SoylentNews is people
SoylentNews
Europe is bracing itself for a big shake-up in how we pay for things online, which will have significant consequences for businesses across the region. Similar to how GDPR hugely impacted how millions of organizations handle personal data when it was enforced last year, Strong Customer Authentication (or SCA) will have profound implications for how businesses handle online transactions and how we pay for things in our everyday lives when it is enforced on September 14.
SCA will require an extra layer of authentication for online payments. Where a card number and address once sufficed, customers will now be required to include at least two of the following three factors to do anything as simple as order a taxi or pay for a music streaming service. Something they know (like a password or PIN), something they own (like a token or smartphone), and something they are (like a fingerprint or biometric facial features).
https://thenextweb.com/podium/2019/05/10/your-business-passed-the-gdpr-challenge-but-sca-is-next/
(Score: 4, Interesting) by The Mighty Buzzard on Tuesday May 14 2019, @11:31AM (36 children)
SCA doesn't particularly concern me. We don't do any of our own payment processing around here. What does concern me is California's upcoming (the first of next year) data privacy law. It's fairly likely we're going to have to firewall all California IP addresses. Not because we have any issue with disclosing what we little information we collect and not because we use it for anything but necessary site functionality. Because there's a bit in there that says you have to make allowances for people to delete their accounts and related info. We don't have that functionality in the site, if we did it manually it would break every last story page that the person had ever commented on, I won't have time to code that functionality into the site before the deadline, and I'm pretty sure I'm opposed to handing out a "right to be forgotten" button even if all of the above weren't an issue. Expect a Meta story discussion on this before summer's over.
My rights don't end where your fear begins.
(Score: 2) by canopic jug on Tuesday May 14 2019, @12:20PM (15 children)
I'd say once it's published it is published. I expect that one of the site's pages explain that rather well and that acceptance of that is part of the cost of participating on the site.
Anyway, thanks for keeping SN running smoothly. I got curious enough to download the source a while back and saw how large and complex it is. So it takes quite a bit of skill as well as effort and will.
Money is not free speech. Elections should not be auctions.
(Score: 5, Insightful) by ledow on Tuesday May 14 2019, @03:15PM (14 children)
You're not going to avoid this.
GDPR is the start and affects anything you do that touches Europe. Soon the US will follow suit.
The right to be forgotten is a perfectly valid right, and as others point out, you just overwrite data, not remove it. "[[[[[This comment has been removed because the original user filed a redaction request]]]]]".
Search and replace on the database, by userid, problem solved.
It's not a difficult problem at all. It doesn't hide anything that people have a desperate need to hide. It's a courtesy to your users. And it really doesn't take much to implement even on a system never designed with that in mind.
One day you won't get a choice. Imagine, for instance, something like the DVDCSS key that everyone posted everywhere as a hoax. Imagine getting cease-and-desists for people who do that on your site, deliberately troll information that courts have deemed shouldn't be public. It happens every day and Facebook et al can't keep up, for things like people published alleged paedophile addresses, etc.
If your site doesn't facilitate redaction and removal of old pages, comments, pages, etc. today then you're going to need it tomorrow. Best to design it in. It's really not that hard. Whereas working out the SQL to cull their comments without breaking everything, on a whim, overnight, under threat of legal compliance from someone with jurisdiction over you... that's not going to be easy.
And if you can do it for one comment, you can do it for all over their comments. And if you can do it when ordered, you can do it on request of that person themselves. And if you draw a line anywhere, but a law requires you not to, then you have a LOT of expensive justification ahead of you ("Oh, so you could take your mate John's comment off when he accidentally called his boss an idiot, but you're refusing to comply with a legal request to redact my client's comment history?".
Get used to data privacy, including privacy of your historical data. It doesn't take much to do. It's inevitably only going to get worse (just wait until you're served with a writ to provide *all* information you store on a person... where if you fail to "reasonably" provide all the data you ever could, that you could be found in contempt of that order...). And if your system isn't designed with it in mind from day one, it's only going to get worse for you when you have to do it later.
(Score: 1, Informative) by Anonymous Coward on Tuesday May 14 2019, @09:45PM (1 child)
and are you going to extract all your backups and redact the user's data and then re-compress them 24/7 every time someone wants to be "forgotten"? you're just a bootlicking, authoritarian state socialist.
