1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Your deleted Twitter DMs aren't really deleted after all

By David Matthews ยท 5 replies
Feb 16, 2019
Post New Reply
  1. Deleting your direct messages on Twitter doesn't actually delete them at all. In fact, Twitter appears to retain messages for years even if an account is suspended or deactivated, according to a report by TechCrunch.

    Security researcher Karan Saini told the publication he found that messages he'd sent years ago were still there after he downloaded an archive of his account. Some of the messages were from accounts that had long since been deactivated. Saini was even able to use a deprecated Twitter API to get DMs that had been deleted from both sender and recipient.

    TechCrunch conducted their own tests and confirmed they were able to retrieve direct messages that were sent from suspended or deactivated accounts. Anyone can download their Twitter archive, which essentially has all the data Twitter stores for your account.

    Saini's primary concern wasn't necessarily that the messages were being retained, but rather the length of time those messages were held.

    Per Twitter's official privacy policy:

    "We keep Log Data for a maximum of 18 months. When deactivated, your Twitter account, including your display name, username, and public profile, will no longer be viewable on Twitter.com, Twitter for iOS, and Twitter for Android. For up to 30 days after deactivation it is still possible to restore your Twitter account if it was accidentally or wrongfully deactivated."

    It appears as if Twitter is intentionally retaining data after the 30 days are up and after the 18-month maximum. As TechCrunch notes, this is egregious not for security reasons but for privacy. In fact, Twitter may be liable under Europe's General Data Protection Regulation (GDPR) and made to pay up to four percent of their annual income for violations.

    For now, Twitter has stated that the company is "looking into this further to ensure we have considered the entire scope of the issue."

    Permalink to story.

    Last edited by a moderator: Feb 18, 2019
  2. psycros

    psycros TS Evangelist Posts: 2,792   +2,611

    I'm shocked. No, really, I just totally can't believe another messaging service lied about keeping every scrap of data it has on you, to a degree that even the FBI would be jealous of. Truly, I'm shocked.
  3. netman

    netman TS Evangelist Posts: 351   +112

    Why are you so shocked?! This has been a fact for years... You are so naive! You rely and trust social media too much! Wake up!
  4. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 11,513   +5,077

    That was sarcasm.
  5. Misagt

    Misagt TS Maniac Posts: 293   +209

    Your privacy will never be respected. It will always be violated as long as we don't have extreme punishments and hold those in power accountable.
  6. Twitter keeps the data for 18 months, and then hides it from view for the NSA to use, obviously.

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...