Difference between revisions of "Information Sharing"
m (→References) |
(→Deleting User Data) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 20: | Line 20: | ||
The ideas of cross border exchanges for business or storage seems to be anachronistic and not especially helpful. The controller-processing concept seems to be very nearly impossible to comprehend as it relates to real-world entities. Imagine the chaos that would ensue if airlines were trying to follow these regulations. | The ideas of cross border exchanges for business or storage seems to be anachronistic and not especially helpful. The controller-processing concept seems to be very nearly impossible to comprehend as it relates to real-world entities. Imagine the chaos that would ensue if airlines were trying to follow these regulations. | ||
+ | |||
+ | ===Deleting User Data=== | ||
+ | Because of the problems of data controllers losing data and the requirement to "forget" the user after a given time, it is expected that data controllers could delete user data after a specific period, or on request by the user, the data owner. Bot the question is whether that is ever possible given the reality of data storage systems. | ||
+ | * [https://mit-serc.pubpub.org/pub/fesqymtr/release/1 Complete Delete: In Practice, Clicking 'Delete' Rarely Deletes. Should it?] 2024-09-11<blockquote>Without explicit engineering to ensure complete deletion, many of the files, photographs, database records, and other information deleted by end-users can be readily recovered for an indeterminate period of time. In part, this is because each file is copied to multiple locations, and in part, this is because deleted copies are rarely overwritten on storage media, allowing their contents to be “undeleted” using digital forensics tools. This was not an issue in early computer systems, as they had limited storage and quickly overwrote unallocated storage blocks. Modern systems proactively make many copies of data to improve performance and provide for error recovery, forcing users and system designers to consider how deletion should work in principle. Cryptographic erasure makes deletion more predictable, making it possible to align the user experience of deleting and undeleting files with the actual impact on data erasure and recovery. Ultimately, system designers must decide if they wish to implement systems that never delete anything, that delete local copies but leave remove backups, if they truly delete sensitive data everywhere, or if the actual deletion of any individual file or photo will be left to chance.</blockquote> | ||
==Solutions== | ==Solutions== | ||
==References== | ==References== | ||
− | + | * See the wiki page on [User Private Information] for the type of data that should be controlled by user and the data controller. | |
[[Category:Glossary]] | [[Category:Glossary]] |
Latest revision as of 20:26, 11 September 2024
Full Title or Meme
The process of collection of all sorts of information about a Subject that is collected by a web site. Not just User Private Information that is securely shared with user consent, but also the user behaviors like web site visits, searches and purchases as well.
Context
Information Sharing on the internet includes four broad categories of Personal or User Information:
- Identifiers (like identifiers provided by social signin or pseudonym selected as user names),
- Attributes (like age, address or real-world name),
- Behaviors (like queries, site visits or purchases online),
- Inferences (like pregnancy based on purchases, or political party affiliation based on site visits).
Problems
The consent notices that are typically received are related to sharing User Information and deal with sharing in terms like:
- for the business at hand; which seems to be the only place where a demand for User Information can be justified.
- for other purposes within the same business unit, typically for marketing notifications.
- sharing with different business units within the same corporation, like a bank giving information to a brokerage subsidiary.
- with other organizations that are participating in the business purpose - like a bank transfer to a business.
- with other organizations in the same business relationship, again typically for marking purposes.
- with other organizations where the businesses purposes are not related.
- with governmental entities for regulatory reasons, only some of which are permitted to even permit notification to the user.
The ideas of cross border exchanges for business or storage seems to be anachronistic and not especially helpful. The controller-processing concept seems to be very nearly impossible to comprehend as it relates to real-world entities. Imagine the chaos that would ensue if airlines were trying to follow these regulations.
Deleting User Data
Because of the problems of data controllers losing data and the requirement to "forget" the user after a given time, it is expected that data controllers could delete user data after a specific period, or on request by the user, the data owner. Bot the question is whether that is ever possible given the reality of data storage systems.
- Complete Delete: In Practice, Clicking 'Delete' Rarely Deletes. Should it? 2024-09-11
Without explicit engineering to ensure complete deletion, many of the files, photographs, database records, and other information deleted by end-users can be readily recovered for an indeterminate period of time. In part, this is because each file is copied to multiple locations, and in part, this is because deleted copies are rarely overwritten on storage media, allowing their contents to be “undeleted” using digital forensics tools. This was not an issue in early computer systems, as they had limited storage and quickly overwrote unallocated storage blocks. Modern systems proactively make many copies of data to improve performance and provide for error recovery, forcing users and system designers to consider how deletion should work in principle. Cryptographic erasure makes deletion more predictable, making it possible to align the user experience of deleting and undeleting files with the actual impact on data erasure and recovery. Ultimately, system designers must decide if they wish to implement systems that never delete anything, that delete local copies but leave remove backups, if they truly delete sensitive data everywhere, or if the actual deletion of any individual file or photo will be left to chance.
Solutions
References
- See the wiki page on [User Private Information] for the type of data that should be controlled by user and the data controller.