CNN business
—
Most people may live their digital lives on the assumption that their posts, messages, and personal data can be deleted from the service at any time. But a tech hearing this week called that core assumption into question.
Peiter “Mudge” Zatko, Twitter’s former security chief, told a Senate committee on Tuesday that the social network has not reliably deleted the data of users who canceled their accounts, first reported by CNN. Expanded on the bombshell claims he made in a whistleblower disclosure…and last month’s The Washington Post.
In his testimony and whistleblower disclosure, Zatko claimed that Twitter did not reliably delete user data. Twitter has broadly defended his Zatko allegations, saying his disclosure portrays a “false narrative” for the company. In response to a question from CNN, Twitter previously said it had a workflow to “start the removal process,” but did not specify whether it would typically complete that process.
Zatko’s argument is striking, but it also reminds Sandra Matz of “how often we are ignorant” when it comes to sharing data online.
“It sounds pretty simplistic, but don’t expect that whatever you put out will be private again,” said Matz, a social media researcher and professor at Columbia Business School. . “It’s almost impossible to withdraw something from the internet and hit the reset button.”
The stakes for feeling in control of our data and confident in our ability to delete it are arguably higher than ever before. Following the Supreme Court ruling, we can now use search history, location data, text messages, etc. to punish people who seek information about or access abortion services online.
In July, after news broke that a message sent via Messenger and obtained by law enforcement was used to accuse a Nebraska teenage girl and her mother of illegal abortions. Facebook parent Meta was put under heavy scrutiny.
Ravi Sen, a cybersecurity researcher and professor at Texas A&M University, says that if law enforcement and other groups “have the resources and access to the right kinds of tools and expertise,” The situation states that there is a good chance that the deleted data can be recovered.
According to Sen, many people don’t all know where their data is. Posts such as emails, social media comments, and Direct His messages are typically stored on servers owned by the user’s device, the device of the recipient, and the company that used the platform. “Ideally, if the user who created the content deletes it, the content should disappear from all three places,” he said. But in general, he said, “it doesn’t happen that easily.”
Sen said you can contact the companies and ask them to remove the data from their servers, but many companies probably don’t take this step. He added that the chances of recovering deleted messages from a user’s device diminish over time.
According to privacy experts, the best way to manage your online data is to primarily use apps that offer end-to-end encryption. It’s also important to manage cloud backup settings to ensure private data in encrypted services cannot be accessed elsewhere.
But even with every last precaution an individual can take, when you post something online, you “essentially lose control,” says Matz.
“Even if Twitter deletes your post or removes it from Facebook, someone else may have already copied the photo you posted.
Matz said he encourages people to be more careful about what they share on big tech platforms. She may sound pessimistic, but she thinks it’s better for her to be overly cautious online.
“Assuming anything you put out there can be used by anyone and will live forever,” she said.
.