On 19/06/2019 21.15, Per Jessen wrote:
Per Jessen wrote:
Malcolm wrote:
Users have asked under GDPR for their information to be deleted, so in vB their signatures are emptied and all of their posts are set to 'Guest'. Since the gateway has run, these posts are on the nntp side and still contain that information they asked to be deleted....
I am certainly no expert, but as long as the information stored cannot be linked to any specific individual, it ought to be okay? (as far as I have understood).
FWIW - my wife occasionally and indirectly deals with the implementation of GDPR regulations (in banking). She is adamant that -
a) anyone asking for any action (deletion/information) under the GDPR regulations _must_ provide proof of identity.
b) that proof must be sufficient to establish a unique link to the information requested.
For emails or forum postings, I suggest that is virtually impossible. I have seen a number of such requests wrt our mailing lists too, and I have sofar refused to do anything. No one has provided any proof of identity.
Wouldn't "I'm the owner of that email address" be enough? :-? -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)