[Standards] XEP-0363 (HTTP Upload): Privacy Considerations & Deletion

Jonas Wielicki jonas at wielicki.name
Fri Apr 27 06:39:38 UTC 2018

On Freitag, 27. April 2018 04:59:25 CEST Travis Burtrum wrote:
> On 04/26/2018 10:35 AM, Jonas Wielicki wrote:
> > As it turns out, several implementations are making it not trivial for
> > operators to be GDPR compliant. One of the things definitely necessary (as
> > far as our understanding goes) is that users must be able to have their
> > data deleted in a reasonable timeframe; it must also be possible to
> > create a bundle of all data the service currently has from the user.
> Many implementations don't even track who uploaded what, isn't that
> better?  No records, no problems?

No. It’s not about the association, it’s about the users data (the uploaded 
files) which must be deletable. At least that’s my understanding of the 

kind regards,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.jabber.org/pipermail/standards/attachments/20180427/549ebf24/attachment.sig>

More information about the Standards mailing list