On Oct 27, 2020, at 11:07 PM, Stephen J. Turnbull <turnbull.stephen.fw@u.tsukuba.ac.jp> wrote: But it's not just the architecture. Even the requirements are controversial. I'm on record that it might be a good idea to remove the User (ie, the profile of PII in the database) when the last subscription is deleted, but should that be automatic unless inhibited, should it be an option offered but default to "keep", should it be an operation done only on specific request? In any of those options, since this is a major deletion of presumed unneeded but in some cases valuable data, we should provide a convenient but cautious UI. Should there be a temporary backup of the data in case the user changes their mind? Is that GDPR conformant? Maybe the user could download their profile for later upload? Maybe that could be portable across Mailman 3 sites, with some kind of semi-automated merge UI?
Most important is to offer an UI to completely delete users for subscribers and list admins. Currently delete account shows this message "Are you sure you want to delete your account? This will remove your account along with all your subscriptions.” This is not true and needs to be done. This is the promise here. Otherwise it should say “some data is removed but if you really want to remove all data you need to track down the person who can do that by removing you from the db" As a subscriber to several MM2 lists, forums, social networks, …. My expectation is to have the option to delete all my personal user data if I wish to do so. As a admin for a MM3 list I need to have the option to delete the data I have created. I can subscribe someone. Subscribe is also creating a record in a db. If I unsubscribe someone I want to be able to delete that record in the db. Once a user create an account and/or has other active subscriptions I don’t expect to have this power. User or some other list admin has taken responsibility to (co)own this record.
How about the user's archived posts? How about quotations of the user in *other's* archived posts? Just designing this is not easy, but because it might involve changes in the architecture, we do need to design in advance. This is not the kind of change where "move fast, lose user data, and break everything" makes sense.
User created these posts and released them to be sent to all other subscribers. If the list is public then that means to everyone on the internet who happens to find the archives. Archives could be copied and mirrored and there is no way to erase history. Having an UI to delete archived posts is good to have. But it’s unreasonable for a user to expect that they can go back in time and undo what they did. If a admin is really concerned they need to have every user to sign a contract. Even turning off archives will not prevent other subscribers to keep old posts and repost/reply/archive in some other ways. It’s same for any forum or social networks like Facebook, google, next-door, twitter …. They send out emails with data provided by others. While a user can delete their account the emails are no longer under control of the platform.
I'm not saying we can't do it, but we also have our priorities, and limitations. Also, I don't think we can, let alone should, do that design ourselves. Even if it's not reasonable for you to contribute code or money, we do need to know the community's requirements, and because it's often pretty fuzzy stuff, I think it's reasonable to ask *why* a feature is needed -- we may be able to negotiate a change that's easier to code or less fragile in operation if we know what the underlying need is. So members of this list can help a lot by (1) answering the questions I asked above, (2) coming up with more questions (and answering them), and (3) turning the whole thread into concise requests for enhancement on the tracker.
Fully agree, as a developer it’s impossible to know how product will be used. Offering a UI to control settings as much as possible to a user/admin is important
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/