Ask HN: Co-founder wants to leave messaging startup because of GDPR

50 points by webish 6 years ago

We are a building a messaging platform ina specific vertical which allows users to exchange text/photo and voice messages. We have hired a lawyer to write a privacy policy and terms of use but they have not been updated for GDPR yet. However, my (technical) co-founder thinks we are leaving ourselves open to litigation because of how are system is designed. When a message is deleted, only the user's access to the message is deleted. The message is preserved until all recipients have deleted it at which time the full contents of the message are permanently deleted. This was done for efficiency, otherwise we would need to keep a full copy of each message for each recipient. To me this isn't much different from email: when you delete an email you only delete your copy, not other people's.

We are about a month from launch (we have both been working on it part time for 6 months) but my co-founder is having second thoughts. He doesn't want to spend the time and money to bring us into GDPR compliance. I have been learning to code and I feel I could maintain our current code but not redesign it all to comply with GDPR. I am hoping some more experienced startup folks can provide some advice about what I should do

skrebbel 6 years ago

Of course I'm missing all kinds of key context, but going off of your description I'd seriously consider letting him leave. Come up with some sort of deal that you're both satisfied by - money, a loan, converting his shares into non voting shares, whatever, but let him go.

I say this as the technical co-founder of an EU based messaging startup with the vast majority of users and customers being subject to the GDPR. If your co-founder finds a little bit of legislation to be so troublesome that he wants to quit, then he's going to be worthless when things actually get difficult. Even if the worst case is true, in legal terms, and you decide that you're forced to redesign the system to make the right to be forgotten (and while I'm not a lawyer I really doubt that that is a sane explanation of the GDPR), then it's just some refactoring work. It's not fundamental to the design or business model of your app (you're a messaging app, not a "sell user data app") - it's just an efficiency thing. If your co-founder can't even deal with that, then I worry that he defibitely can't deal with the emotional rollercoaster that will start when you actually launch.

That said, and IANAL, but I really wouldn't sweat it. If you can run a custom query to delete user data when requested then you're all good. Use that to see how many right-to-be-forgotten requests you actually get and consider automating things only after you know that it's going to pay off.

  • ralston 6 years ago

    > ven if the worst case is true, in legal terms, and you decide that you're forced to redesign the system to make the right to be forgotten (and while I'm not a lawyer I really doubt that that is a sane explanation of the GDPR), then it's just some refactoring work. It's not fundamental to the design or business model of your app (you're a messaging app, not a "sell user data app")

    Exactly. Unless the business model is built around collecting and reselling user data, then (without anymore context) it sounds like this should be a (slight) refactor, not an entire redesign.

  • repolfx 6 years ago

    Even if the worst case is true, in legal terms, and you decide that you're forced to redesign the system to make the right to be forgotten (and while I'm not a lawyer I really doubt that that is a sane explanation of the GDPR)

    Well, this example of deleting messages sent to other people has come up in other contexts before, it's one of the first questions people think of when asking about the RTBF. And as far as I know there's no canonical answer, like everything else it's open to interpretation.

    You don't think it's "sane" but your entire argument is predicated on the assumption that GDPR is a sane law. IF you agree that such an interpretation would be insane, can you show that it's clearly wrong? And if not, would that change your opinion of the law?

viraptor 6 years ago

I'm not a GDPR expert, so please confirm with your lawyers, but my reading of https://gdpr-info.eu/art-17-gdpr/ is that you only need to remove the personal data, not old messages which still serve a purpose (they're a part of communication channel). Specifically, none of the grounds from point 1 apply:

a) data is still necessary (part of message chain)

b) consent wasn't necessary, the message was required for the messaging component of the service

c) again, necessary processing is excluded

d) it wasn't unlawful

e) I'm assuming you're not in one of the member states and this doesn't apply

f) it's not related to child consent

If anyone disagrees here, I'd be really interested to know why.

(Sethammons is right though that the headers / metadata would be likely covered)

  • jdietrich 6 years ago

    Art.5(1)(e) says "Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed".

    The messages themselves constitute personal data, as defined in art.4(1). Data doesn't need to be tagged with someone's name, address and social security number to be personal data - if you could even hypothetically identify someone based on that data, then it's personal data. Even if the users of this service never divulge any personal information about themselves in the content of their messages under any circumstances, they could still be identified by stylometry.

