Remove the Username from Right-of-Erasure requests to comply with GDPR

EDIT: Roblox changed the message and removed the username, so this feature request is now irrelevant

As a Roblox developer, it is currently too hard to comply with GDPR Right-of-erasure takedown requests as Roblox has changed the notice sent to developers to include a username.

We received a right-of-erasure-request for the following User ID: [-----] and Username: [-----].

A right-of-erasure request is suposed to remove all PII related to the players account, which includes the username. Developers have to ensure that no PII is stored on their end, by removing and PII which is possibly tied to the anonymous UserId in their own datastores and third-party tools.

By including the Username in these takedown messages, Roblox is creating a permanent record of someone’s PII. In the past, these messages only contained a UserId which is an anonymous string as soon as Roblox removes the player profile, which meant that there was no issue. In the current situation, developers are sent a record of the players PII which they can only destroy (in compliance of the right-of-erasure request) by archiving the message, which I have no interest in doing so as I shouldn’t be responsible for tidying up my inbox to be compliant with GDPR.

If Roblox is able to address this issue, it would improve my development experience because developers are not given the unnecesary burden of having to archive all incoming GDPR Right-of-erasure messages in order to comply with GDPR.

I’m guessing they added the username to the message because some developers were storing data with the username as the key, so being given the UserId was worthless to them since the player was deleted so they can’t find the username.

I am guessing Roblox did this for games that might store usernames rather than/along with, user IDs.

Maybe Roblox can instead automatically delete the message within 30 days because by then the developer should have already dealt with the request.

dang it @boatbomber

That was my understanding as well, but storing data by username has been the wrong way of doing it since Roblox allowed username changes in 2013, nearly 7 years ago.

Requiring developers to store data by UserId to comply with GDPR sounds a lot better than breaking GDPR compliance platform-wide for all developers by sending them a record they are then responsible for handling / removing. Something which developers who don’t handle PII and thus don’t need to act on these right-of-erasure requests probably aren’t doing.