Ask HN: US laws affecting private user data?
2 points| rebootthesystem | 8 years ago
Name, email, driver's license, social security number, credit cards, bank account/s, address, phones, etc. In other words, personal and financial data.
A year later a user decides to close the account.
What laws do we have in the US regulating what information can be kept in a database, in what form and for how long after an account is closed?
Or perhaps, more generally, regulating a request from a user for the deletion of said information?
[+] [-] based2|8 years ago|reply
https://www.state.gov/privacy/
https://www.schneier.com/blog/archives/2006/04/identitytheft...
https://www.schneier.com/blog/archives/2016/07/anonymization...
https://www.pcisecuritystandards.org/
https://www.eff.org/deeplinks/2016/10/empty-promises-privacy...
[+] [-] rebootthesystem|8 years ago|reply
A quick scan seems to reveal consumers in the US don't have as much control over their private data as I thought we might. Which is bad. If someone has my driver's license and credit card data in their database and I want it completely erased they ought to be legally required to do so.
As someone operating multiple websites as well as a user my policy is to delete any and all private data on request. For me it's a matter of what I would want as a user.