    There's a reasonable argument that retention of old messages is a necessary feature of the product, but I'd be strongly inclined to delete everything from the servers as soon as it's delivered. Old messages stored on the user's devices aren't your problem as long as your involvement in the processing of those messages was lawful. I'd also be strongly inclined to implement end-to-end encryption unless there's an overwhelming reason not to, because it adds a valuable layer of protection for both you and your users.

    https://gdpr-info.eu/art-5-gdpr/

    https://gdpr-info.eu/art-4-gdpr/

    • everdev 6 years ago

      I would follow other prominent players in the space. When I delete my tweets, are those retweets and replies also deleted? When I delete my FB or Whatsapp account, are my messages deleted from recipients accounts?

      As a lean startup, I wouldn't pay my own lawyer to figure out what hundreds of well paid lawyers have already decided.

      You could write tech support for these companies and ask exactly how their GDPR compliance works. I'm sure they'll be happy if not legally obligated to tell you.

      • jdietrich 6 years ago

        >I would follow other prominent players in the space.

        Facebook can afford to play fast-and-loose with the rules. They have an army of lawyers waiting to contest any ruling from a supervisory authority. They have an army of developers ready to redesign their product if they're ordered to do so. They have an army of DBAs and CSRs to manage deletion requests and subject access requests.

        If you're running a startup that collects and processes lots of personal data and your resources are rather more limited than Facebook, it's sensible to interpret the GDPR cautiously. The more data you collect and store, the greater your potential liabilities. We're habituated to hoarding personal data, because the cost of storage is effectively nil and it might be useful at some point in the future. GDPR makes Schneier's argument that "data is a toxic asset" into a business reality.

        https://www.schneier.com/blog/archives/2016/03/data_is_a_tox...

      • ldjb 6 years ago

        When you delete your tweets, then yes, assuming people retweeted using the Retweet button, those retweets are also deleted.

        Replies are not deleted because those belong to the senders, not you.

        As for Facebook, it is true that deleting your account does not delete your messages. That's something they have been criticised for. However, I believe deleting your messages does result in recipients being unable to access them (except from cache, of course).

  • weinzierl 6 years ago

    Also not a GDPR expert, but I disagree about the applicability of Art. 17 GDPR.

    What I have learnt about GDPR so far is that as long as you can argue the data is necessary and you get consent you are probably good to go. For the kind of service you are providing the messages are still necessary.

    I wouldn't rely on the fact that messages are or are not personally identifiable information. This is in my opinion just too risky and unnecessary.

    Again I'm not a lawyer and not a GDPR expert but you should talk to both. It's likely that your company needs a data security officer anyway and they should be the GDPR expert for you to consult in these matters.

tripletao 6 years ago

Your co-founder's problem is that he thinks the GDPR is a law, in the sense of "a document a judge can use to objectively determine whether an action is or isn't lawful". The GDPR is a statement of general principles, with the implication that if you behave more or less in that spirit then the regulators won't go after you. If you are accustomed to the rule of law, then you won't like the GDPR.

But you don't need the rule of law. Myanmar locked some Reuters reporters up with no convincing legal basis; and yet I can visit the country with no special fear that I'll get locked up, because I know more or less what their government likes and dislikes, and I know that I'll stay well away from the line. You can do that too. The EU obviously won't come after you for the email deletion issue, just as Myanmar obviously won't lock up a visiting businessman who sticks to business--there are too many easier targets.

Your lawyers can't help you, because this isn't law. They'll just say "it depends", because that's all the text of the law allows them to say. (Although, I do enjoy watching people who seem to be general proponents of the GDPR confidently take contradictory positions here.) I seem to be the only one who think this degradation of the rule of law--from the EU, a region that basically invented the concept--is bad; but even I agree that it's no major obstacle to doing business.

  • skybrian 6 years ago

    I think you've nearly defined "law" out of existence? Law doesn't work like math or computer code. It's always subject to interpretation and lawyers will generally give you advice about what to expect based on experience, not guarantees.

    There are some areas more settled than others, but this is a continuum, not a crisp boundary.

    • tripletao 6 years ago

      I certainly agree that it's a continuum, and that an attempt to remove all judicial discretion will yield an impossibly long law still full of loopholes. (As an aside, I think this is why cryptographic smart contracts are grossly oversold.) The GDPR just seems unusually close to the lawless edge of that continuum by the standards of a Western legal system, considering the vagueness of the rules and the severity of the statutory punishments--20M EUR for a small company is a corporate death penalty.

