I find it fascinating how much shock there is that Facebook is doing what nearly everyone else is doing, and what many people here have likely implemented.
> There is one class of data that you have to delete - and that's personal data that the user doesn't want you to hold any more. There may be local laws (e.g. in the EU) that makes this a mandatory requirement (thanks Gavin)
This is exactly the type of data we're discussing here. So no, contradicting the user's expectation when handling personal data is not a "best practice".
That said, Facebook is who is just getting collectively stabbed with the pitchfork right now. Engineering best practices are one thing. My right to privacy is another. As an engineer I care about efficiency. As a human I care about privacy. My rights win over any technocratic babble. Sorry if I am being harsh. I am, of course not surprised. Engineers are lazy at best and at worst, something truly sinister is brewing.
...as if I didn't already have enough reasons to hate that cliche, thought-terminating phrase... every situation is unique and figuring out what exactly to do for your particular one is probably the main purpose of being a software engineer.
The correct thing would be to flag as deleted for a sensible period of time (to be able to undo for the user) and then get rid of it after X days when it clearly isn’t needed anymore.
I imagine there are more pressing issues than the difficulty of implementing a schema.
For the average Joe and Janet out there, "deleting" something is synonymous to "remove from the internet for eternity"
In those cases it will take a lot of support to explain that what is gone is gone. I think customers don’t have a unified vision of what deleting means, they just want what’s optimal for the situation.
How hard is it to clearly state what FB is doing in the background?