[bsilvereagle]

If Visio made complete backups (say full HDD clones) of all their computers on a weekly basis, do all of the backups need destroyed? Is it feasible to open every backup and delete the relevant information? Is it possible to "forget" that a backup process exists and still maintain the data?

[x0x0]

That's unimportant. What is important is legal penalties for accessing or selling that data. No-one with assets and in-house counsel would dare violate an order like this.

[derefr]

I've always wondered whether a datastore built on an immutable architecture could be designed to cope with an expectation of receiving court orders to delete data. I think you'd arrive at a somewhat "DRM"-like design. That is:

1. the datastore system would be designed as an "appliance", intended to be installed directly on hardware, and would mandate (and check that) the hardware it was installed on provided both a TPM to store disk encryption keys in, and a full Secure Boot trust-chain granting only its bootloader boot privilege;

2. the datastore software would maintain a mutable index within the store (in the Merkle-tree-ref sense) of all data that is to be "considered deleted"—a master "tombstone" record, in the DBMS terminology—and would prevent anyone from accessing said data through the system's API.

With such a design, the data is effectively "gone", just as if it was really erased from the disks; the only way for a company running such a datastore to "recover" the data would be to find an exploit in the appliance allowing them to modify either the tombstone list (somewhat easy to thwart by choice of data structure), or the code that applies the tombstone policy.

[detaro]

In addition: Have per-object encryption keys and destroy those when data has to be wiped.

[daurnimator]

Have a look at what datomic does. http://docs.datomic.com/excision.html

[kpil]

It's like every service providers wet dream to arbitrarily lock up our private files. Currently only the russian cybercriminals are a bit ahead of the competition.