      But again, you don't need law to do business. I can visit countries where people face the literal human death penalty with negligible due process, and still feel quite confident that I'll be fine. By the standards of worldwide lawlessness, the GDPR is great; but that's a pretty pathetic standard.

    • repolfx 6 years ago

      That's true but a part of the general political tension between parties is, at least in theory, to what extent law is interpreted by judges vs written by politicians.

      The theory is that laws should be written by politicians and merely applied to specific cases by judges, because politicians are accountable and judges are not.

      When you have laws that state virtually nothing and rely entirely on interpretation, that's the same thing as moving power away from elected political bodies and into unaccountable elites. This is, not coincidentally, exactly what the entire EU project seems to be constantly engaged in, so it's perhaps no surprise that the EU particularly enjoys passing vague laws that move power away from national politicians and towards the Commission and ECJ (the ECJ judges are appointed by the same process that decides the makeup of the Commission).

      • dragonwriter 6 years ago

        > That's true but a part of the general political tension between parties is, at least in theory, to what extent law is interpreted by judges vs written by politicians.

        In the US, at least, that's true in the rhetoric of one of the parties, but the opposing party doesn't argue the opposite side, just argues that the side that claims it is an issue is hypocritical in its rhetorical stance.

  • gist 6 years ago

    This is exactly true. I think part of the issue is that many people worried about this don't have a history and seat of the pants feel for how things like this roll out. The 'tech brain' deals in preciseness but business (and life) is about nuance and typically more practical in terms of what happens, when and to whom.

lmkg 6 years ago

The Right to Erasure is not absolute. A Right to Erasure request can be denied if you can describe an "Overriding Legitimate Interest." This has to be stronger than a regular legitimate interest that enables processing in the first place, but it's possible. The specifics will definitely require a lawyer, but I think it's possible to describe an overriding legitimate interest that allows you to retain message contents.

Denying a request is not a simple yes/no. You can delete some data but not others, or delete data under certain conditions but not others. The principle of Data Minimization still applies to your overriding legitimate interest: only retain the data that is strictly necessary for that specific interest, which is likely less than the original data necessary.

Probably the trickiest issue is going to be "what if the user sent a message that contains PII?"

  • nodesocket 6 years ago

    Does the Right To Erase apply to archived backups? I.E. we delete an account, but it still exists in database dumps backed up to S3.

    • repolfx 6 years ago

      Nobody knows. Lawyers seem to split 50/50 on the issue, like everything else GDPR related.

      I think even asking questions like this is missing the point by now. See the discussion above. The GDPR doesn't say if backups are OK or for how long. They might be or might not be depending on whether a random EU official believes your justification is "legitimate".

      In other words, stay in the Commission's good books and you'll be fine. Take a position the Commission doesn't like and suddenly your backups might not be so legitimate after all.

    • ldjb 6 years ago

      The GDPR applies to all personal data you hold, even archived data. And therefore any associated rights apply to all data you hold, too.

      Of course, you might have an Overriding Legitimate Interest for that, too. For example, you might be required by law to retain some customer data. And therefore you might be in a position to refuse to erase certain archived data.

      But otherwise, there certainly could be situations where you would be required to erase archived data.

jiveturkey 6 years ago

Short and sweet. Let him go. founders and execs need to be able to weather the storm (any storm not just gdpr). this is regardless of whether you can actually be compliant or not. your co-founder is too risk averse, let him go.

that said, you need actual legal advice here. it doesn’t sound to me like your current design can be compliant but you need expert counsel to decide. then if the answer is no, are you prepared to change your design?

also, you have “been learning to code?”. no, you need to bring on an experienced person if you want to deal with personal data. sorry, that’s table stakes in 2018.

xstartup 6 years ago

In fact, you can pay customers of your competitors $100 to ask them to request erasure of data from their competitor. Have fun!

  • jdalgetty 6 years ago

    This is the sort of thing that worries me. Are we going to see a whole bunch of GDPR trolls show up and try to extort businesses for money?

    • ci5er 6 years ago

      Why would you (could you) not expect this to happen?

      I know the expression "This is why we can't have nice things" is trite and cliche, but every "good" thing I've seen online for over 40 years attracts parasites (depending on your definition of parasite). (Some of them are quite clever, ... so it makes me wonder why they don't point their genius at more positive activities...)

