Folks, this should inspire you to start self-hosting a federated, decentralized chat server with freely available source code by yourself or with a small community. Governments can coerce these big, usually-corpo centralized servers to give up data but good luck if there are hundreds of thousands (of millions?) of small servers with 1–10 users on it & clients not controlled by a single entity for distribution (easier now that y’all coerced Mommy Apple to let you sideload applications & use alternative package managers).
I mean, GDPR is a fucking disaster. Nobody is getting it right, same with cookie consent. This is because the last time geriatric imbeciles at the European parliament seen a computer was back at 98.
Since all those people are using it, it kinda doesn't matter for them. As if not having their data harvested from every single click makes them not care about GDPR and the other bullshit. What a surprise.
If you're federating the data to servers you don't control, it's impossible to guarantee deletion of it. GDPR requires that users be able to request deletion of their data
I knew about that, but I thought it only applied to personal information (with limitations with regards to there being some professional entity collecting it). If I make a statement to the press that goes on print, I cannot demand them recalling papers in order to be compliant with GDPR.
That being said, I am by no means very knowledgeable about this.
If you're posting anything online, it's impossible to guarantee deletion of it. Anyone can scrape anything and store it anywhere for however long they want.
You don’t need to worry about data retention when you own the server & you are the only user. It’s the servers you or someone you know & trust don’t own where you should actually worry about this.
It’s also more problematic with all systems built on eventual consistency models, so best to avoid those since you’ll never be able to get the data dropped. Chat being ephemeral is good.