It's difficult to find good answers to these questions, I'm not sure what to search for and I don't trust LLMs for this kind of thing either
@simon https://eur-lex.europa.eu/eli/reg/2016/679/oj#d1e1797-1-1 remember, this is a blanket text. Member-states can add but hot remove constraints.
Under general don't need a function to delete comments, but you need to have a [not necessarily automatic] way for a user to ask to delete all the comments and the information that they ever left any comments. I'll find the exact article and point in some minutes.
I'm very interested what LLM would say.
@simon tl, dr: you may choose to not gather PII, then you need PP mentioning it.
If you choose to gather PII:
- PP with your contacts, memo of users' rights.
- TOS.
- Think ahead about how will you process requests for erasure.
@jonn have you seen any good examples of this? I am totally OK with people requesting erasure
@simon I honestly don't think that completely automated erasure is possible in good faith.
When user-generated data comes into play, an erasure in good faith should create an audit trail certainty that the controller took steps to also remove PIIs from user-generated content.
I would probably write a script which amends PII mentions in posts and responses, creates the trace of affected URLs and asks the user who requested deletion if they are happy with that. It's not perfect, but can be done completely automatically and with a good success rate.
P. S.
I assume your website isn't evil and you don't sell the data to Coca Cola and other Amazons. If so, it's pure hell, as it's your responsibility to reach out to third parties and facilitate erasure.
@jonn @simon @plausible GDPR lawyers really hate this neat trick
"All subject requests will be answered and will have their accounts closed to stop the collection of further data. Data is deleted after a year of inactivity"
@simon back to the text of the law: if you insist on storing personal data and its mapping to a user name or displaying personal data or identifiable information [I.(26)], you will have to forewarn the user by presenting them with a privacy policy. Note that E-Mail addresses can sometimes squarely and beyond doubt be personal data. In PP, you will have to tell the user everything they legally need to know about the way you process it [II.(6)].
The user will then have to have a way to break consent, which means that the content of their comments may be retained based on terms of service, while the link between the personal data and the data the user produced on the platform must be severed and further processing should be avoided. Furthermore, they may exercise the right to be forgotten (III.(17)] to make you, within reasonable time, delete their data.
The problem is that even if your tos say "we will anonymise your user-generated content", you will have to go through all the content to demonstrate that other user-generated content which is in itself data that your system processes doesn't expose or even internally contain personal data or PII. Examples: quote feature on forums, users calling each other by name based on the information disseminated by your system, archive.org snapshots.
Aside from this consideration, as long as your platform doesn't use automated decision-making based on the personal data, you're in the clear.