Photo by Sam Pak on Unsplash

Better Laws

deletemydetails.org

A modern privacy act should make “deleting your details” as simple as unsubscribing from an email newsletter.

In Australia, we have laws which require businesses to include an "unsubscribe" option on every broadcast email they send. This ensures people can remove their email from a mailing list as easily as they are added to one.

The same system should apply to businesses which store your personal details.

These businesses provide you with tools to “manage your password” and other personalisation options. That same platform should legally require a “delete my details” option within the account management settings.

How the "delete my details" button would work

a) The system checks if the user is engaged in a contract (i.e. phone plan) with the company. If so, it would prohibit this action from being completed.

b) If the user isn't in a contract, the system confirms the user wants to proceed and provides a confirmation button allowing them to do so.

The Outcome

When the user confirms they want to have their details deleted, the following would occur:

a) The user receives a confirmation stating these details have either been deleted or alternatively, their request has been scheduled and will occur within a certain period of time (i.e. 30 days).

b) In some cases, the business will be obliged to hold the users data for a minimum period of time due to certain laws (i.e. Mandatory Data Retention). In this scenario, the user should be told their details will still be deleted, they just have to wait for the designated period to pass.

Written confirmation should be provided to the user once the whole process is complete. This should include documented "exceptions" (i.e. cold storage backups) where the deletion of such data wouldn't be feasible.

The end result should be that the users data no longer resides in any "hot storage" systems. These are the systems used by staff every day and are the most common points of attack for hackers.

The Cost

The cost to implement a feature like this will be seen as a financial burden by companies. However, the current privacy laws already require business to destroy or de-identify data they no longer require. This process just provides a time efficient method to comply with these laws, leading to a financial savings for companies and better security for ex-customers.