Handling of deleted posts/users for forensic purposes

[franklindyer]

Right now, when a user deletes their account or deletes a post, the account/post is completely erased. This is inconvenient for triaging suspicious events by looking at the logs: logs refer to users/posts by their IDs, but the logs may refer to a user or post that no longer exists. Even worse, the log might refer to a deleted user by their ID, and a newer user might currently possess that ID, meaning that the log event might be misattributed.

Not sure yet how to fix this. Thoughts?

One idea is that we might not exactly "delete" users/posts, but rather "archive" them, so that they appear deleted to all other users but are still available for forensic purposes.

[altheaden]

the log might refer to a deleted user by their ID, and a newer user might currently possess that ID How is the ID assigned? Are we just incrementing a number somewhere, or do we re-cycle old ID numbers at all? It seems weird to me to re-cycle the ID numbers, ever.