Hacker News new | past | comments | ask | show | jobs | submit login

If you have public GitHub repos, people crawl them all of the time. I've seen at least three top-of-HN articles that say something like: "I scripted through 10 billion LOC on GitHub, here's a bunch of passwords", or something to that effect. Just set your repo to private if you don't want it in the vault, and if it's open source anyway, who cares?

Then why have the option to delete public repos at all? Public tweets? If we had the means, should the web as a whole be append-only?

There’s a big difference between “public” and “stored in a glacier forever”.

> If we had the means, should the web as a whole be append-only?

You probably meant this as a rhetorical question, but I'd argue that yes, (for public available data at least) it probably should be. It'd enable solutions to a lot of problems we have with the current web, not least archival and broken links.

Honestly, I would argue "stored in a glacier forever" is drastically more private than anything you've ever set to "public". The number of people who can actually get to and read that data is incredibly minimal.

There’s no reason to believe they won’t have an online copy of the 2020 snapshot too. Isn’t that kind of the point? For future generations to be able to use it?

The online copy is... GitHub itself. Which is current and up-to-date, and you can continue to remove your data from. The 2020 snapshot is useful historically... like a time capsule. There's no reason to invest the resources in keeping it online. And if it was online, it would have major regulatory problems, such as GDPR.

So there's a lot of reason to believe the 2020 snapshot won't also be online.

ha, I am very curious if GDPR does apply to the offline snapshot. it will literally be on EU soil!

It will likely apply, still I imagine that they can simply pretend it does not.

My intuition is that archiving data for long term historical use is different from datamining a [meta]data to maximize invasion of privacy. Also there is a difference in accessibility, stored inside a glacier very few people are going to actually read it.

I believe that if mass complaints from all over the EU emerged it would be a different story. But this does not look like the activities the GDPR was created for

It will absolutely not apply. GDPR has provisions both for archival AND for cases where the removal etc requests are deemed unreasonable.

This makes me wonder: How does GDPR apply to books? Essentially what's happening here, is that GitHub is printing off a "paper copy" and putting it in a box somewhere.

You can't exactly GDPR request deletion of your information from a printed book, so I'm curious how GDPR applies to such physical archival mediums.

Norway isn't in the EU

But Norway is in the EEA, where the GDPR also applies.

> Then why have the option to delete public repos at all?

So you can feel better?

There is an important choice in deleting a public repo, even it has been archived elsewhere. At the very least you are no longer claiming that it fits your criteria of public portfolio.

I feel the term "deleting" is misleading.

It's more akin to "hiding" - to me, deleted means unrecoverable, by anyone, at any time.

Even your OS doesn't "delete" files, until the actual sector on the drive is overwritten (depending on media used, of course).

> If we had the means, should the web as a whole be append-only?

Yes, probably

>If we had the means, should the web as a whole be append-only?

I'm going to go against the HN zeitgeist and say no.

If I have the right to publish something to the web, I should also have the right to edit and delete it if I so choose.

You do have the right to delete it. And others have the right to make a copy before you do.

That's fine, but that's not the same as the web being "append-only."

It is a saying that

"What happens on the Internet stays on the Internet. Forever."

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact