Aktieviking Aug 13, 2025
Em 

If you store the data of others:

1) you are responsible for protecting it,

2) you are responsible for determining if harm could be caused if this data leaked,

3) and you are responsible for deleting it properly once you do not need to retain it anymore, especially if it could cause harm.

This is a moral obligation and, in many circumstances, can also be a legal one.

#Privacy #DataMinimization #DataDeletion

Aug 13, 2025 at 4:03pmWeb
Show threadTenguAug 13, 2025
@Em0nM4stodon This sounds like the GDPR.
Show threadWhatever WorksSep 1, 2025
@Tengu @Em0nM4stodon It sounds like common sense!
Show threadsͧb̴ͫƸ̴gͬᵉAug 13, 2025
@Em0nM4stodon Corollary: Most developers are irresponsible, immoral mercenaries.
Show threadKevin CheekAug 14, 2025
@subm3rge @Em0nM4stodon I truly wish I didn't agree with you.
Show threadChris Wolff a.k.a. Shoe BillAug 13, 2025
@Em0nM4stodon

This is why I decided at the start of it all that nothing I self-host will ever be used by anyone who is not me. As much as I would like for my friends and/or family to have their own accounts on this instance, I'm just not gonna be responsible for the protection and proper handling of potentially sensitive information about them. I also do everything I know how to do, not to get hacked for my own sake, obviously. Worst case scenario, though, if that does happen: I'm the only one who gets hacked, and they're not even gonna get anything all that juicy for their effort. It would be really annoying, but that's about the extent of it, honestly. Also, I'm selfish, and I own the hardware this thing's running on, and I want it all for myself. 😂
Show threadCassandrichAug 13, 2025
@christian_freiherr_von_wolff @Em0nM4stodon This is absolutely the responsible approach. It makes me so angry when I see folks with no awareness or care for privacy, safety, interpersonal abuse, etc. blabbering about how folks should run instances for their families, schools, neighbourhoods, etc. Fuck no. This is a role for a responsible, personally detached party.
Show threadChris Wolff a.k.a. Shoe BillAug 13, 2025
@dalias @Em0nM4stodon

I would rather see everyone run their own servers for themselves alone—so, everyone have their own single user instances, in other words—anyway, just on principle. I think the intention is usually good when people say stuff like that, don't get me wrong, but even if we're ignoring the massive security risk in the case of whoever runs the thing not knowing what they're doing… it's just more conducive to the kind of Internet we need right now, if everyone is self-sovereign and doesn't NEED to rely on anyone other than themselves.
Show threadCassandrichAug 13, 2025
@christian_freiherr_von_wolff @Em0nM4stodon Well that's not something you can convince most ppl to do. So what we really need for self sovereignty is the means to decouple physical infrastructure from access to tamper with (or, depending on context, inspect) the data. This makes everything into hard cryptographic data model and key handling problems. 🙃
Show threadChris Wolff a.k.a. Shoe BillAug 13, 2025
@dalias @Em0nM4stodon

Eh. I think this is probably a lot easier than it used to be. I've never self-hosted anything until this, and I already have GoToSocial (this) and WriteFreely both on their own respective subdomains, and a raw HTML landing page at the top level of the site that explains what(ever) I'm (ostensibly) trying to do with all of this. VirtualBox + NixOS + Cloudflare Tunnel is the unholy trinity that allows you to just fart these things out, apparently. I also run everything through Nginx first and then have Cloudflare talk to that, which helps a lot, although that's not technically necessary. Again: if I can do all of this with no experience, it's really not that hard. You still might be right that you'll never convince most people to do this. In fact, you probably are right, sadly. I think the aversion of most people who are averse to begin with, though, is probably born from their imagining something else, probably because of some way it used to be back in the day and how migraine inducing that was, if I had to guess.
Show threadCassandrichAug 13, 2025
@christian_freiherr_von_wolff @Em0nM4stodon https://xkcd.com/2501/
Average Familiarity

xkcd
Show threadChris Wolff a.k.a. Shoe BillAug 13, 2025
@dalias @Em0nM4stodon

Damn. Good thing I'm not an expert. 😂
Show threadCassandrichAug 13, 2025
@Em0nM4stodon Slight addendum to 2: you're responsible for trusting the data subject when they tell you how they could be harmed if it leaks, even if you didn't already determine it could be harmful in that way, and acting to minimize that harm and to inform them in detail ASAP if a leak occurs.
Show threadCadenAug 13, 2025

@Em0nM4stodon I would also add:

4) you are responsible for informing those whose data you store about how you are fulfilling 1-3.

Show threadFace ThumbAug 13, 2025
@Em0nM4stodon As Bruce Schneier says, data is a liability, not an asset. You need to destroy it as soon as you don't need it any more. If you have checked someone's ID for example, as soon as it has been verified change had_valid_id to true in a database and delete any text or images from the actual ID.
Show threadFace ThumbAug 13, 2025
@Em0nM4stodon There have been a few telco and club breaches where scans of driver's licenses were leaked for every single customer. Some of the customers registered their plan years ago. So of the customers weren't even customers any more but the companies had kept their records in some cases for decades, far longer than they were required to.
Show threadBrianKrebsAug 13, 2025
@Em0nM4stodon this is exactly why i have never wanted to sell my readers anything. not subscriptions, not mugs and t-shirts. I have a list of 60k email addresses. That's it. And nobody else gets that.
Show threadlbcp 🦖 Aug 13, 2025
@Em0nM4stodon I miss the point where you are responsible to train your models with the data.
Show threadmaya_b 🇨🇦Aug 13, 2025

@Em0nM4stodon

huh, almost sounds like GDPR (General Data Protection Regulations) they have in the EU - though really messes with monetizing users.

Oh and GDPR also requires deleting any Personally Identifying Information (PII) after an account has been dormant for 3 months - often along with the account itself.

Show threadMark RotteveelAug 14, 2025
@maya_b @Em0nM4stodon As far as I'm aware there is no such specific requirement in the GDPR.
Show threadmaya_b 🇨🇦Aug 14, 2025

@mrotteveel

for deletions? I've received notices that I'll have my account deleted if I don't log in by a certain date.

it may not be a hard requirement (can't remember but 3 months seems to come to mind) - but it does advise setting a reasonable time deletion. It actually eases the data controller requirements.

eg job website keeps CVs for years rather than months - the CVs (and associated account details, PII, etc.,) after a certain lose relevance (ie person got a job or new qualifications and old CV is no longer current) - hanging onto that serves no realy purpose.

so it's possibly easier, from a compliance and liability perspective, to delete on a published schedule.

@Em0nM4stodon

Show threadMark RotteveelAug 14, 2025
@maya_b @Em0nM4stodon Yes, there are requirements in GDPR that you don't store information longer than necessary, but IIRC, there is no requirement that says "3 months". As a data processor, you need to describe what you store, why, on what grounds and for how long, and your reasons for that duration. If you have good reasons for storing data 24 months (e.g. because you have historic data that shows a sizable portion of your users/customers only visits once a year or so), than that should be OK.
Show threadHey ZeusAug 13, 2025
@Em0nM4stodon like this guy!! https://www.theguardian.com/us-news/2025/aug/13/ice-alert-app-trump
The Ice alert app founder sparking fury in Trump officials: ‘Pam Bondi said I better watch out? Please.’

After IceBlock’s launch in April, Kristi Noem attacked developer Joshua Aaron and his wife was fired from the DoJ. The attention has only led to more raids being reported

The Guardian
Show threadComfortably NumbAug 14, 2025
@Em0nM4stodon something something PII
Show threadtrainguyromAug 14, 2025

@Em0nM4stodon deleting corporate data that you no longer need to store is great for cost savings too!

Let's be real, there's a high chance it's all stored in an S3 bucket, maybe a managed database or even just SharePoint, and all of those are very pricey places to store data that you don't need to retain

Show threadMichael WeissAug 14, 2025

@Em0nM4stodon you're absolutely correct from a moral and ethical perspective. But in practical terms, the economic incentives push hard in the opposite direction today.

I've come to think of this economic misalignment as being very much like that of pollution, where in the absence of powerful legal and regulatory forces, nothing will change.

https://www.securityeconomist.com/digital-pollution-the-hidden-cost-of-insecurity/

Digital Pollution: The Hidden Cost of Insecurity

From smokestacks to server racks, the story stays the same: profits are hoarded, harms and costs outsourced.

The Security Economist
Show threadjabbotAug 16, 2025
@Em0nM4stodon Is this the legal matter of ‘bailment’?