Ask HN: I need help getting rid of my digital footprint
Over the years, I have singed up for over 500 online services, I have left sensitive information all over these online accounts.
I recently started combing through my (15k) emails, deleting every service that I have singed up for.
Is their a way I could automate this process?
Is their a way I could find all my accounts on the internet (since some companies never email you)?
Are their any other OPSEC tips I should know? Good resource: https://backgroundchecks.org/justdeleteme/ Search for "DeleteMe". I haven't used it personally. My only barrier to entry was that you have to give the service lots of your PII so they know what to search for, but if you trust them with that, they will do a lot of the work for you. You can also DIY it, last I checked they had some guides on how to do the work yourself. You technically could automate the process, but the website might have a captcha, but you could manually intervene and solve it yourself what is your concern over deleting existing accounts? that’s not how this works. if the data has been somewhere, it can be anywhere and everywhere. sure, try to delete what you know of, but the best thing to do is make less of it. there are sites to look up usernames across sites, but keep in mind that using those is creating data. no, my responding to you is not good OPSEC. but that’s boring. When you delete an account, the company usually deletes all the data you produce/ anonymize it.
Sure, some of that data is probably archived or spread around the internet, but isn't it better to delete it since most of the data wont be archived for any given company, any given service, what is the likelihood the terms had a data sharing provision? you know, with their trusted partners. the ones that pay them money? for the data. depending on how old the accounts, many of the regulations and practices you are expecting to be practiced weren’t yet in existence. perhaps they follow them now. companies have to get into compliance, and in the meanwhile, companies as big and sensitive as equifax and experian go “oh sorry…” but, no, if you think companies as a thing are consistently, completely, correctly removing data, you are mistaken. it isn’t even always due to negligence, and in those cases it may be quite legal. it may even be required. if not required legally, it may be in what you agreed to. but is it secure? what typically does not happen is a user’s request cleanly triggering a sanitization of all data they have generated on the targeted platform and periphery. Wasn't reddit just under fire for restoring people's deleted stuff without their consent, during the Apollo protest? I can't find the article right now, but I thought I heard something about this.