I agree that deleting, without an explicit request to do so, user-entered information is a violation of the user’s data This applies when the user has set up an account on the system.
If he/she has never created an account, then I see no problem cleaning up the system when the user deletes the last subscription, as any remaining data presumably has been created by the server. Keeping that information on the server without the knowledge of the user is not right.
Yours,
Allan Hansen hansen@rc.org
On Nov 2, 2020, at 19:51 , Stephen J. Turnbull <turnbull.stephen.fw@u.tsukuba.ac.jp> wrote:
Brian Carpenter writes:
This is in regard to our Affinity/Empathy UIs. I believe the issue [about data retention] that was raised originally in this thread/post still exists with Postorius/Hyperkitty.
I don't speak *for* the Mailman team on this, but my *impression* from these conversations is that we have a consensus on the team: deleting the User data (authentication and profile) is a very big deal that should be done only on explicit request, not as an automatic side effect of other changes. We understand that others have a different opinion, but we think that this is a difference of opinion, not a mistake on either side.
My own suggestion is that we *should* provide the *option* to delete the User data, and prompt for it, when that User's last subscription on the server is deleted. Note that there is a race condition where the user deletes the second-to-last subscription and an admin then deletes the last one. The user won't see the option, but the admin will. I can see this as a bad outcome, depending on user's intent, whether the admin deletes the User object or leaves it in place.
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/