    • kasey_junk 6 years ago

      One of the few things you dont have to worry about with GDPR is private firms trolling you.

      The regulatory agencies are an open question...

      • repolfx 6 years ago

        Private firms can't sue you for GDPR violations but they can encourage customers to file requests that are expensive to deal with. It's not just over-broad erasure requests, it's the right to get a data dump of everything the company knows about you (this is like the worst case for big firms that don't have joined up IT systems).

        I doubt private firms actually will engage in that sort of trolling though, at least not at any volume. NGOs and activists on the other hand, I fully expect that. They're always looking for ways to punish firms who they dislike. Normally that's restricted to boycotts, in recent times they've experimented with attacking advertisers for companies that rely on advertising ... GDPR requests will likely become a new battleground.

ldjb 6 years ago

Are the messages stored on your own servers or on the users' own devices?

If they're on your servers, it should not be necessary to keep multiple copies of the same message. You could make it so that if the sender deletes a message, it is removed from the database and becomes inaccessible to recipients.

If the messages are stored on users' own devices and not on your own servers, then that is a different situation and is more like email.

  • webish 6 years ago

    They are stored on our servers. The problem is, not all users will want the message deleted just because one of the recipients does. This creates a conflict with the GDPRs right to have information deleted. Recipient A might want the message deleted but recipients B and C may not

    • ldjb 6 years ago

      Suppose you have a Message_Recipients table in your database with the following columns: message_id, recipient_user_id, deleted.

      If a particular message has three recipients, then it will have three entries in this table. The 'deleted' column is a boolean that is initially false. But when a recipient deletes their copy, 'deleted' becomes true and the message will be hidden in the UI for that recipient only.

      If it's the sender who is deleting the message, then just delete it in the Messages table, and no one else will be able to view it.

      • webish 6 years ago

        Our current implementation is similar to this, bit if the sender deletes a message, don't the recipients have a right to retain a message that was sent to them? For their own records I mean. This is what's causing the difficulty. A sender's right to delete the message vs a recipient's right to keep copies of messages sent to them.

        • jdietrich 6 years ago

          >don't the recipients have a right to retain a message that was sent to them?

          No. There is no "right to retention" in the GDPR. Users have the right to access any data you hold that relates to them (with some exceptions), but you are under no obligation to retain data. GDPR requires you to do the exact opposite - delete (or thoroughly anonymise) data as soon as possible.

          Art.5(1)(e) says "Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed". If you're aiming for maximum GDPR compliance, it would be sensible to delete the messages from your server as soon as they have been delivered to the recipients. You're a messaging service, not an archival service; storing the messaging data or metadata indefinitely is contrary to the principles of the GDPR and exposes you to liability if that data is ever leaked.

          I'd also question why you need plaintext access to user messages in the first place. End-to-end encryption protects you and your users. If you can't access the data, you can't inadvertently breach the GDPR.

          https://gdpr-info.eu/art-5-gdpr/

          • jdietrich 6 years ago

            Would any of the people who downvoted my comment like to explain their point of disagreement? If you believe my statement to be factually wrong, it would be more useful to correct it rather than simply downvoting it.

          • x0x0 6 years ago

            You probably need plain-text access so that messages can live on the server rather than the device. It is a common desire for users to (1) use more than one device; (2) sign in a new device and have access to message history; (3) message search to work. You can probably put these together in an end-to-end encrypted system -- can apple access old messages on a new device? -- but it's very complex.

        • lapnitnelav 6 years ago

          You might need to provide more context here.

          Depending on whether it's targeting businesses or consumers, expectations and needs are different.

        • x0x0 6 years ago

          You really ought to talk to counsel. I founded a startup, and the thing I didn't know before I did that is lawyers will front you legal fees. A typical arrangement with a good valley law firm goes like this: they agree to front you $15-$20k in legal fees, payable immediately upon a raise exceeding $500k. They won't front you cash they have to pay out, ie you'll have to pay filing fees or other stuff, but the majority of your expenses will be legal time. This fee arrangement isn't necessarily available to any random, but if you can get a warm intro to a startup partner at a good law firm (Wilson Sonsini, Gunderson Dettmer, Cooley, etc) you may be able to get this arrangement. Of course, they're not necessarily going to hand it out to anyone who asks.

          As for the GDPR: The GDPR applies to "personal data". A user's email is certainly personal data. But if someone says a person's name in an email, that is also personal data.

