Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Does Disconnecting Comments Instead of Deleting Comply with GDPR?
7 points by I_am_tiberius on Nov 26, 2023 | hide | past | favorite | 9 comments
I recently contacted Hacker News support regarding the deletion of comments. They informed me that rather than deleting comments, they only disconnect specific comments from the user profile, meaning the comments remain online. As a European user, accustomed to online services deleting my data upon request in compliance with GDPR, I find this practice surprising. Is this approach common for online platforms outside of Europe, and does it comply with international data protection standards?



The GDPR protects personal data, i.e. information "related to an identified or identifiable natural person." https://gdpr-info.eu/issues/personal-data/

Unless the comment itself identifies you in some way, removing the connection to your user profile renders it no longer personal data.

The reason other platforms may decide to simply delete everything when you ask are: 1. they don't care about your old stuff; 2. they don't want to spend time checking individual cases. So they pick the cheapest option.


You have to be veeeeeeeeeery sure that the commend didn't contain any personal data though. Just because somebody submitted it willingly doesn't mean you get to keep it.


But your writing style can probably be used to identify you by an advanced AI, so every text written by you is personal in some way.


It could be done with a non-advanced non-AI for decades. E.g. by metrics like vocabulary and simple markov statistics.

You don’t expect posts to be deleted on request. Because e.g. the internet archives will still contain them and have no way to identify you to “comply”. There’s privacy in labels, but not in essence. Just accept it.


Still I believe it's illegal what Paul Graham does here.


> Is this approach common for online platforms outside of Europe, and does it comply with international data protection standards?

Yes and no, respectively.


The GDPR twigs me out, and has since I first heard of it. I'm glad I'm not writing code for the EU. I've spent decades trying very hard NOT to lose data, and they just want to force systems to add data loss, and the inconsistency that generates, as a feature.... it's just sooooooo wrong.

It's wrong in the same way that DRM is wrong.

Am I alone in this?


Do you care about data or do you care about people?


Both. It's un-natural to require a database to delete records and logs from the middle of a table... it makes it quite possible to have errors that you can't ever track down because of this weird programming. It effectively changes the "laws of physics" for databases.

It's not a good thing.

I understand the right to be forgotten, but fscking up database integrity is a horrible way to do it.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: