Even Years Later, Twitter Doesn't Delete Your Direct Messages

An anonymous reader quotes a report from TechCrunch: Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini. Saini found years-old messages in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also reported a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient -- though, the bug wasn't able to retrieve messages from suspended accounts.

Direct messages once let users "unsend" messages from someone else's inbox, simply by deleting it from their own. Twitter changed this years ago, and now only allows a user to delete messages from their account. "Others in the conversation will still be able to see direct messages or conversations that you have deleted," Twitter says in a help page. Twitter also says in its privacy policy that anyone wanting to leave the service can have their account "deactivated and then deleted." After a 30-day grace period, the account disappears, along with its data. But, in our tests, we could recover direct messages from years ago -- including old messages that had since been lost to suspended or deleted accounts. By downloading your account's data, it's possible to download all of the data Twitter stores on you. A Twitter spokesperson said the company was "looking into this further to ensure we have considered the entire scope of the issue."

Re:

[phantomfive]

Anyone who has ever built a data-driven website knows this. You never actually DELETE a record from a database.

You should know that this is probably illegal under GPDR. Yes, that is going to cause problems with database design, for reasons that anyone who has ever built a data-driven website knows.

Re: Flip a flag

[astrofurter]

If deleting a record breaks your site, that's a good hint your DB schema doesn't have referential integrity.

Re:

[phantomfive]

Would it surprise you to find out that most DB schemas don't have referential integrity?

Re: Flip a flag

[astrofurter]

Alas, it would not.

Re:

[aix tom]

I have designed quite a few database schemas in the last twenty years or so. Deleting a "logical unit" (which might be spread out between different tables with different relations between them technically) has never been a *technical* problem for me.

The only problem is that the people who actually wind up using the system (and in the end pay you through one scheme or another) allays whine and groan at you: "yes, yes, yes, I know, I deleted it. Yes, yes, I now, I even confirmed the dozens of security confirm

SFW

[drinkypoo]

This to you is news? It would be news if they did delete them, it definitely isn't that they keep them forever. Of course they keep them, the only things of value they have are messages, whether public or private.

TL;DR: zzzzz

Re: SFW

[astrofurter]

Don't you just love the smell of cybernetic totalitarianism I'm in the morning?

Re:

[drinkypoo]

Don't you just love the smell of cybernetic totalitarianism I'm in the morning?

I'm jeering, not cheering. We should all know that this is how they work. Now what are we going to do about it? Just sit around acting surprised?

More money for EU taxpayers

[Bruce66423]

Sounds like a blatant GPDR violation that can attract BIG fines.

Trade-off; Internet memory

[UnixUnix]

True deletion would allow someone to send threatening or abusive DMs and then remove the evidence. Non-deletion means an ex-gf wants to delete hot NSFW DMs, especially her very NSFW nude pics, but can't; not even blocking me gets rid of them.

It's over IRL but it lives forever in Internet memory.