On Wed, 2018-05-23 at 12:29 +0100, Allan Day wrote:
* Request for account deletion in GitLab for a blocked user (Carlos) * Carlos sent an email to board-list with details of this * Carlos is the only GitLab admin. He recently blocked a user for inappropriate behaviour. This means that the user can no longer log in to edit/delete their comments. * The user has subsequently sent a mail demanding that their posts be deleted. The user has made the case that this is their legal right (under Canadian law) and has threatened legal action. * Comments can only be deleted by an admin. * We have a prescedent that we don't delete posts that are stored on GNOME servers.
There is a fundamental difference with Gitlab compared to other services though. On Gitlab comments and bug reports can be retrospectively modified by the submitter and even third parties in the case of bug descriptions. So the user could delete the relevant text even if they cannot delete the comment itself. It sounds like the request for deletion was completely refused rather than complying with it as much as possible by changing all text to e.g. "comment has been deleted". Is there a reason for not complying with the request in this way?
* Allan - why don't we delete posts? Rosanna - data retention policies are part of our staff handbook, and are required for insurance purposes. * Didier - on gnome-fr forums, they offer to anonymise posts rather than deleting them (in order to preserve threads). Cosimo - isn't that what happens when a user account is deleted? Yes. * Cosimo - prefers that people can remove their account rather than deleting posts. Didier agrees with this. Allan is personally in favour but doesn't know what the legal requirements are. * ACTION: Carlos to offer to delete the account and anonymise the posts in the process.
Benjamin
Attachment:
signature.asc
Description: This is a digitally signed message part