GDPR accounts are accounts renamed to unidentifiable usernames to comply with a request to do so under the European Union's General Data Protection Regulation law. The accounts' join dates are usually set to January 1, 2000 (a false date) to remove the join date information from public view. The location information is usually removed as well, showing as "Location not given".
The original usernames of most GDPR accounts are unknown.
Following GDPR accounts bug
|
This article or section documents something not included in the current version of Scratch (3.0). It is only useful from a historical perspective. |
There was a bug that allowed users to follow accounts that were anonymized on Scratch because of GDPR. This bug was first discovered in 2020, and spread among users.[1] Here is the code that allowed following GDPR accounts using the console on the wiped user's profile page:
$.ajax({type:"PUT",url:"/site-api/users/followers/<username>/add/"});location.reload()Unfollowing the account
To unfollow the account, one could just replace the "add" with "remove" or paste this code:
$.ajax({type:"PUT",url:"/site-api/users/followers/<username>/remove/"});location.reload()Misconceptions
- See also: List of Misconceptions about Scratch
gdpr0000001 (the first known GDPR account) is commonly believed to be the first account created on Scratch due to its join date, but the first user was actually wrgsfhwbxvb who was created earlier in real time, without having their join date altered.[2] andresmh, who created the site, is the oldest user who has not been deleted.[3]
It is also commonly believed that some of the GDPR accounts are test accounts[4][5] created by Scratch Team members[6], however it is just as likely that the account belonged to a regular user who wanted their data deleted under the General Data Protection Regulation act.[citation needed]
