@elr @neurovagrant @Seirdy because #Signal can't be #SelfHosted (unlike #XMPP and even #Zulip) I can't recommend or use it any professional capacity because I've to comply with #GDPR & #BDSG and that includes evidently having control over data and being able to comply with #auditability and #datadeletion requests in any organization.

Also #Signal does collect #PhoneNumbers and enforces #Cyberfacist embargos.

#Cybersecurity #Messaging #Encryption #DataProtection #Privacy #DataDeletion: "A feature of various end-to-end encrypted (E2EE) messaging apps and other non E2EE social media messaging are disappearing messages, which automatically delete after a set period of time. This feature may be useful for general privacy within your extended network, high-risk users, and preemptively clearing side conversations easily within linear chats. However, different messaging apps handle deleted and disappearing messages a little differently, in particular when it comes to quoted messages, chat backups, and screenshot notifications. It’s important to note that this isn’t a vulnerability in the software, but it could cause someone to change their threat model—the way that they think about protecting their data and privacy. Below, we note the variance that exists between different apps."

https://www.eff.org/deeplinks/2023/05/how-do-different-encrypted-messaging-apps-treat-deleted-messages

#DataDeletion #DataProtection #Archiving #DigitalPreservation: "I’m sure you’ve heard the old aphorism that everyone dies twice. Now, it seems, we die three times. First, when you stop breathing, second, when a corporation deletes your account, and, third, when someone says your name for the last time.

I’ll be realistic here. I don’t think we should expect every company to keep our content forever, but I also don’t think they should get to unilaterally shrink the internet because they’re tired of being responsible for its upkeep. The internet shouldn’t be a handful of company towns that can pull up their stakes and leave when the data mine is tapped.

Erasing old content is, also, a fundamental betrayal of what the internet was created for. It was meant to be an infinitely expanding space of unlimited discovery. One that exists beyond what was possible in the physical world. You could be whoever you want, talk to whoever you want, and interact non-linearly across time and space. And a lot of companies got very rich by offering us the opposite: walled gardens and passive algorithmic recommendations jammed into linear feeds, which they marketed as more secure, more convenient, and more entertaining."
https://www.garbageday.email/p/on-the-internet-you-can-in-some-sense

#DataProtection #DataDeletion #Archiving #DigitalPreservation: "The policy changes are a reminder of how fragile our digital lives are and just how little control we have over their preservation, says Tamara Kneese, author of the forthcoming book Death Glitch: How Techno-Solutionism Fails Us in This Life and Beyond. With cloud storage, we’ve developed an expectation, or fantasy, that data is infinite and that our digital spaces will last forever.

“If Google follows through with this policy, and if other companies follow, then there is a risk that we will collectively lose entire historical archives along with rich personal memories,” she says.

Though Google cited security concerns as the chief reason for its new policy, experts we spoke with speculated that cost burdens also contributed."

https://www.technologyreview.com/2023/05/19/1073367/digital-life-isnt-permanent-google-twitter-inactive-accounts/

Google Play has recently launched initiatives to help developers build consumer trust by showcasing their apps privacy and security practices in a way that is simple and easy to understand. A new data deletion policy that aims to provide users with greater clarity and control over their in-app data.

For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online.

https://android-developers.googleblog.com/2023/04/giving-people-more-control-over-their-data.html

#Google #GooglePlay #policy #Privacy #safety #Security #inapp #online #data #developers #datadeletion

#ConsumerReports has created an application called #PermissionSlip which sends requests for #OptOut or #DataDeletion based on your state laws.

I love CR and this is an awesome service they’ve created. I used it, it has a list of about 4 dozen companies and some requests to data aggregators. They send requests to the appropriate departments.

#dataprivacy

https://digital-lab.consumerreports.org/2022/11/16/introducing-permission-slip/

"Learn how to securely delete data on flash memory like USB sticks, SSDs, & NVMe drives! Use 'hdparm' on Linux or 'nvme-format' tool on Ubuntu 22.04. Remember, while data deletion can be secured, 100% guarantee isn't possible & physical destruction may be necessary. #DataDeletion #SSDs #NVMeDrives"

https://nemozone.writeas.com/correct-data-deletion-of-flash-memory-ssds-nvmes

This article will be expanded with the f3 tool work in progress many thx to @macst3r

As a data protection lawyer, I often seen companies push data retention or data deletion policies to the bottom of the list.

It's sometimes seen as less important, because customers don't typically see this.

However, a recent fine by the CNIL shows there are real risks in delaying and never quite getting round to it. 😬

In this instance, Discord (a popular chat platform for gamers 🎮) received a fine over 800,000 euros for:

❌ Not having a written data retention policy
❌ Not having specific retention periods or criteria for determining retention periods
❌ Failing to ensure data protection by default in the way the application sat in the background on Windows platforms
❌ Failure to ensure security by not setting strong enough password criteria
❌ Failure to carry out data protection impact assessments.

If you are a company dealing with customers in the EU or UK, there is no better time than now to be elevating data retention/deletion on your 'to do' list. ✔️

#dataprotection #dataprivacy #dataretention #datadeletion #dataprocessing #gaming #gamingnews #GDPR #UKGDPR

https://www.cnil.fr/en/discord-inc-fined-800-000-euros

Oh it’s quite challenging to securely delete files on #android internal disk, even though I tried using wire connection to Linux machine to do srm or wipe (failed at no permission to write files?)

Finally I enabled the full disk #encryption for a last sort.

#security #datadeletion