this post was submitted on 17 Sep 2024
74 points (100.0% liked)

Privacy

31996 readers
524 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I've been trying to delete as many online accounts as possible to reduce the threat of my personal information / duplicate passwords / my cell number getting out there. I know, it's probably not worth the effort but it does at least clean up my password manager and MFA app.

I've tried had trouble getting my personal information scrubbed and my account deleted at Robinhood and LendingTree. Both have policies that claim they're unable to delete user accounts due to federal regulations.

Here's the bit from Lending Tree: https://www.lendingclub.com/legal/privacy-policy

Data Retention: Due to the regulated nature of our industry, we are under legal requirements to retain data and are generally not able to delete consumer transactional data, credit or deposit account application data, or other financial information upon request. Certain regulations issued by state and/or federal government agencies may require us to maintain and report demographic information on the collective activities of our membership. We may also be required to maintain information about you for at least seven years to comply with applicable federal and state laws regarding recordkeeping, reporting, and audits. Criteria used to determine the period of time information about you is retained are primarily related to legal requirements and usefulness of the information for the purposes it was collected.

In both of these cases, I haven't used the account in many years (RH: 2020, LT: 2018). It serves no purpose to maintain this account other than to exist as data for some malicious actor to acquire and act upon.

With data leaks happening practically every day, I'm really not comfortable with financial agencies with varying degrees of security keeping my information forever. I would think it would be in their own best interest to comply with a deletion request to prevent anyone from scamming them.

Also, I can't tell you how many websites I've lost access to because my phone number was tied to log in. I previously had a company-issued cell phone and not longer have access to that. Any website that requires a phone number for MFA is just horrible. I'm trying to sign into another financial site now and apparently I'm not able to do so without a phone number I had eight years ago.

Wondering if anyone is familiar with this federal regulation that requires they hold on to this information and if there's some sort of way around this either with a lawyer or federal form or something.

you are viewing a single comment's thread
view the rest of the comments
[–] mrbn@lemmy.ca 10 points 2 months ago* (last edited 2 months ago) (1 children)

The answer depends on the country. In the US, review the Bank Secrecy Act and anti-money laundering (AML) regulations. In Canada, there is the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) regulations and also the CRA requiring the individuals and businesses retain their records for up to six years.

if there’s some sort of way around this either with a lawyer or federal form or something.

Very unlikely.

[–] GolfNovemberUniform@lemmy.ml 6 points 2 months ago (1 children)

But there should at least be a way to prohibit them to share the data with third parties.

[–] spankmonkey@lemmy.world 4 points 2 months ago

That would also require a lawyer since it gets into the terms and conditions and other legalese