I have been thinking about this issue a lot. GDPR seems to be everywhere, and I’m not sure that storing information on interactions is a privacy issue, but I want to respect people’s concerns. GDPR or not, I do not think this is a use case the law intended to prevent.

You use the WordPress suite of plugins. And being as I’m as regular contributor, there are a few ideas I’ve floating that I think are a good start, and invite you to contribute more.

1. Add text to the Webmention form that explains how to use it to delete a mention. Since the form can be used without supporting webmentions on your own site, this is something that should be made clear.
2. Add Setting to not display avatar/photo
3. Add ability to edit mentions, to correct inaccurate data.
4. Add setting to store more/less data.
5. Add privacy policy to plugin for those who install it and add text/link to webmention form.
6. Explain how to request a takedown of information.
7. Periodically poll/refresh sources.
8. Allow a different level of processing for ‘native’ webmentions vs backfeed run through a service like Bridgy.

This doesn’t solve all of the problems necessarily, but I think these ideas are a good faith effort in that direction.