Hi, We've been looking into GDPR compliance for fd.o, which has been ... fun.
The biggest stumbling block for us is probably Bugzilla and Mailman. Deleting messages and profiles from those just isn't practical for us, especially at any kind of scale. We could write a script to censor those, but once it has been posted to either, then it's all over the public internet anyway.
We don't control distribution once messages hit Mailman - it's forwarded raw to a potentially unlimited distribution list - and deleting messages from Mailman is also a manual nightmare. Rebuilding the archives is out since it breaks URLs. Hand-editing it all sucks beyond belief. And then people have quoted it in replies anyway ...
Does anyone know if there's some kind of GDPR 'out' for, 'by posting here you agree that everything is going to be made public, so as there's nothing we can do about its distribution, it's not useful or practical for us to undo that'? And are there any kind of credible Bugzilla/Mailman deletion tools?
Cheers, Daniel