automating the deletion process would cause huge problems because of the virtual inevitability of deletion happening when it shouldn't
Account removal
@arma473 why are other websites able to achieve this but we cant? How would one person deleting thier account cause another persons account to be deleted? or whatever unintended deletion you speak of happen?
@dorset said in Account removal:
@arma473 why are other websites able to achieve this but we cant? How would one person deleting thier account cause another persons account to be deleted? or whatever unintended deletion you speak of happen?
I've done a little bit of computer programming, so I know that any time you attempt to implement anything, there's a pretty good chance there will be unwanted behavior, including false positives/false negatives
In this case, a false positive would mean the system decides that a certain account should be deleted, but the human FAF admins don't believe it should be deleted
It would probably be a big pain to un-delete accounts, especially if deleting the account means FAF actually purges itself of information about the account (if FAF is trying to recognize a right to be forgotten)
I can't even predict all of the different ways that the system could go wrong or could be exploited
accounts deletion request have to be manually removed from all the database tables by 1 of 3 sever admin which have been buzzy dealing with sever issues the the request is made it make take a bit but it will be deleted.
"The needs of the many outweigh the needs of the few" - Spock
@dorset said in Account removal:
why are other websites able to achieve this but we cant?
I think you're confused with deleting an account and 'deleting' it. A lot of services have a flag that they can set to 'delete' an account. If that flag is set then all interactions with that account are denied. That allows you to easily automate it, but the actual deleting of the data happens at another time.
And occasionally your data is never really deleted, as I found out through https://haveibeenpwned.com/ .
A work of art is never finished, merely abandoned
Deleting an account does not work automatically as it is easy to build a connected systems with single sign on, but deleting users across all systems is not considered. It is possible to automate but we did not have the time yet. Of course a self-service would be the best.
In my personal opinion GDPR is a joke on this behalf. All we have is your email and one ip. It's a free service. And a lot of people waste my time by demanding to have the account to be deleted which brings them ABSOLUTELY NOTHING. It's their right, so we have to follow. But there is no strict time window in the law.
"Nerds have a really complicated relationship with change: Change is awesome when WE'RE the ones doing it. As soon as change is coming from outside of us it becomes untrustworthy and it threatens what we think of is the familiar."
– Benno Rice
@brutus5000 said in Account removal:
But there is no strict time window in the law.
That's not correct, as far as I understand it.
You must respond to a request for erasure without undue delay and at the latest within one month, letting the individual know whether you have erased the data in question, or that you have refused their request.
Though,
You can extend the time to respond by a further two months if the request is complex or you have received a number of requests from the individual. You must let the individual know within one month of receiving their request and explain why the extension is necessary.
"Design is an iterative process. The necessary number of iterations is one more than the number you have currently done. This is true at any point in time."
Newest map:
UK law is not relevant here. Danish law is. Company interpretation is also irrelevant (which any kind of blog or website on the web is), actual court decision specify the law.
In contrast to Anglo-Saxon law, jurisdiction in most EU countries is based on individual cases. There are no precedents that are used. In the case of FAForever and its peculiarities, a ruling can therefore be completely different than in the context of a for-profit company.
"Nerds have a really complicated relationship with change: Change is awesome when WE'RE the ones doing it. As soon as change is coming from outside of us it becomes untrustworthy and it threatens what we think of is the familiar."
– Benno Rice
@brutus5000 The article in question discusses the GDPR, which is an EU-wide privacy law. This website (specifically from the EU) has a copy of the complete law and discusses some of its articles.
In any case, I am not a lawyer, and you guys probably know what you're all doing. o/
"Design is an iterative process. The necessary number of iterations is one more than the number you have currently done. This is true at any point in time."
Newest map:
@IndexLibrorum Uk use DPA not GDPR since we left the EU
"The needs of the many outweigh the needs of the few" - Spock
@indexlibrorum said in Account removal:
@brutus5000 The article in question discusses the GDPR, which is an EU-wide privacy law. This website (specifically from the EU) has a copy of the complete law and discusses some of its articles.
In any case, I am not a lawyer, and you guys probably know what you're all doing. o/
Dude that website is not from the EU but from some consulting firm.
Also EU law always needs to be transfered into national law. And I mention this particularly, because some countries can decide go stricter than EU law, but never more relaxed.
"Nerds have a really complicated relationship with change: Change is awesome when WE'RE the ones doing it. As soon as change is coming from outside of us it becomes untrustworthy and it threatens what we think of is the familiar."
– Benno Rice