this post was submitted on 25 Jun 2023
1152 points (99.4% liked)

Reddit

13435 readers
3 users here now

founded 5 years ago
MODERATORS
 

https://www.reddit.com/settings/data-request

[email protected]

Having worked at a company that had a massive influx of GDPR requests we weren’t prepared for, this one could actually cause them some trouble if Reddit don’t have that process properly automated.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 1 year ago (2 children)

I would be really surprised if it isn't automated. I would think they just delay as long as possible to provide the info back.

[–] [email protected] 24 points 1 year ago

You’d be surprised. I’ve worked with some even pretty large companies that just don’t have a good process for this and rely on people doing some semi-manual process to prepare a response. My current employer got swamped with requests unexpectedly and had a hard time dealing with them all.

Interestingly finding them was the hardest part because requests can come in to any part of your business, even via social media: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/right-of-access/how-do-we-recognise-a-subject-access-request-sar/#socialmedia

[–] AlmightySnoo 17 points 1 year ago* (last edited 1 year ago) (1 children)

Not that easy, it's not a simple SQL query: https://gdpr.eu/checklist/

If they give you some data under that framework, then it implicitly means that legally they acknowledge that they have checked all of those boxes. So before they give you the data there are probably lots of "are we incriminating ourselves by giving this guy this piece of data?" questions that they're asking themselves.

[–] [email protected] 18 points 1 year ago* (last edited 1 year ago)

it’s not a simple SQL query

shh... some developers in my team would take that as a challenge and cook up a 3000 lines long stored procedure