[Standards] XEP-0363 (HTTP Upload): Privacy Considerations & Deletion
jonas at wielicki.name
Fri Apr 27 06:39:38 UTC 2018
On Freitag, 27. April 2018 04:59:25 CEST Travis Burtrum wrote:
> On 04/26/2018 10:35 AM, Jonas Wielicki wrote:
> > As it turns out, several implementations are making it not trivial for
> > operators to be GDPR compliant. One of the things definitely necessary (as
> > far as our understanding goes) is that users must be able to have their
> > data deleted in a reasonable timeframe; it must also be possible to
> > create a bundle of all data the service currently has from the user.
> Many implementations don't even track who uploaded what, isn't that
> better? No records, no problems?
No. It’s not about the association, it’s about the users data (the uploaded
files) which must be deletable. At least that’s my understanding of the
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: This is a digitally signed message part.
More information about the Standards