[Standards] XEP-0363 (HTTP Upload): Privacy Considerations & Deletion

Marcel Waldvogel marcel.waldvogel at uni-konstanz.de
Fri Apr 27 06:44:56 UTC 2018


At least ejabberd puts all of a user's files under one directory.

Am 27. April 2018 08:39:38 MESZ schrieb Jonas Wielicki <jonas at wielicki.name>:
>On Freitag, 27. April 2018 04:59:25 CEST Travis Burtrum wrote:
>> On 04/26/2018 10:35 AM, Jonas Wielicki wrote:
>> > As it turns out, several implementations are making it not trivial
>for
>> > operators to be GDPR compliant. One of the things definitely
>necessary (as
>> > far as our understanding goes) is that users must be able to have
>their
>> > data deleted in a reasonable timeframe; it must also be possible to
>> > create a bundle of all data the service currently has from the
>user.
>> 
>> Many implementations don't even track who uploaded what, isn't that
>> better?  No records, no problems?
>
>No. It’s not about the association, it’s about the users data (the
>uploaded 
>files) which must be deletable. At least that’s my understanding of the
>
>situation.
>
>kind regards,
>Jonas

-Marcel Waldvogel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20180427/c17dc7f3/attachment.html>


More information about the Standards mailing list