Slashdot Mirror

← Back to Stories (view on slashdot.org)

Deleting Personal Data from Private Institutions?

Posted by Cliff on from the static-on-your-digital-paper-trail dept.

An anonymous reader asks: "This site has many readers who are familiar with the liabilities of personal data being stored on servers owned by private institutions. Bank records, phone records, credit records, flight records, basically any type of digital transaction can be (and likely are) stored indefinitely for whatever reason. Are there processes by which one can request a removal of personal data, or by signing contracts with these companies, do they own the rights to the information? If you have attempted such an erasure, have you encountered resistance?"

6 of 103 comments (clear)

  1. just a hunch by gEvil+(beta) · · Score: 4, Insightful

    I'd guess that even if you did get someone at a company to state that your personal information had been expunged, there's a very high probability that nothing was actually done and that all of your information was still there. This is purely based on my experience with various levels of customer service and managers--they'll tell you what you want to hear just to make you go away.

    --
    This guy's the limit!
    1. Re:just a hunch by TubeSteak · · Score: 4, Insightful
      they'll tell you what you want to hear just to make you go away.
      Which is why you _always_ insist on written confirmation.

      Never take their word for it.
      --
      [Fuck Beta]
      o0t!
  2. A Guy sued over being on a mailing list... by Anonymous Coward · · Score: 5, Insightful
    a few years ago. He was tired of getting all of that junk mail ("Direct Marketing" according to Advo) and started suing those junk mail companies. He lost on every appeal. They won every time!

    I know, this is worse with all of the personal data that firms have, and many times, they were collected some other way other than the customer giving it to them.

    For example, I once switched over to Sprint telephone service. When I canceled, they wanted my SSN. I said, "That's funny, I never gave it to you." Long story short, they had it allright! They "needed" it so that they could cancel my service.

    My only guess is that the credit bureaus are pimping our data - ALL of our data! don't get me started on ChoicePoint!!!

    1. Re:A Guy sued over being on a mailing list... by nickcoons · · Score: 3, Insightful

      My only guess is that the credit bureaus are pimping our data - ALL of our data!

      I remember about five years back when I was running credit reports for applicants. Even though the policy of the company was to require all of the blanks filled in on their application, the software we then entered that data into would pull the credit report of the individual even without us filling in all the gaps. The system would let us put in enough information to sufficiently identify someone (like a name and address), and it would fill in the gaps (like a missing social security number).

      So in short response to your comment, yes, the credit bureaus do seem to be providing more than what is necessary to view a credit report.

  3. Re:The only way to be sure... by arth1 · · Score: 3, Insightful
    The only way to be sure is not to give out information in the first place and simply pay for things with cash (Wikipedia entry for "Cash" for those of you who are unfamiliar with it).

    Really, it's a trade off for using services in our modern culture. The thing is that nobody is forcing you to give away any of your information.


    This is technically true, but useless in practice.
    Nobody forces you to cash a checks, but try caching one without being a registered customer or handing over your full personalia for registration. Nobody forces you to drive a car, but try getting car insurance without giving up your SSN and other private data.
    Or try getting a job, but refuse to give out your social security number. Chances are you won't get a job, and will end up on the street. You won't get welfare, because that requires registration of your personalia.
    In reality, not handing over your information is impossible, unless you live on a reservation or Amish society.

    --
    *Art
  4. It's not that simple by skybrian · · Score: 3, Insightful

    Suppose you're running a one-person business and one of your customers is obnoxious to you. Should you be required to forget all about it and treat them as any new customer next time you see them? Requiring businesses to delete records about their customers is essentially enforced amnesia. Whenever there's a transaction, it seems pretty reasonable for both sides to remember what happened.

    And then there's the question not only of what you should remember but who should you tell. If you have a bad experience as a customer, most people would feel perfectly justified in telling their friends, posting to their blog, and engaging in other bad publicity towards the company. When a business gets ripped off, who are they allowed to tell? Should assholes and deadbeats get a free pass next time?

    The other side to this is that we've grown accustomed to a certain amount of anonymity when dealing with larger businesses. This is a sort of automatic forgiveness. Some kind of forgiveness is essential, because memories are fallible, records can be wrong, and people change. Not to mention that there's an enormous power imbalance when you're dealing with a big business. But the question of how long you should remember, what you should forgive and forget, and how that should affect peoples' reputations doesn't have simple answers.