(Score: 4, Touché) by ledow on Wednesday May 15 2019, @07:31AM
I'm a Brit.
We have GDPR.
I work in IT.
What's on public display is a very different question to what's in an encrypted historical record, and you seem to miss that you are merely a custodian of other people's data, only with their permission. Data protection has always been held in high regard in the EU and, in case you missed it, an ENTIRE CONTINENT complies, across 20+ language barriers, a greater combined population than the US, and an ancient legal system which you borrowed as the basis of your own.
Tell me how a "authoritarian state socialist" is defending the right for you to have your data deleted, corrected, and what's stored on you revealed, from all government databases, historically, and in perpetuity, as well as ordinary commercial websites, and those run by Joe Bloggs who's hoarding all your data on his personal blog and selling it to others.
(Score: 2) by edIII on Tuesday May 14 2019, @11:47PM (9 children)
Sorry man, but fuck that. I understand why TMB is philosophically against it. If somebody wanted to delete the information associated with the account, like username, hashed password, email address, and settings, that should be okay.
However, this site does not allow you to either edit or delete comments. They are what they are, and they will stay that way forever. If you don't like something you said, then you should've thought of that when you said it. There are some posts I would like to take back, but I fully understand why that will never happen.
We don't even get rid OF SPAM. If we're not going to fight SPAM and AC bullshit with deletions, then why the heck would we ever let a signed in user delete anything? SN isn't collecting private data to sell to others, it doesn't advertise or track us (except for some temporary PiWIK dev stuff that was consensual), etc.
I'm with TMB. Just block California. On that note, I want to start using the TOR onion service but don't know the address. Worst case scenario, we can go completely underground and disallow all direct access to the site. If needed, I would help with a few bucks to move us to a different country where that hasn't happened yet.
The right to be forgotten shouldn't be applied to many types of forum sites, SN especially. Specifically, there should be an exception carved out for certain types of forum comments. I'm sure the White Nationalists would love to be able to erase their hate, and not rightfully suffer for it, but I have very little sympathy in helping Nazi's receive cover.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by ledow on Wednesday May 15 2019, @07:42AM (8 children)
Soylent does delete spam. They have banned users and removed their comments. Thus the facility exists. It may not be on a GUI but try arguing that to a judge... this is exactly my point. The first time you get a proper legal request, you can cry to mommy about how it's absolutely impossible if you like... then someone will point to a post where the editors did *just that*. And then you're in for contempt of court as well as failing to comply. Or you can craft a small bodge-script that works for now, and start plumbing in features to allow this facility in the future.
Though users do not get an edit button, the database is plain-text. Replacing the contents of any one comment is a literal single SQL statement (well-crafted, yes, but one line). Replacing the contents of every comment of a given userid is probably the same line but with a larger SELECT.
The philosophy of free speech and historical record is an entirely other matter. But if you don't want your site brought by under legal writs, if you don't want it to be spammed to oblivion by people posting, say, links to the worst kinds of illegal content, then you have to have the facility to delete or overwrite. You can do that manually, which may well be how it's being done now. But the problem will only ever get worse. Adapt or be swamped in problems when it does start getting common.
Suggesting that a bog-standard tech forum based on open-source code that you and I can read and find a way to "delete" comments is somehow more protected than, say, a Google search for illegal content, the Internet Archive, or major press associations (all of whom will also have to comply, and all of whom already have those facilities and use them every day) is so far past ridiculous that it really cuts into your credibility.
I don't care about the if's and but's. I'm saying if you run a website with public comments, you need moderation tools. If you don't have convenient moderation tools, your time is going to be tied up on administration (i.e. paperwork-like administration) and legal hassle rather than just "Oh, what a pain... run comment delete tool on those auto-bot-troll-posting-porn".
P.S. If you think either Soylent or Slash ever avoid removing comments, I can only tell you that you're wrong. If you think they are above the law, or can even afford a lawyer to fight, you're wrong. And if it's likely to happen more in the future for all kinds of reasons, then getting tools to do this automatically rather than spending time trying to comply manually (and messing up because you forget a step) is the techy/open-source way.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @10:36AM (6 children)
No, Soylent did delete spam. Once. When we were first starting out and someone scripted an assload of comments on every story over a couple weeks old. Those got deleted. Only those.
