[ptest1]

Again, the GitHub example is a good one. I have some commits in Django core from years ago. What if I “request” my data be deleted from GitHub? What are they supposed to do? If they rewrite the history it will destroy the project; and if anyone can rewrite the history in the future it leaves projects open to hostile actions.

I suppose the argument would have to be made that it’s not personal data; it’s an act of public publishing or something. So in this case it’s akin to me publishing a blog and other people quoting it years later. I can delete the original blog but not the reprints in newspapers or quotes.

Or that it stops becoming “your” data and becomes instead “the other user’s” once eg the Django project accepts the PR. So you can delete user A’s PR but not the Django project’s now-integrated copy. I think this rationale makes the most sense. After all, someone could still have the repository on their computer and push it back to GitHub again.

I realize this is an edge case that doesn’t apply to 99.9999% of companies, but as an engineer I find it interesting!

Edit: after thinking this through more, I suspect that e.g. GitHub could argue they comply as long as they delete User A’s repo. Subsequently integrated PRs, etc wouldn’t have to be deleted because they could argue they’re no longer User A’s.

I kinda feel like if language to allow this was added to the law explicitly it would be open to abuse, so I suppose this kind of thing has to remain vague and open to interpretation in e.g. the courts if someone is being nasty.