log28 icon indicating copy to clipboard operation
log28 copied to clipboard
verified publisher icon wildeyedskies

data destruction policy options

Open dkg opened this issue 3 years ago • 2 comments

The political situation in the USA around fertility is fraught today, and data stored on people's phones can potentially get them in trouble.

A local period tracker like log28 is clearly better than one that sends stuff to the cloud, but local data could still be used against someone if their phone is seized.

It would be nice to have a setting that would automatically securely destroy data older than a certain time. This is comparable to "disappearing messages" on a messenger app.

Having a simple setting like "delete logged data after" with choices like 3 months or 6 months would be a nice option for people who have to worry about this. It wouldn't help if a person's phone is seized promptly after a visit for reproductive healthcare, but if their phone was seized later during a delayed prosecution, it might help.

Other possible options for data destruction or protection:

  • a button to destroy all data (i guess uninstall and reinstall might work too, but maybe it is clearer to have an explicit action?)
  • a button to replace historical data (from some point back?) with reasonable-looking random data

dkg avatar Jul 13 '22 15:07 dkg

This is a really cool idea

wildeyedskies avatar Dec 09 '22 19:12 wildeyedskies

I think it comes from a good place, but I don't know if it actually will protect people. Maybe the same thing can be achieved by safeguarding the whole app with a password and encrypting the exported file? You can refer to 5th amendment and refuse to give the password or just pretend like you forgot it.

Asalle avatar Dec 10 '22 08:12 Asalle