noobermin 2 days ago [-]
Allow me to ask the obvious question.
Who doesn’t do the something like this?
Not to alleviate facebook of blame, but who’s to say data on almost every other social media service isn’t also just flagged for deletion?
replytraskjd 2 days ago [-]
We don’t soft delete payloads at Raygun (https://raygun.com), for the very fact that typically if one of our customers wants to delete something it’s because they might have sent something they don’t want a third party to have. We have filters and other PII filtering tools etc, but it every now and then something might be sent by mistake.
Having said that, you’d be amazed how often folks ask for things to be undeleted (despite a big warning dialog).
Clearly developers pervasively believe soft deletes are occurring everywhere.
replySomeone 2 days ago [-]
It isn’t that hard to combine soft deletes with delayed hard deletes: generate a new encryption key every day for “data deleted today”, and encrypt deleted data with it. After X days, destroy the decryption key.
If you use asymmetric encryption, you can keep the group of people who who can recover “deleted data” small. You could even have an independent party generate your encryption key pair, give you the encryption key, and your customer, on request, the decryption key (I think there is a business model for a non-profit here).