Facebook Secretly Saved Videos Users Deleted

[chc]

It seems precisely as easy to make sure you've deleted every copy of the data as it is to make sure you've encrypted every copy of the data.

[dataflow]

Edit: apologies, seems I read way too quickly! Thanks for pointing it out.

[whynaut]

You seem to be commenting out of context:

> generate a new encryption key every day for “data deleted today”,

The question is not can we encrypt at storage. We’re now talking about encrypting as a soft-deletion method, which means we need to know everywhere the data is stored at deletion time, whether to delete it or to encrypt it with this new “deletion” key.

[qubex]

Thanks for raising that issue, I was somewhat confused by the mentioning of encryption as a soft-deletion method... it made precious little sense to me, but everybody seemed to go along with it and I thought I was missing something very fundamentally ’right’ about that idea. Turns out it’s not so.