Things We Don't Do: Remember You Forever

It isn't always immediately obvious what a tech company might be doing with your data. Because LinkLocker is designed to appeal to exactly the sort of people who might be uncomfortable with dumping their information into a black box and simply hoping for the best, we want to be as open as possible about what happens to the data you put into your LinkLocker account. To that end, we're publishing this series of articles tagged "Things We Don't Do," in which I discuss many of the Web's questionable practices and explain why we do not engage in those practices. In this post, I'd like to talk about the fact that LinkLocker does not hold onto your data in perpetuity. When you ask us to forget something, that's exactly what we do.

Deleted Links Are Actually Deleted

In the vast majority of cases when you delete a post or some other piece of data on a Web site, the data isn't actually deleted at all. From your perspective the data may no longer be accessible, even though it remains on the server. This fact is probably somewhat surprising to many users, but it is so commonplace online that you might as well assume that all sites are behaving this way.

It should be pointed out that there are in fact some practical benefits to this arrangement--chief among them is the fact that data can be recovered if you change your mind. There are also quite a few downsides: this data may continue to be used by the Web service in question to build a marketing profile about you, or to feed some machine learning algorithm. Further, any data on a server may eventually be exfiltrated by an attacker.

We don't think that the ability to recover deleted data is worth all of the risks involved. When you delete one of your bookmarks on LinkLocker, it is instantly and permanently removed from the database. While those links would remain in database backups (for more about our backup policies, see below) for a short while, they will be deleted entirely--forever--as soon as the oldest backup containing them ages out.

When You Leave, We Forget You

Many sites on the Internet are so concerned about retaining users that they will hold onto your account data for years after you close your accounts with them. Facebook, for example, claims to delete your account after a grace period, but the reality of the situation is that they do retain some data about you forever. Do you really trust Facebook to hold onto information about you without abusing it in some way?

While Facebook may retain the precise measurements of your shoes from 1994 even when you cancel your account, LinkLocker forgets all about you when you leave. When you cancel your LinkLocker subscription, we do hang onto your account for 30 days in case you either decide to come back, or else to export your data to JSON for use elsewhere. After that 30-day period, however, every single solitary trace of your account is deleted forever: there's nothing at all in the database, and there are no longer any logs which reference you or your account. It's exactly as if you had never signed up.

Backups Are Kept Fresh

Look, we're not insane: we do keep backups. We aren't going to risk losing everyone's data if lightning strikes the datacenter or something. While there's a clear need to back up user data, we do also want to make sure that our backups aren't counteracting the steps we've taken above. For that reason, our nightly database backups are deleted after one week; at any given time, our backups are seven days old at the very most.

Do you know how old Facebook's backups are? No. Nobody does.

One quick note on security, while we're on the subject: our backups are fully locked down with strong crypto. The encryption takes place on our servers before the backup data is sent to a remote storage volume for safe keeping over its brief 7-day lifespan.

Wrapping Up

We firmly believe that your data belongs to you. If you want us to keep it for you, we will. If you want us to get rid of it, we will do that too. And we mean we will really get rid of it.

The Web is kind of a cesspool these days, and we know how hard it is to trust anyone online. LinkLocker is built on a model that requires trust, and we know we will need to earn that trust over the long haul. We don't want to be all shady like other services are. There are some things--like holding onto info about you forever and ever--that we simply don't do.