You are incorrect.
You are again incorrect. The one instance of deletion was done from the mysql command line. And it broke things that were a huge pain to fix. Calling it a legitimate option is akin to calling opening your car door with explosives when your child locked themselves inside of it with your keys an option.
My rights don't end where your fear begins.
(Score: 1) by Chocolate on Friday May 17 2019, @05:38AM (5 children)
Please stop giving stupid people ideas.
Mythbusters is a TV show not a manual for next weekend's entertainment.
Bit-choco-coin anyone?
(Score: 2) by The Mighty Buzzard on Friday May 17 2019, @10:46AM (4 children)
Speak for yourself. I'm still trying to convince The Roomie's dad to let me take care of all the red cedar trees (they're a plague in OK because of how much water they'll suck up) on his place with Tannerite [tannerite.com]. It'd be fast, easy, and a lot more fun than having to cut off half a dozen limbs each before you took the chainsaw to several dozen trees.
My rights don't end where your fear begins.
(Score: 1) by Chocolate on Friday May 17 2019, @10:57AM (1 child)
You are planning on attaching targets on the trees so you can shoot them to death?
Bit-choco-coin anyone?
(Score: 2) by The Mighty Buzzard on Saturday May 25 2019, @01:29AM
It doesn't come as targets, it comes as a kit you mix together and put on your existing targets. Or, if you're a silly-assed country boy who likes explosions, around the trunk of a cedar tree that you don't want to be there anymore. Or in a jar inside a broken clothes dryer that you've drug out into the field.
My rights don't end where your fear begins.
(Score: 2) by hendrikboom on Friday May 24 2019, @10:58AM (1 child)
What is a binary exploding rifle target?
(Score: 2) by The Mighty Buzzard on Saturday May 25 2019, @01:25AM
It's a binary explosive that you can buy at sporting goods stores (as a kit with the two components you have to mix yourself ) that's set off by physical shock like shooting it with a bullet; blasting caps would probably also work. You can use it for whatever you like but while the product is legal not all potential uses are.
My rights don't end where your fear begins.
(Score: 2) by edIII on Wednesday May 15 2019, @07:08PM
You're incorrect, and TMB corrected you properly. Also, ease up a bit on the crying to mommy. Nobody is saying it is impossible, but if you LISTEN, you would hear just how difficult it was. You think you're the only one that knows SQL and how to manage data structures?
Obviously it can be designed, and is technically possible. Others have pointed out the super obvious too; If you need those data rows for system integrity, you can modify them, not delete them. If we had an ID that used to belong to somebody, it's easy to overwrite their information. Maybe even easier to just use the AC ID, assuming there is a dedicated ID for AC.
This isn't a technical discussion, but a philosophical one....
A law is not inherently correct. No, we do NOT need the ability to erase posts. This isn't a file sharing site, nor it is intended to be. Illegal content? You mean unpopular speech and attempts to suppress said speech and control the "narrative"? No. You will be held accountable for what you say in the public view, and it isn't in the interests of the public to allow people to scrub history because they made mistakes.
I didn't say that, so none of what you said there means anything with regards to my credibility. Again, you're not the only database programmer, and this isn't a technical issue. Go chat up TMB about the issues with the current data structures though. There ARE issues with THIS site and its code base that currently preclude the easy use of the "DELETE" in an SQL statement. If you have any skill at all with databases, and don't wish to damage *your* credibility, than you of course recognize that there could be issues deleting rows that are referenced elsewhere. I don't know anything about the data structures (ask TMB), but I generously code in foreign key constraints that are configured to reject DELETE statements when the ID is in use anywhere else.
You're confused and TMB corrected you.
There is a difference between moderation tools (the tech), and the reasons to have it (the philosophy). I don't believe people have a right to be forgotten with respect to their public statements. Deleting those is akin to rewriting history. Do you believe it should be okay, or the right-to-be-forgotten should be extended, to video based interviews with people making public statements? It's just a file attachment or a link in a database and surely easy to moderate, but should we?
