Can I delete my content from the network?

From @whyrusleeping on Tue Apr 07 2015 16:24:43 GMT+0000 (UTC)

If you add data to the network, and another node chooses to rehost it, there is no way to cause them to delete it from their blockstore.


Copied from original issue: https://github.com/ipfs/faq/issues/9

1 Like

From @jbenet on Tue Apr 07 2015 16:35:47 GMT+0000 (UTC)

It is possible for nodes to follow blocklists and to agree to follow common ones. But attempting to take back content is not fundamentally doable (there is no way to verify information deletion).

From @BillDStrong on Wed May 13 2015 10:16:11 GMT+0000 (UTC)

Could a fore encryption bit be set the next time that client comes online? This would achieve the same thing. (Ideally, I don’t want this to be doable, but better think about this now before some one thinks up this “good” idea.)

From @alexpmorris on Tue Jul 14 2015 00:17:43 GMT+0000 (UTC)

doesn’t issuing a “DELETE” delete content, or at least request the network to delete a file or directory to the extent that it can?

from http://ipfs.io/docs/commands/ :

-writable bool - Enable writing objects (with POST, PUT and DELETE)

From @jbenet on Tue Jul 14 2015 00:29:59 GMT+0000 (UTC)

@alexpmorris no. that’s just REST translation for one local gateway.

From @nmsmith on Wed Jul 22 2015 10:05:44 GMT+0000 (UTC)

The permanency of content will surely pose some legal and ethical issues. It seem like copyright holders wouldn’t be able to take action against infringement and I couldn’t do anything about someone publishing my nudes. I know this is already true of torrents, but if IPFS is used for web apps I imagine it being a bigger deal. What are your thoughts on this @jbenet?

2 Likes

From @eminence on Tue Sep 15 2015 19:47:24 GMT+0000 (UTC)

On the IPFS homepage, it is described as IPFS is The Permanent Web so deletion sounds like an anti-goal to me :slight_smile:

To be clear, though: it is possible for data to be deleted from the network. For example, if you add a file and then immediately unpin it and then garbage collect it before anyone has a chance to get it from you, it will be effectively deleted.

From @csharpner on Wed Dec 09 2015 03:16:20 GMT+0000 (UTC)

What about drive storage space if you can’t delete? Who’s holding (or more importantly, paying for) all this expired data and what’s the incentive to do so? My idea is to use IPFS to backup my data (after I encrypt it), and offer local storage as payment (or maybe partial payment… not totally sure how that works). But I will eventually delete some of that. It would serve no benefit to anyone to waste storage after I no longer need it.

What am I missing?

1 Like

From @whyun7892 on Wed Jan 27 2016 06:03:14 GMT+0000 (UTC)

Even though IPFS is for permanent web, It is required to be able to remove specific illegal contents. I think it is possible to remove them by mapping the content with peerID, and other peers that host the file need to remove the file on receiving deletion request through gossip protocol. Of course, I know that it is impossible to remove whole replicated contents, but it will be gradually faded out someday.

2 Likes

From @fazo96 on Wed Jan 27 2016 12:28:56 GMT+0000 (UTC)

I guess a possible solution to filter out illegal content is to ship IPFS with hardcoded blocklist addresses, which will be updated lists of content that will never be downloaded or retained by the nodes. These blacklists will of course only contain pointers to illegal stuff.

Then there could be other blocklists depending on which laws apply where the node physically is.

Criminals could still modify the source code to access illegal data, but it’s not a big deal since anyone else won’t be sharing it.

From @Kubuxu on Wed Jan 27 2016 13:27:17 GMT+0000 (UTC)

@whyun7892 There is a plan of opt-in block lists called badbits. They will contain hashes of illegal contented as for some authority. For more see: https://github.com/ipfs/notes/issues/21#issuecomment-117825284 https://github.com/ipfs/faq/issues/36

But there will not be option to just delete content from IPFS, same way you can’t delete content from WWW, if someone care enough to host it, it will be there.

