Think about it.. You don't even have to be an Apple user to be affected by this issue. If someone backs up their conversations with you to apple cloud, your exchange is now fair game. You get no say in it either.
Setting a retention time out is playing with fire. If the police get ahold of the other party's device, and present an exhibit which they say contains the true conversation, you could be worse off than if you retained the conversation. The fact that you have since deleted it could be incriminating.
In some jurisdiction, yes, legally, such evidence might not be probative, but you might still convicted because of it.
This isn't Amazon getting in trouble for implementation of a routine records retention policy. It's Amazon getting in trouble for violating a document retention mandate related to an ongoing lawsuit.
I don't think so. Corporate communication is bound by different laws and you have way higher burden of evidence in case of legal requests. I don't think this creates a precedent for personal communications.
Yes, but if I’m reading it right, Amazon staff were already inder instruxtion to retain and share data relevant to an ongoing investigation. They were aware of the process and, if the article is to be believed, worked against the instructions.
That’s quite different from turning disappearing messages on when you’re not explicitly under insteuctions to keep records.
Many people want control over whether they back up conversations with others, and think it would be crazy for sender to control the retention policy instead of receiver.
I think sender should just be able to send a recommended preference hint on retention and you could have an option to respect it or not.
Yes, but they'd have to issue another one of these snooping demands to either the app's developer (there's loads of developers so this would get out of hand quickly) or to Apple to patch the build or read the memory or something to get the unencrypted data
This current demand isn't blanket access to your device, it's access to things uploaded to Apple's online storage service. Having to get a backdoor that works with every app's encryption takes a lot more work while running the data through an authenticated encryption algorithm is relatively trivial for a developer
Nothing rude about it -- if the protocol depends on client-side s/w to pinky-swear it respects message retention, then it's an insecure protocol.
I like signal and use it, but I already thought message retention was pointless. It seems at best a trusted informal protocol you can use with known parties but not something you can really rely on.
Very similar to sites like LinkedIn, which ask you to share your personal info & contact list.
I don't want to share my contact details, but the second someone I know decides to opt in, I lose all rights to my own data as they've shared it on my behalf.
Maybe they have other info, such as birthday, home address, other emails or phone #s, etc. stored for me, which is all fair game, as well.
Security hinges on trust. The only real privacy tool is PGP which uses a web of trust model. But it only works if people own their own computers and storage devices. What they've done is got everyone to rent their computers and storage instead. There's no security model that works for the users here.
We all lose.