Slashdot Mirror
Even Years Later, Twitter Doesn't Delete Your Direct Messages (techcrunch.com)
An anonymous reader quotes a report from TechCrunch: Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini. Saini found years-old messages in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also reported a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient -- though, the bug wasn't able to retrieve messages from suspended accounts.
Direct messages once let users "unsend" messages from someone else's inbox, simply by deleting it from their own. Twitter changed this years ago, and now only allows a user to delete messages from their account. "Others in the conversation will still be able to see direct messages or conversations that you have deleted," Twitter says in a help page. Twitter also says in its privacy policy that anyone wanting to leave the service can have their account "deactivated and then deleted." After a 30-day grace period, the account disappears, along with its data. But, in our tests, we could recover direct messages from years ago -- including old messages that had since been lost to suspended or deleted accounts. By downloading your account's data, it's possible to download all of the data Twitter stores on you. A Twitter spokesperson said the company was "looking into this further to ensure we have considered the entire scope of the issue."
Direct messages once let users "unsend" messages from someone else's inbox, simply by deleting it from their own. Twitter changed this years ago, and now only allows a user to delete messages from their account. "Others in the conversation will still be able to see direct messages or conversations that you have deleted," Twitter says in a help page. Twitter also says in its privacy policy that anyone wanting to leave the service can have their account "deactivated and then deleted." After a 30-day grace period, the account disappears, along with its data. But, in our tests, we could recover direct messages from years ago -- including old messages that had since been lost to suspended or deleted accounts. By downloading your account's data, it's possible to download all of the data Twitter stores on you. A Twitter spokesperson said the company was "looking into this further to ensure we have considered the entire scope of the issue."
Sounds like a blatant GPDR violation that can attract BIG fines.
If deleting a record breaks your site, that's a good hint your DB schema doesn't have referential integrity.
I have designed quite a few database schemas in the last twenty years or so. Deleting a "logical unit" (which might be spread out between different tables with different relations between them technically) has never been a *technical* problem for me.
The only problem is that the people who actually wind up using the system (and in the end pay you through one scheme or another) allays whine and groan at you: "yes, yes, yes, I know, I deleted it. Yes, yes, I now, I even confirmed the dozens of security confirmations asking me that I really wanted it deleted. But now I want it back, and when I can't get it back it's YOUR SOFTWARES FAULT!!!!"