valid points -- nm - zeitgeist Jul 15, 16:42

Post a message top

One of the GDPR rules is for "data portability". So when a service shuts down or shits the bed or whatnot, users aren't left in the lurch.

Replies are disabled on threads older than 7 days.