Why removing something from the internet is ‘almost impossible’ | CNN Business


CNN Business

Most people may live their digital lives under the assumption that they can delete their posts, messages and personal data from services whenever they want. But a technical hearing this week cast doubt on that core assumption.

Peiter “Mudge” Zatko, the former Twitter chief of security, told a Senate committee on Tuesday that the social network does not reliably delete the data of users who cancel their accounts, and continues on the bombshell allegations he made in a disclosure of a whistleblower first reported by CNN and The Washington Post last month.

In his whistleblower testimony and disclosure, Zatko claimed that Twitter did not reliably delete users’ data, in some cases because it has lost track of the information. Twitter has widely defended Zatko’s allegations, saying his disclosure paints a “false story” from the company. In response to questions from CNN, Twitter has previously said it has workflows to “start a removal process”, but has not said whether it typically completes that process.

While Zatko’s allegations are astonishing, it also served as yet another reminder for Sandra Matz of “how often we are brainless” when sharing our data online.

“It sounds very simple, but whatever you put out there, never expect it to ever become private again,” said Matz, a social media researcher and professor at Columbia Business School. “Retracting something from the Internet, pressing the reset button – is almost impossible.”

The commitment to taking control of our data and having confidence in our ability to delete it has arguably never been higher. In the wake of the Supreme Court’s decision to overturn Roe v. Wade in June, it is now possible to use search history, location data, text messages and more to punish people who search online for information about or access abortion services .

In July, Facebook parent Meta came under scrutiny after news broke that messages sent through Messenger and obtained by law enforcement had been used to sue a Nebraska teen and her mother for having an illegal abortion. (There was no indication that any of the posts had previously been deleted in that case.)

Ravi Sen, a cybersecurity researcher and professor at Texas A&M University, said law enforcement officers and other groups “with resources and access to the right tools and expertise” are likely to be able to recover deleted data in certain circumstances.

Sen said many people don’t know all the places where their data ends up. Every message, be it an email, a social media comment, or a direct message, is usually stored on the user’s device, the recipient’s device, and the servers owned by a company whose platform you use. have used. “Ideally,” he said, “if the user who generated the content “deletes it,” the content should disappear from all three locations.” But in general, he said, “it’s not that easy.”

Sen said you can contact companies and ask them to remove your data from their servers, although many probably never take this step. The chances of recovering a deleted message from a user’s device decrease over time, he added.

The best way to manage your online data, according to privacy experts, is to primarily use apps that offer end-to-end encryption. It is also important to manage your backup settings in the cloud to ensure that private data from encrypted services cannot be accessed elsewhere.

But even with all the precautions a person can take on their side, once you put something online, Matz says, “you’ve essentially lost control.”

“Because even if Twitter deletes the post now, or you delete it from Facebook, someone else may have already copied the photo you posted there,” she said.

Matz said she recommends that people be more aware of what they share on Big Tech platforms. As pessimistic as it sounds, she thinks it’s better to be too careful online.

“Just assume that anything you put there can be used by anyone and will live forever,” she said.

Source link


Please enter your comment!
Please enter your name here