|
|
|
|
|
|
by PeterisP
1459 days ago
|
|
|
The solution is social, not technical. The relevant authorities have the right to audit the process and do so in certain cases. Keeping your data after this request has a tiny benefit to the company - not that many people retract access, and one individual's data is not that valuable. On the other hand, intentionally keeping and using that carries significant financial risk of fines if found out; so a prudent organization simply won't do that - otherwise, it'll just be a huge expense for no good reason after e.g. some disgruntled ex-employee blows the whistle on this practice. |
|
|