8 specifies that we should have a data expungement mechanism, but only mentions it as a mechanism for site staff. Users are only allowed to replace their own content with new versions ("edit") and/or hide their posts ("delete"). However, certain jurisdictions require data expungement (not just hiding) be user-accessible in certain conditions - notably, the EU General Data Protection Regulation (GDPR). Furthermore, while there might not be a legal requirement to remove information, there may also be a moral one; say if someone had posted personal information relating to themselves (e.g. dox).

This should not be an automatic process. Users wishing to expunge data must be required to submit an expungement request listing the data to be destroyed. It must be possible to request expungement for data the user did not post; e.g. dropped dox. It should also be possible to submit proof of identity or proof of jurisdiction (e.g. for GDPR requests). This expungement request must then be reviewed by site staff and either approved or denied. If approved, the system will automatically issue expungements for the data covered by the request.

kmeisthax / Forum9000

Self-expungement requests (GDPR right to erasure compliance, anti-doxing) #15