Reading through this topic (and being new to Discourse), I am under the impression that the only way to handle the “right to erasure” is that an admin deletes the user including all posts? If so, and as others have stated, this is quite disruptive for a discussion community. A better approach would be to anonymize all user data (removing Email, any stored IP addresses, and changing user name, also in all posts). Would this approach suffice for the “right to forget” requirement? If so, is my understanding correct, that Discourse doesn’t provide any functionality to support this?
Edit:
The other question is, does the right to erasure even apply to a public discussion forum? ICO states:
When does the right to erasure not apply?
- to exercise the right of freedom of expression and information;
- for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing;
Wouldn’t both apply in the case of a discussion forum?