The answer is a resounding NO. It will instantly be abused by those in power to "scrub" their images clean of anything undesirable, and then to further control that image. What about 3rd party sites like archival sites. Do they have to remove their archives of my comments on SN?
I view this as no different than somebody attempting to forcibly modify the public record for their benefit. I do not support the right for your public comments to be deleted, and it isn't in the best interests of society. Legal exceptions must be made for public forums to protect their integrity, and they are very much different than for-profit companies that profit of your information, provide private spaces for information, or offer SaaS.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by darkfeline on Wednesday May 15 2019, @04:56AM
> The right to be forgotten is a perfectly valid right
Not really, no. Does Hitler have a right to be forgotten? Does a criminal have a right to be forgotten? Do you have a right to go into everyone else's brain and erase any memory they have of you, or prevent people from talking or writing about what they remember about you?
There never was any "right to be forgotten". What there was, was a lack of rapid information propagation like there is today. If you move a few towns over, chances are they won't have heard of you fucking the pony. But there never was any right that people couldn't spread rumors if they found your pony fucking amusing.
What has to happen is that society needs to come to terms with the fact that rapid information propagation means we can't take some things for granted any more. Fake news is one symptom of this. Realizing that people are inherently stupid and there will be artifacts of their stupidity on the Web is one thing that society is going to have to learn.
Join the SDF Public Access UNIX System today!
(Score: 3, Interesting) by The Mighty Buzzard on Wednesday May 15 2019, @12:02PM
I wouldn't put money on that if I were you.
You may have noticed that we have slightly differing opinions on what is and what is not right over here and that we don't tend to care much what Europe wants or doesn't want. That's the prerogative of any sovereign nation and should go without saying if that nation also happens to be a superpower.
Oh? You lot can mandate that newspapers go around with a marker and black out every copy of an inadvisable letter to the editor that you wrote, can you? Your comments here are not personal data. They are a record of what you have chosen to say publicly. The right to speak comes with the responsibility to live with what you've said.
How's that choice removal working out as far as shutting down The Pirate Bay? You always have a choice. Sometimes that choice is between bending your knee or making a Boston-harbor-sized cup of tea.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Tuesday May 14 2019, @12:47PM (10 children)
You should have built in process to randomly kill any story. That is the right to be forgotten too. There is always the way back machine to get saved snapshot.
The other choice is write over the related information. So an account is deleted.... write X or a -1 in to every column other than the key. Does not break a any links and makes the information gone. Again this could be a feature to site, and make it a right to be forgotten in user configuration. pick a seed, and period like between 5 to 20 yrs. Then for each items, > period, pick a random number if >1/2 write the X. So slowly over time the items just age out.
(Score: 2) by janrinok on Tuesday May 14 2019, @06:04PM (9 children)
You could argue that you have the right to 'kill' a story that you have submitted but, as you should be quoting source material it doesn't matter, as long as your name is removed as the submitter. The source material can remain and the comments associated with the story should still make sense. Renaming your account as 'Forgotten-$NEXTNUMBER' should be easy enough to do I suppose and should account for most times that your ID appears. And who uses their real name here anyway? Deleting whatever email address you have given us is also a good idea - but we will undoubtedly discuss this in greater detail as a community before we implement any changes.
But to 'kill' a complete story because of your comments to that story? No way. Everybody else has a right to discuss it and have their comments published if they wish. You don't need to have a say in deleting what other people's opinions and comments say.
(Score: 0) by Anonymous Coward on Tuesday May 14 2019, @07:59PM
I'm not particularly fond of the right to be forgotten. I get it if it is someone else who publish information about you, sound fair, but otherwise I subscribe to "think before you act" and "face the consequences of your actions".
(Score: 2) by edIII on Tuesday May 14 2019, @11:52PM (7 children)
Which is exactly how this new "right" will be abused. In all of the situations I've heard this discussed, it's been related to libel. Which means, it's really about the rich and powerful being able to suppress information.
Nobody has the right to be forgotten in the real world. If they did, Trump would've already sued to make us all forget the previous few decades of his inept bullshit.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 3, Interesting) by ledow on Wednesday May 15 2019, @07:52AM (6 children)
If you call me, say, a paedophile, that's libellous. I would sue. I'm not rich, nor powerful.
