alt Hacker NewsWhat would a company that does that, hypothetically, then tell a user that requests their data held by the company reply? With their soft-deleted data, or would they say they have no data?
What would a company that does that, hypothetically, then tell a user that requests their data held by the company reply? With their soft-deleted data, or would they say they have no data?
They would obviously say we don't have the data. And to keep that person from "lying", the people that have the role to be able to make this request would have their software obey the soft delete flag and show them "no data available" or something like "on request of user, data deleted on YYYY-MM-DD HH:MM:SS" type of message. who would know any different?