Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
fakedang a day ago

European digital law explicitly allows for a "right to be forgotten". Something which HN vehemently opposes because it breaks the flow of threads or some other BS reason.

Aurornis a day ago | parent | next [-]

As I explained above, the GDPR law has a lot of exceptions and carveouts.

It has been widely misinterpreted as a tool to force website operators to remove anything you've contributed to the website or any information about you, but that is neither consistent with the language of the law nor consistent with what the courts have found.

You are free to remove your own e-mail address from an account (visit your account page) or to never provide any identifying information at all to the website. I've also seen the moderators change account names away from identifying information for those who request it.

However, there is no GDPR requirement that websites must universally delete any and all contributions you provide to a public website if you retroactively decide you don't want you public posts to be public.

Like I said, I doubt casual HN commenters have a better grasp on the law than Y Combinator's legal team.

the_other a day ago | parent | prev [-]

If HN removed their record of the email address associated with a username, might that satisfy GDPR? The personally identifying data has been "forgotten". From that point on, the comments could have been entered by "anyone".

tobr 20 hours ago | parent | next [-]

Why would it? A comment in itself might contain information about anything and anyone, and always contains some personal information about its author, such as the time they published it and the handle they were logged in as. That doesn’t go away because the email associated with it is removed.

the_other 13 hours ago | parent [-]

Surely it does, if there's no way to point back to the specific user. The best one could say is "someone using this username posted this message at this time, but we can't tell who that was".

I accept that if someone data-mined every comment by said user, they might be able to build a picture of said user clear enough to identify them (e.g. posting times might indicate likey country of origin). Possibly, depending on the content they posted.

(I'm just thinking around the problem. I'm not a security/privacy researcher designing systems I'd like others to use, just an interested user curious where the lines in the law lie, and also what the threat models might be to me as a user.)

LexiMax 20 hours ago | parent | prev [-]

I like this idea, actually. A good chunk of HN is throwaways and accounts otherwise disconnected from any sort of person-hood these days, the messages from "forgotten" accounts wouldn't even particularly stick out.