If you go and do such things to people without cause, fact or stating that it's an opinion (*cough* Elon Musk *cough*), it's a court case to decide if they are true or not. In the meantime I may well ask you to remove it, which a prudent person might well do to avoid a lawsuit, or to avoid worsening an existing lawsuit. If you can't edit a comment, how are you going to do that - by asking the website to do that for you.
Once the outcome of a case is established, do you expect the person to just leave that libel on the site? The poster, or website, will be court-ordered to remove it.
Thus the facility needs to exist anyway. Once it does, it's literally just a matter of moving the button from the admin panel to the individual user profile to make everyone be able to use it voluntarily if they wish.
The value of even a year-old Slashdot/Soylent comment is absolutely minimal.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @10:59AM (2 children)
Thankfully we are not subject to the UK's absurd libel laws here.
If by minimal you mean priceless, we agree. A user's comments are a true and exact history of what they have said. Hiding history is foolish at best but far more commonly it is actively malevolent.
My rights don't end where your fear begins.
(Score: 2) by quietus on Wednesday May 15 2019, @06:03PM (1 child)
A young, female teacher is being accused of sexually inappropriate behaviour by the parents of a 7 year old pupil of hers. The parents go to the police to file charges, but also ask other parents whether they've noticed something with their children -- on social media. The next morning a mob stands ready at the school gate; the teacher, who had no idea about the complaint (neither had the school leadership), needs to be evacuated by the police.
Journalists dive onto the case: it seems multiple pupils of her had similar complaints, an open-and-shut case of a paedophile predator -- but for added thrills, a female one, young and quite attractive herself. Her name and face gets plastered all over the media, both offline and online; her address and telephone numbers get exposed; she needs to go in hiding against death threats.
Two weeks later, the police investigation finally gets wrapped up: nothing had happened -- the specks of blood on the little girls vagina had a natural, and only a natural, cause; the other so-called victims were a case of mass hysteria.
That young teacher now works as a career counselor; she'll probably never get a job as teacher ever again -- no school risks hiring her, in case a parent goes researching on the internet.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @10:16PM
The answer to which is more speech not less. As it always is.
My rights don't end where your fear begins.
(Score: 2) by edIII on Wednesday May 15 2019, @07:23PM (2 children)
Nope. I would leave the libel up and ADD a disclaimer comment with links to the public record and court case. That is in YOUR best interests too as the victim. Anybody hearing the libel and searches for it would find the comment, but then also find all of the links in the legal disclaimer that allow them to review the public record for itself.
I realize now that you're in the UK, and fundamentally fucked with regards to those laws. Not uprising that the rich and powerful in the UK want a heavy weapon to wield to control information. In any case, SN isn't a UK company or organization, and we're not subject to your ridiculous libel laws or their philosophies.
In the US, that libel comment would become part of the public record. Increasingly, these are coming online as searchable databases, IIRC. I can go down to a government building in Las Vegas, and review whatever I want. When the court case is concluded, those records are not destroyed. In a sense, they were made indelible through a legal Streisand effect. With everything coming online, and information anywhere at your fingertips, it's not unreasonable for the libelous comment on SN to have hyperlinks to the court case and public record added in a disclaimer. The distinction between finding it in the public record, and SN, is a meaningless one. We both know that it would be in many more places than that, and attempt to police information everywhere is simply a non-starter. Authoritarians have it out to be able to do exactly that, but you would find it easier to remove a drop of water that fell into the ocean.
Since it is addition, AND it is a good faith attempt to correct the libel, it shouldn't be an unreasonable method for the "moderation" you desire.
What we're never going to do, buddy, is allow you to delete anything you've ever said on this site.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @10:37PM (1 child)
We did once, actually. The first time MDC posted his SSN, we replaced the comment text with [REDACTED] or some such thinking it was a passing moment of insanity. We left every time after that up because it obviously wasn't. Passing that is.
We also politely asked someone, I forget who, to not post lots of copyrighted material they didn't hold the copyright on to their journal. They were using it as a scratch pad or some such and happily switched to a another pad that didn't leave us legally liable for anything.
