Wildcat Media
Well-known member
We had a request come in last week that was quite strict in its demands. This member asked years ago that we delete their account. We typically will anonymize the account by changing the username, clearing out their profile data, and deactivating it. We would temporarily ban an account before anonymizing it, but in this case we overlooked it. Not a big deal, as we typically would complete the job and go on our way. This member participated many years ago, and didn't post a large amount.
But this person's request...
They're requesting all posts be deleted, as well as all the quotes of their posts in replies. Seriously? One part of the message claims they should not "self service" their request by asking them to provide links to all of their posts...yet we're supposed to place an undue burden upon ourselves to do this? This was among other demands regarding their activity on the forum, and demanding how we are to proceed and follow up with them. Not happening!
This state law gives us 45 days to respond, so we're taking our time. In the meantime, we're anonymizing the account and will run a query to change the quote attributions.
In addition, I've also suspected that this could be harassment--this person provides us with no real name, and no identification as to whether or not they reside in the state whose laws they are claiming to be protected under. I proposed that we request a picture of their photo ID, and other proof of residence, before we comply. In addition to showing us exactly where, in the state laws, it says that we need to be removing content. I've read through that law; there's nothing in there about it. This person didn't even sign the email with anything but their forum user ID, not a real name.
Not only that, reading more into the law and based on the state's own web site, the law doesn't even apply to us anyway.
(State is redacted in case that person is trolling this forum.) Nobody really defines what "processing" means in this context. The forum has under 150,000 members, but many are dead accounts. As for "processing," I would tend to think that this refers to members signing up to a forum per year which, after 23 years, would amount to only a small fraction of our total membership. Certainly, accounts sitting dormant are not being "processed" in any way. The second portion of course does not apply, as we do not sell personal data. On that point alone, I would consider blowing this person off (in other words, we anonymize the account, and we're done). "Commercial products or services" also does not apply to us. We run on donations; we don't sell anything for a fee or price.
Again, we anonymize as a courtesy. Even our forum policies state that we do not delete posts on demand. I kind of doubt that the many privacy policies around the world request content removal (as long as it doesn't contain personal information, for obvious reasons).
Anyway, all of the above is just me, venting. We've already decided what to do.
What's bothering me the most here is that this person's message reads like boilerplate, almost like a privacy company provided it like a form letter for this person to fill out. It comes out sounding legal, yet even the section of the law they claim exists in this state isn't even properly referenced! I eventually found a reference to this person's nonsense on the law.justia.com site, where this disclaimer is posted:
I did try a Google search using some of the phrases in the email to see if it came up as boilerplate, but I found nothing so far. I'm not spending much more time on this, however. This type of email was structured in a way to sound legal, and vaguely like a threat. It's not something our typical member would compose on their own, in other words. I've never used any privacy services (although I'm about to...I'm tired of the intrusions), but if anyone has seen anything similar, it would be interesting to hear about it.
And also, if you've actually read the law to see what applies, have you blown off similar requests if the law does not apply to your situation? As I pointed out above, per the state's own web site, the law only applies to certain entities, and we could not be categorized under any of them. We'll still honor a removal request anyway (by anonymizing/clearing out an account) if asked nicely, but removal of content is completely out of the picture unless they've posted personal information within that content.
But this person's request...
They're requesting all posts be deleted, as well as all the quotes of their posts in replies. Seriously? One part of the message claims they should not "self service" their request by asking them to provide links to all of their posts...yet we're supposed to place an undue burden upon ourselves to do this? This was among other demands regarding their activity on the forum, and demanding how we are to proceed and follow up with them. Not happening!
This state law gives us 45 days to respond, so we're taking our time. In the meantime, we're anonymizing the account and will run a query to change the quote attributions.
In addition, I've also suspected that this could be harassment--this person provides us with no real name, and no identification as to whether or not they reside in the state whose laws they are claiming to be protected under. I proposed that we request a picture of their photo ID, and other proof of residence, before we comply. In addition to showing us exactly where, in the state laws, it says that we need to be removing content. I've read through that law; there's nothing in there about it. This person didn't even sign the email with anything but their forum user ID, not a real name.
Not only that, reading more into the law and based on the state's own web site, the law doesn't even apply to us anyway.
(State is redacted in case that person is trolling this forum.) Nobody really defines what "processing" means in this context. The forum has under 150,000 members, but many are dead accounts. As for "processing," I would tend to think that this refers to members signing up to a forum per year which, after 23 years, would amount to only a small fraction of our total membership. Certainly, accounts sitting dormant are not being "processed" in any way. The second portion of course does not apply, as we do not sell personal data. On that point alone, I would consider blowing this person off (in other words, we anonymize the account, and we're done). "Commercial products or services" also does not apply to us. We run on donations; we don't sell anything for a fee or price.
Again, we anonymize as a courtesy. Even our forum policies state that we do not delete posts on demand. I kind of doubt that the many privacy policies around the world request content removal (as long as it doesn't contain personal information, for obvious reasons).
Anyway, all of the above is just me, venting. We've already decided what to do.
What's bothering me the most here is that this person's message reads like boilerplate, almost like a privacy company provided it like a form letter for this person to fill out. It comes out sounding legal, yet even the section of the law they claim exists in this state isn't even properly referenced! I eventually found a reference to this person's nonsense on the law.justia.com site, where this disclaimer is posted:
I did try a Google search using some of the phrases in the email to see if it came up as boilerplate, but I found nothing so far. I'm not spending much more time on this, however. This type of email was structured in a way to sound legal, and vaguely like a threat. It's not something our typical member would compose on their own, in other words. I've never used any privacy services (although I'm about to...I'm tired of the intrusions), but if anyone has seen anything similar, it would be interesting to hear about it.
And also, if you've actually read the law to see what applies, have you blown off similar requests if the law does not apply to your situation? As I pointed out above, per the state's own web site, the law only applies to certain entities, and we could not be categorized under any of them. We'll still honor a removal request anyway (by anonymizing/clearing out an account) if asked nicely, but removal of content is completely out of the picture unless they've posted personal information within that content.
, but the law is very similar. I left it vague only in case this person is trolling around the XF support forums.