(CNN Business) — Most people live their lives on the Internet with the assumption that they can delete their posts, messages, and personal data from services whenever they want. But a technical investigation this week called that basic assumption into question.
Peter “Mudge” Zatko, Twitter’s former head of security He testified before a Senate committee on Tuesday The social network doesn’t reliably delete the data of users who cancel their accounts, which raises a surprising number of allegations. Disclosure of Information It was published last month by CNN and The Washington Post.
In his testimony and disclosure, Jadko alleged that Twitter did not reliably delete user data, sometimes because it lost information. Twitter has broadly defended itself against Jatko’s allegations, saying his revelations portray a “false narrative” of the company. In response to CNN’s questions, Twitter said it has a workflow to “initiate a takedown process,” but did not say whether it typically completes that process.
While Zatko’s allegations are surprising, they also serve to remind Sandra Matz “how brainless” we are when it comes to sharing our data online.
“It sounds pretty simple, but whatever you put out there, don’t expect it to be private again,” said Matz, a social media researcher and professor at Columbia Business School. “To remove something from the Internet, to hit the reset button, it’s almost impossible.”
At stake is our sense of control over our data and belief in our ability to delete it. Roe v. Wade, in June, has the potential to use search histories, location data, text messages and other data to punish people who search the Internet for information or access to abortion services.
In July, Facebook’s parent company, Meta, Under strict scrutiny Messages sent via Messenger and received by law enforcement were used to accuse a Nebraska teenager and her mother of having an illegal abortion. (In that case there is no indication that any message was previously deleted.)
Ravi Sen, a cybersecurity researcher and professor at Texas A&M University, said law enforcement and other groups “with the right resources and access to the right kind of tools and knowledge” can recover deleted data in some circumstances.
Many people don’t know all the places their data ends up, Chen said. Any post, whether it is an email, social media comment or direct message, is usually stored on the user’s device, the recipient’s device and the servers of the company where the platform is used. “Ideally,” he said, “if the user who created the content” deletes it, “there should be no content from all three places.” But in general, “it doesn’t happen that easily,” he added.
You can go to companies and ask them to wipe your data from their servers, though many won’t take this step, Chen said. The chances of recovering a deleted message from a user’s device decrease over time, he added.
According to privacy experts, the best way to control online data is to primarily use apps that provide data encryption. To conclude. That is also important Manage cloud backup settings To ensure that personal data on encrypted services cannot be accessed elsewhere.
But even with all the precautions an individual can take on their part, once you put something online, “you’re out of control,” Matz says.
Because even if you delete a Twitter post, or even delete it from Facebook, someone else may have already copied the photo you posted,” he said.
Matz recommends paying more attention to what people share on big tech platforms. While it may sound pessimistic, he believes it’s better to be more cautious on the Internet.
“Everything you post can be used by anyone and will live forever,” he said.