|
|
|
|
|
|
by aaanotherhnfolk
2216 days ago
|
|
|
GDPR devalued PII-stores, and companies tried really hard to only let the value drop on the European portion of their data. Requiring ID is a way to discourage and even deny deletion requests in other countries. These constraints are walked back almost immediately in practice, once companies learn that requiring a human touch for a deletion flow is not worth the hassle. I think "legal" here meant what's the bare minimum to respect the letter of GDPR law, while not actually implementing a useful delete flow. |
|
|