(CNN Business) – Most people live their lives online assuming that they can delete their posts, messages, and personal data from the Services whenever they want. But this week’s technical hearing called that basic assumption into question.
Peter “Mudge” Zatko, former head of Twitter security, Testified Tuesday before the Senate Committee That the social network does not reliably delete the data of users who have canceled their accounts, thus amplifying the surprising accusations it made in Disclosure of information published by CNN and The Washington Post last month.
In his testimony and disclosure, Zatko claimed that Twitter does not reliably delete user data, in some cases because it has lost tracking information. Twitter has widely defended itself against Zatko’s accusations, saying his disclosure paints a “wrong narrative” about the company. In response to questions from CNN, Twitter previously said it had workflows to “initiate a removal process,” but did not say if it normally completes that process.
Although Zatko’s accusations were surprising, they also served to remind Sandra Matz “how vulnerable we often are” when sharing our data online.
“It sounds very simple, but whatever I refer to, never expect it to come back to privacy again,” said Matz, a social media researcher and professor at Columbia Business School. “Removing something from the Internet, pressing the reset button, is almost impossible.”
Arguably, what is at stake is a sense of control over our data and confidence in our ability to delete it. After the Supreme Court’s decision to set aside the Roe v. Wade in June, there is now the potential to use search logs, location data, text messages and other data to penalize people who search the Internet for information about or access to abortion services.
In July, Meta, the parent company of Facebook, I was subjected to severe scrutiny After it emerged that Messenger messages obtained by law enforcement had been used to accuse a Nebraska teen and her mother of performing an illegal abortion. (There was no indication that any of the messages in this case had been previously deleted.)
Law enforcement and other groups “with the right resources and access to the right kind of tools and knowledge” can recover deleted data, under certain conditions, said Ravi Sen, a cybersecurity researcher and professor at Texas A&M University.
Sen said that many people don’t know all the places where their data ends. Any post, whether it is an email, a social media comment, or a direct message, is usually saved on the user’s device, the recipient’s device, and on the servers of the company whose platform was used. He said, “Ideally, if the user who created the content ‘delete it,’ the content should disappear from all three sites.” But overall, he added, “it doesn’t happen easily.”
Sen said you can go to the companies and ask them to erase your data from their servers, although presumably many never take that step. He added that the chances of recovering a deleted message from the user’s device decrease over time.
According to privacy experts, the best way to control online data is to use apps that primarily provide data encryption. end to end. It’s important too Manage cloud backup settings To ensure that private data from encrypted services cannot be accessed anywhere else.
But even with all the precautions one can take on their part, once you put something online, Matz says, “I basically lost control.”
“Because even if Twitter deleted the post, or you deleted it from Facebook, someone else might have already copied the photo you put there,” he said.
Matz recommends that people be more aware of what they share on the big tech platforms. Although it sounds pessimistic, it is believed that it is better to be excessively cautious on the Internet.
“I suppose whatever you post can be used by anyone, and that it will live forever,” he said.
“Proud web fanatic. Subtly charming twitter geek. Reader. Internet trailblazer. Music buff.”