How to do it?
The amount of bullying by admins on this site is too much for me, so I would like to have my account deleted. How?
And before you say it is not possible (or ignore me as in Account deletion/permanent deactivation? - #4 by rob42 or Close Account - unused), should I remind you that it is the law where I am from (GDPR)?
Thank you for any suggestions,
Matěj
Can you quote the law and whether it applies to servers outside the EU?
Just to clarify: The GDPR applies whenever a service wants to do business in the EU and collects information from EU citizens.
Since we are using a hosted version of Discourse, this is not a question moderators of our instance can answer, but something that is governed by the service provider CDCK and yes, they do respect the GDPR (just like they respect other similar privacy regulations around the world): Privacy policy | Discourse - Civilized Discussion
I suggest anyone who wants to have their account closed follows up with them directly: Privacy policy | Discourse - Civilized Discussion
You can ask an admin to anonymise your account:
Well, not exactly what I wanted, but better than nothing. And
how, pray, I can contact an admin?
Best,
Matěj
By mentioning them: @admins
But
claims that the anonymization of users is compliant with GDPR, so
if I manage to get contact for an admin, who can do it for me, it
will be probably enough (although not very convenient).
Best,
Matěj
@admins So, can I ask for the anonymization of my account @anon50483532, please?
Maybe it’s just me, but what I find quite astonishing here, is that no moderator(s) seem to be in the least bit concerned about why this forum member (@anon50483532) feels driven to this action.
GDPR boils down to only collecting information that you have a legitimate interest in to operate the service provided.
Your account here did not collect any information that is not legitimate as far as I can tell from my signing up.
I’m not sure that GDPR provides a right to delete data, unless it is incorrect.
My gut reaction is to agree. However, experience (from seeing similar situations play out in other places) and introspection both tell me that when someone gets into such a mental state, it never turns out productive to try to discuss it - certainly not in public, anyway.
Done. Sorry to see you go.
FYI, there was some previous discussion on account/topic deleation and it’s relation to GDPR here: Topic deleted by author
I think it’s probably worthy of a seperate topic though if someone is asking for all their content to be removed. I will point out it is trivial to work out who the author of this post was as they signed their post with their name.
While delving too deep into the specifics of this user is unlikely to be constructive for anyone, I do think there may still be higher-level insights worth learning from, in terms of shifting a long-term pattern of moderator interaction (and one I believe you’ve observed as well). To note, in their post prior on the other GDPR thread, the deleted user mentioned:
After the censorship and rude behaviour of admins, this is just another nail to this site.
After the moderator that they were referring to in that comment deleted that post complaining about them (which raises a potential COI concern), a day later they followed up with this request for account deletion.
Overall, my experience moderating this and a number of other communities suggests that, in general, moderators tend to be a lot more effective at ensuring user cooperatation and cultivating a welcoming, constructive community when they are more kind and empathetic and less harsh and authoritarian when communicating with users, even if they still enforce the rules to the same strictness. Like the warm sun rather than the cold wind convincing the person to take off their coat, I’ve seen time and again how a little compassion really does go a long way toward at turning things around with users instead of turning them off, or turning them away completely.
And that’s something I think we can do a better job at, at least with our words if not our actions.
It does, and here is an official clarification - https://commission.europa.eu/law/law-topic/data-protection/reform/rules-business-and-organisations/dealing-citizens/do-we-always-have-delete-personal-data-if-person-asks_en . Not sure why would you think otherwise. The whole purpose of GDPR is to protect and to establish control of the personal data.
Are public posts personal data? I don’t think so.
The account information like email address are personal data and you have the right to have that deleted.
Here is the exact definition from the directive → “any information relating to … identifiable … person”:
I am pretty sure I will be able to inexpensively identify the topic starter (TS) from their posts (actually, I already know their name). The question then - is any of the moderators going to screen all the TS’ messages and remove any personal information that is left? Implementation-wise, it is much easier to just remove all the data associated to the person.
It is important to note that there are two parts to the definition:
Specifically for a forum like this, the complete chat history of a person, all log entries relating to the person’s actions and all meta data stored for a person are part of the personal data which is being processed. This includes data stored in the active system and any other copies of this data stored by the data processor(s), for example as backups.
Accordingly, a person may request deletion of all this data, which can be a very time consuming task for the data processor(s).
Anonymizing the data by removing the identifying link between the data and the person is a much easier to implement task and will often have the same effect.
Given that the forum is being run mostly by individuals investing their free time into administering / moderating the forum, I believe that this second option is the more appropriate way to ask for handling an account deletion request. Anything beyond this should be taken up with the service provider, IMO.
I am not a lawyer, but there is a discussion on the matter at this law.stackexchange.com question.
This is covers the distinctions between types of data that I did a poor job of explaining.
The posts can stay, the account can be anonymised or deleted.
