[Standards] XEP-0363 (HTTP Upload): Privacy Considerations & Deletion

Travis Burtrum travis at burtrum.org
Fri Apr 27 02:59:25 UTC 2018


On 04/26/2018 10:35 AM, Jonas Wielicki wrote:
> As it turns out, several implementations are making it not trivial for 
> operators to be GDPR compliant. One of the things definitely necessary (as far 
> as our understanding goes) is that users must be able to have their data 
> deleted in a reasonable timeframe; it must also be possible to create a bundle 
> of all data the service currently has from the user.


Many implementations don't even track who uploaded what, isn't that
better?  No records, no problems?


More information about the Standards mailing list