In Europe GDPR gives you the right to have all your data deleted. All you do is send in a request and SO has to remove everything of yours, not just anonymize it. There are some exceptions for legal reasons, eg where financial transactions are involved, but comments should not be exempt.
It is still just a “trust us” deal. They say they have deleted it, and all you can do is trust them. They could possibly get into legal troubles if it was shown they were lying, but that could be easily avoided as well.
GDPR is ok, but much of it is based on good actors doing what they should.
IANAL but I thought removing non-PII mostly boiled down to risk since gdpr has big teeth. With a lot of money on the table and a licence attached to post they may feel it’s worth pursuing. They’ve probably been setting up protections for this for a while.
In Europe GDPR gives you the right to have all your data deleted. All you do is send in a request and SO has to remove everything of yours, not just anonymize it. There are some exceptions for legal reasons, eg where financial transactions are involved, but comments should not be exempt.
It is still just a “trust us” deal. They say they have deleted it, and all you can do is trust them. They could possibly get into legal troubles if it was shown they were lying, but that could be easily avoided as well.
GDPR is ok, but much of it is based on good actors doing what they should.
Except it’s not your data anymore. By submitting any content, you transfer the rights to SO.
IANAL but I thought removing non-PII mostly boiled down to risk since gdpr has big teeth. With a lot of money on the table and a licence attached to post they may feel it’s worth pursuing. They’ve probably been setting up protections for this for a while.