Which is to say, there are things we'll redact. Doxxing and DMCA claims, for instance. We're not in the business of giving anyone's mouth a do-over though. So much so that nobody on staff has even thought of suggesting admins have a web interface for editing comments. It's all by-hand, CLI MySQL if it actually needs doing. Which is a pain, character escaping arbitrary English prose correctly the first time.
My rights don't end where your fear begins.
(Score: 2) by edIII on Wednesday May 15 2019, @11:07PM
Thank you for the correction. It seems to be an acceptable middle ground.
I appreciate that philosophy.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0) by Anonymous Coward on Tuesday May 14 2019, @03:04PM (1 child)
Can you give priority to deleting Anonymous Coward? I think the Five Eyes are after me.
(Score: 1) by Chocolate on Friday May 17 2019, @05:41AM
They could be!!! You never know!!!
Give us your real name, date of birth, residential address, phone number, and the names of your parents so we can check everywhere to make sure your data is secure!
Bit-choco-coin anyone?
(Score: 3, Interesting) by HiThere on Tuesday May 14 2019, @04:41PM (1 child)
Actually, I think the easy approach would be to convert all their references to "by anonymous coward", since that's a legitimate user without any personally identifying information. This would mean you would need to delete their account to handle future events. But would you need to do that before they asked you to delete information?
Just make it a general capability, and you won't need to firewall anything, or worry about where a tor post comes from. The problem is you'd want to be able to prevent people from causing others accounts to be deleted. That could get tricky.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @11:07AM
Killing all existing cookies and not allowing anyone from a California address to log in again would probably be better. That could be done in the load balancer if you're coming from a California address range without the rehash code ever needing to deal with an unhashed IP address (beyond hashing it in the first place, of course). Save those ideas up for the Meta story though. This is mostly just notification that there's going to be one.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Tuesday May 14 2019, @05:31PM (2 children)
It doesn't have to. At the risk of being a double-talking rules-lawyer, "Delete" doesn't necessarily mean to delete.
As an example, I could imagine you create a new account "Anonymous Deleted," and whenever anybody deletes their account you just change all their comments to be associated to that ID instead. Admittedly it is more complicated than that for many reasons, but I don't see this as necessarily being impossible to implement.
Whether the (work+risk)/reward ratio is worth it, though, is another question... as noted by your added personal opinion, among other things.
Speaking as a privacy-conscious anonymous coward, though, I for one do appreciate it when places give the ability to delete data.
(Score: 2) by The Mighty Buzzard on Wednesday May 15 2019, @11:13AM (1 child)
Yes, that would be exceedingly easy to implement. And it would make the value of the affected conversations pretty much nonexistent.
Being able to delete data that you've made public isn't a privacy issue, it's a rewriting history issue. I appreciate the hell out of privacy but this isn't about privacy.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Friday May 17 2019, @05:43AM
Wait. Hold on. Are you saying that everything I have posted here is publicly visible?
Noooooooooooooo
(Score: 4, Informative) by NotSanguine on Tuesday May 14 2019, @05:37PM (1 child)
An excellent point. I was unaware that the new California law (it is this law [wikipedia.org], right?) required deletion of comments or the "right to be forgotten."
Now that I've read the text, it's clear that Soylent News doesn't collect the sorts of information covered under the law [wikipedia.org]:
IIUC (and please correct me if I'm wrong), IP addresses are not logged by the system, just hashes of such IP addresses, and those are purged on a rolling schedule.
What's more, the law has specific requirements as to which entities are covered:
I didn't realize that Soylent News met any of those thresholds. If we do, SN is really profitable! And if that's true, you should definitely get paid for all your hard work Buzzard.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 3, Informative) by The Mighty Buzzard on Wednesday May 15 2019, @11:25AM
We do have unique personal identifiers and email addresses stored. The unique personal identifier is just an auto-incrementing bigint column but it technically fits the definition. The email address is stored but doesn't have to be true.
Sweet! I'm all about not doing things. I can even not do things in my sleep. It's going to eventually become an issue again but the one requirement we're likely to ever hit, 50K or more consumers having info here, almost certainly isn't going to happen before I'm back to having plenty of free time.
My rights don't end where your fear begins.