alt Hacker NewsExcept their customer's data isn't actually theirs: OP requested their private data to be deleted from the system. So OP expressed a clear intent for their data not to be used by Flock's customer. We could say that the data thus becomes abusively retained on these systems. As a result, IF Flock has the technical means of performing the requested data deletion, it should be compelled to perform it.
This is the same situation as a web hosting provider: if it is communicated to them that one of their customers uses their service to host illegal content, then it becomes the web hosting provider's responsibility to remove that content.
Reasonable technical feasibility for the service provider is key here, but it can be argued since the data can apparently be shared in ways that identify OP.
Probably not how the law currently works (don't know, not a lawyer), but I guess it should, as otherwise it allows creating a platform that shares abusively retained data without any reasonable recourse for the subjects of this data to remove the data from the platform.
Replies
I do not believe this is how the law works. Two totally different regimes.
The data Flock holds is not owned by OP.
If I as a photographer take a photograph of someone, the photo does not belong to that person—the photographer retains the IP and ownership rights.
You have rights too, such as privacy/likeness rights, which allow you to restrict what the IP owner is allowed to do with the image that they own, but you do not own the data, and your rights give you a claim against the data owner.
Flock probably have legal obligations or contractual commitments not to delete or destroy their customers' data, and changing that is not necessarily a good thing.