          Your problem is you have to either cover everything under consent or use legitimate interests and weigh -- ie conduct a balancing test as (very hand-wavingly) specified by the GDPR -- the balance between a data subject requesting a deletion's right to privacy and the legitimate interests of the other message recipients in retaining messages. A privacy lawyer can help walk you through doing this. Your other alternative is, if you have a lead regulator, directly reaching out to them and asking for guidance. If you haven't, or can't, establish a lead regulator you may try the ICO. They've staffed up in an effort to be the one stop shop of choice, though the UK decided to leave the EU so who the hell knows what's going to happen. Alternatives include ie / DPC.

          In particular, A17 specifies:

          NB: A6.1.a is consent.

          > (1) The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

          > a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

          > b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;

          So your path seems somewhat straightforward: remove the link from the deletion requester to the message, and make sure your statement of purpose in the consent says that you will delete iff all recipients request deletion. This does mean you need to carefully write your GDPR consent forms for your service, but see lawyer bit above.

    • codedokode 6 years ago

      What if the user posts something that violates US laws, for example, terrorism-related content, secret information related to national security or child porn? What if you receive a court order to remove the message? What will you do? You just should do the same thing with GDPR requests.

iends 6 years ago

The easiest solution is to block access to EU citizens.

sethammons 6 years ago

My understanding is that you have to be able to remove PII like usernames, email addresses, and such. The actual message sent to other recipients is not covered, but the envelope information would be. For envelope look up (sender, recipient), have those as hashes that are in a look up table. If the sender sends you a GDPR request, delete them from your hash look up and display "user deleted" as the "from" user on the message.

Obviously, run this through your lawyer as I am not one.

  • jdietrich 6 years ago

    The GDPR is not concerned with "personally identifying information", but "personal data". It defines the latter very broadly, viz:

    ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

    Even if they're completely stripped of metadata, instant messages are highly likely to contain information that could indirectly identify the sender or recipient.

  • lmkg 6 years ago

    The message contents may contain PII as well. For example, you could send your phone number or mailing address to someone else.

keerthiko 6 years ago

IINM, un-processed contents of encrypted messages do not constitute personally identifying information (PII), and if a user deleting their account or deleting a message deletes the correlation between the message and their user/account/id from your servers.

The complicated part is your intent to preserve it for the other participants in the thread. I think it's ok to allow a message author to cause their messages to be deleted from all other users as well (maybe leave a <deleted> bubble in its place). If an entire thread or account is deleted, you can just remove the association to the user and preserve the messages itself.

It's a bit messy the more you want to preserve despite a user's wish to GDPR-bomb their data, but I don't think untenable.

afpx 6 years ago

Think of it in terms of sunk costs. If your business model is still sound, redo your financial analysis from today forward. Estimate the costs to alter the design as well as probability and impacts of litigation. Then forecast those costs out to see where your breakeven point is.

sls 6 years ago

You are hearing a lot of different advice about what GDPR compliance means, and until that is settled (or proven so unsettled as to be unknowable), you lack a key factor in your business decision. My advice is to consult an attorney who you trust to be knowledgable about GDPR compliance and find out what exactly you need to do to become compliant, or to determine what the options are and what level of comfort you have with them. Then you can make the call whether you want to spend the required effort.

The upside here is that this investment also opens the possibility of giving your co-founder the confidence that they need to stay with the project, should the answer be that the compliance work is small / simple.

nolite 6 years ago

Let him go. You're going to face business killing issues like this ALL the time.. several times a year. If he's already showing signs of quitting, it's only a matter of time before he does.

Save yourself some time and heartache - find a new co-founder

mand1575 6 years ago

Not knowing much about your startup and where it is based and the user base that you are looking to tackle. Being in finance my company deals with GDPR and various other regulatory requirements, that doesn't mean you don't develop a product. May be he needs to better understand the requirements. https://www.eugdpr.org/key-changes.html

Get a good lawyer and have the CTO focus on delivering technical solution after all that his job, if the going gets tough and he gets weak knees get him out...

Ring fence your product to region for launching so you don't get side swiped...good luck.

orcs 6 years ago

First the obligatory: I'm not a lawyer or expert on GDPR.

My question is if your app simply passes on messages between users of the app and doesn't store these messages how can you be held accountable for what's being held on the users device, even if it is a different persons message? Your app has simply processed that users data with their consent, at the time, and passed it on as they wanted.

