We could make it easier for states to find and prosecute criminals by not requiring warrants and making encryption illegal, but we don't (and we shouldn't) because the peoples' rights are inalienable, whereas the rights of states, corporations and other entities to interfere with that privacy are not.

Yes, it would be more challenging, and inconvenient, and probably a massive pain in the ass not to log IPs by default, but if the end result is a weakening of the power of modern social media companies (and political and law enforcement agencies) to exploit people's data for nefarious ends without consequence, then society as a whole, and the web, benefit.

Mind you, I don't necessarily believe GDPR is the solution, or that logging IPs is unreasonable, but I do welcome the conversation people seem to be having about who owns their identity.

The mechanism is they send you an email, you verify it as you wish (have them post a comment using their credentials), you overwrite all comments from that uid in the db with a simple query?

If you're using a CMS then it's going to be type the username and hit "delete all comments"; maybe WordPress et al. do this already.

With a small blog the administration of that is going to be facile, surely.

Not to stretch out this comment any more, but are we seriously arguing that adding a delete button is hard? I mean, most people on here would agree that its not something they would worry about. It sounds more like people are upset they are forced to do it, and have no say in it.