
The Security of Data Deletion - CapitalistCartr
https://www.schneier.com/blog/archives/2015/01/the_security_of_10.html
======
taeric
I can't help but feel this is a ship that long sailed. I ultimately support
the idea, but we seem to have turned into a society of hoarders, when it comes
to data. And, indeed, for many purposes this is quite useful.

As far away as I think the day is, I think we are more likely to enter a
society that is more tolerant of people's behavior and private views than we
are of one where everyone deletes data after a time.

~~~
npsimons
From one point of view, the history of computing has been one of trying to
maintain data integrity, which in turn makes it harder and harder to
permanently delete anything.

On the other hand, I can think of very few downsides to a more tolerant
society, and fervently believe that it can't happen soon enough.

~~~
saidajigumi
And not just data integrity, but capacity and culture work against "digital
forgetting" as well. Capacity (re: cost per unit) has been growing ( _much_ )
faster than our ability to generate correspondence. Now, the new default is to
just go with the flow of our digital memory. Likewise, IT organizations have
built in policies and practices around backing up and preserving data. New
effort and planning around comprehensive deletion policies would seem to be
the next frontier, both at the IT and individual levels. Deletion policies
exist now, but in my experience these are often half-hearted compared to
retention policies.

Even (especially?) for individuals in companies, email and the like become a
memory prosthetic. You don't need to make external notes, because you can
always go back to email. Speaking personally, I know of many, many occasions
where I've had to refer back to communications at least two months old. At
some organizations, trolling the last year's email has been practically
obligatory when slogging through annual reviews.

------
higherpurpose
Localization, localization, localization. Tighten up the security for tiny
islands within the organization. Don't just do perimeter defense [1] and don't
give a single computer access to thousands of other computers.

Don't route and don't monitor everyone's emails through a single server. Use
end-to-end encrypted email and ephemeral messages, as Schneier says. Something
like Kobeissi's new Peerio tool would've helped Sony and MPAA from having
embarrassing emails leak out (not that I wasn't glad to see them leak out).

[1] -
[https://community.rapid7.com/community/infosec/blog/2015/01/...](https://community.rapid7.com/community/infosec/blog/2015/01/07/the-
sony-breach-demonstrates-the-importance-of-moving-beyond-perimeter-defense)

[2] - [https://peerio.com/](https://peerio.com/)

------
coldcode
At my previous job the company lawyers sent out monthly reminders to archive
all emails and documents in case we got sued. Oddly enough the company could
have easily done this from the server itself. I wonder if perhaps making
employees do it meant it would never be saved as the server removed things
older than 90 days.