The other issue, if the answer to the above is: 'yes', is does the GDPR expect you to be able to go into a user's phone and delete content from their phone at the request of another user? Surely that's not legal?

Like I say I'm no expert, simply asking questions.

nextweek2 6 years ago

Sounds like a get out clause from the co-founder.

How many requests do you actually think you'll get in a year? Some industries mandate data retention which overrides GDPR.

Is your business model going to implode if 0.01% of messages are deleted with due cause? You are only liable if you fail to complete the request in time. Plus how much longer until you have a GDPR friendly agreement which lets users know once a message is sent it is no longer personal data? If the sender gets deleted the recipient would see from 'deleted user'. This is kind of how stackoverflow.com do it.

GDPR is extra work but it's not shut up shop work.

btmm 6 years ago

This is pretty basic:

a) By sending a message, the user is consenting to the contents of the message being delivered.

b) The user is entitled to request that you (the messaging service) deletes their details but you have a legitimate business reason for retaining the message details (ie. someone else that you are serving is using them).

That said, if your co-founder isn’t more committed than this, then let him go—just make sure you have a legal document stating that he gives up all rights.

  • btmm 6 years ago

    I should add that I have worked on a messaging service recently, and that is the advice that a qualified UK-based solicitor provided in their case.

    I doubt your case is any different.

codedokode 6 years ago

I don't see what is the problem to delete user's messages at their request. Just replace its text with "message deleted" for example. It doesn't require anything advanced.

It seems that your co-founder just doesn't like GDPR and users' rights. It is a political, not a technical problem.

If someone will post something that violates US laws (for example, terrorism-related content or child porn), will you refuse to delete it too?

Alex3917 6 years ago

> When a message is deleted, only the user's access to the message is deleted.

It's going to take all of 30 seconds until someone sues Google and asks for them to delete sent messages from someone else's inbox. Regardless of whether or not what your doing is legal (and I think you're in the clear), you're not going to be the test case here.

  • orf 6 years ago

    You can't sue for perceived GDPR issues.

    • repolfx 6 years ago

      No, but you can request deletion.

      And then you can complain to a regulator.

      Bear in mind there are, like, 28 different data privacy regulators in the EU. So all it takes is a few people in each country to file such a request, get denied and file complaints with the regulator, and now you've got 28 official committees looking into it.

      If all of them decide it's OK, no problem. If back here on Earth some of them disagree, well, there's a super-committee that's supposed to enforce a uniform treatment, so it'll get kicked up to the EU to decide.

      And then what happens probably depends on who the test case is about. My guess - they'll ignore complaints until they're against the FAANG companies. And then they'll decide compliance wasn't good enough, and hand down a fine. Let's wait and see.

    • caymanjim 6 years ago

      You can sue for anything. It may be dismissed for legal reasons, but that sets precedent. It may be settled without setting a legal precedent. In either case, there are material and immaterial costs involved.

      • orf 6 years ago

        > You can sue for anything

        Sure, but that's nothing to do with GDPR and can be done today.

        Tacking GDPR onto a frivolous suit doesn't add anything and also doesn't set any precedent.

        The law clearly sets out how to handle GDPR complaints, and it's not via the courts.

baby 6 years ago

I'm confused. Do you have anyone with technical capabilities on the team to realize that the changes needed are not difficult to implement? That's a database delete. If you're advertising your app as being secure and etc. then don't do that. Be honest to your users as what you're serving.

atmosx 6 years ago

I believe that if you make crystal clear to the sender that his messages are publicly available to all parties until everyone deletes the message and also include this to your Privacy Rules, you'll be fine. Doesn't seem like a big deal.

LoSboccacc 6 years ago

Take some litigation insurance from the company that follows your gdpr deployment so that he has not to worry about liabilities

whatyoucantsay 6 years ago

GDPR is a train-wreck. I'm fully behind the motives, but like many high-level initiatives it has the effect of further tilting the playing field in favour of incumbents who have the financial and legal resources to accommodate it. Europe needs to rein in Facebook, but not at the cost of any hope of the next Facebook being European.

originalsimba 6 years ago

A slightly different angle...

I would abandon your project too. Messaging is the new Social Media, which is to say the market is already flooded and nobody needs another one. In addition to that matrix.org is going to kill it.

I was taught the best approach to programming is to find problems and solve them. Messaging hasn't been a problem since 2000 or earlier.