1 Like

From @whyun7892 on Wed Jan 27 2016 14:22:53 GMT+0000 (UTC)

@Kubuxu Great. The opt-in blocklist method will take effect if some agency(such as DMCA) keeps requesting to remove particular contents on behalf of users or authorities. But, one concerns… Many blacklists from various authorities need to be managed (and by whom?), and the number of blacklist will be growing accumulatively because they will not un-list it…

If a user uploads private file by mistake, It will be more reasonable to give a chance to try to remove the content, even though it may not be completely wiped out in the overlay network, just like WWW.
If IPFS supports CRUD, it will be much more useful in various business area.

Fade-in, fade-out with user’s decision :smiley:

From @Kubuxu on Wed Jan 27 2016 14:35:10 GMT+0000 (UTC)

You can remove content you added to your node, you just can’t be sure that someone isn’t already rehosting it and remove it from there.

Size might be problematic but it is up to block list creator to manage it. Bloom filters can make it quite efficient to check if item is in blocklist. Many issues were discussed in issues I’ve linked.

From @whyun7892 on Wed Jan 27 2016 14:53:52 GMT+0000 (UTC)

@Kubuxu Thanks. Understood. :smiley: I think you mean that it is possible to remove by use of ‘pin rm’ and ‘gc’. right? If so, why not put ‘remove’ to basic commands list.

From @lidel on Wed Jan 27 2016 16:30:12 GMT+0000 (UTC)

IIRC it is absent by design: remove is ambiguous (remove from what? node? entire network?), having two explicit commands for removing a pin and triggering GC leaves no room for misunderstanding of what is happening.

From @emardee on Fri Feb 05 2016 05:49:40 GMT+0000 (UTC)

I understand that IPFS is nick-named “the permanent web”, but surely that shouldn’t mean that it is a good idea that we can never being able to delete something properly? I quite like the ideas of privacy that Diaspora ( https://diasporafoundation.org/ ) were working on, where users controlled their own data, and could always rescind it causing the distributed network to delete that data. I think that if IPFS is to become the new web, then privacy has to be one of the central features that can be chosen when needed. Clearly there will be items that need to be kept alive forever for everyone’s benefit, but equally, there should be an optional concept of privacy built in so that if someone wants a picture of them “forgotten” this should be possible too. It surely about thinking of this as the underlying platform for everything, then permanence isn’t always the over-riding need. It is about balancing the needs of privacy and permanence to get the right combination. Obviously a self-managed social network like diaspora could be re-built on-top of IPFS with its own controls for social data… but at the file level, I think a similar feature is potentially desirable inside IPFS but for any files.

1 Like

From @Kubuxu on Fri Feb 05 2016 06:07:17 GMT+0000 (UTC)

@emardee deleting data from any network is a gentlemen agreement, all listen and all of them cannot lie, you might ask everybody to remove the file but some of them will say “Removed.” but they keep it. IPFS isn’t worst in this matter than normal Internet, if you make something public to the network, you have to know that it can become permanent. Nobody can prevent anonymous internet people for publishing it all over again.

It isn’t just because: the aim is so everything is permanent, there just isn’t viable solution for this problem.

Diaspora is something else, it is closed (registered) community that can enforce the gentlemen agreement to remove the data.

From @lidel on Fri Feb 05 2016 07:53:53 GMT+0000 (UTC)

@emardee
Remember that we can’t truly “remove” things from the internet.
If you put data online there is always a possibility it will live forever.
Period.

You can issue a “revocation” requests, but in the end you have no control over them being respected by other parties. Things can be passed over alternative protocols or just saved to a cold storage to be released years later.

If you don’t want people to look at your bytes – use encryption BEFORE you put them online.

From @fazo96 on Fri Feb 05 2016 16:35:33 GMT+0000 (UTC)

@csharpner said

What about drive storage space if you can’t delete? Who’s holding (or more importantly, paying for) all this expired data and what’s the incentive to do so? My idea is to use IPFS to backup my data (after I encrypt it), and offer local storage as payment (or maybe partial payment… not totally sure how that works). But I will eventually delete some of that. It would serve no benefit to anyone to waste storage after I no longer need it.

What am I missing?

  • You can’t force other nodes to delete stuff, but you can choose what to keep on the nodes you control of course
  • At the moment there is no incentive to hold data except having the guarantee of being able to access it
  • in the future you’ll be able to pay other people to host your data using filecoins

From @emardee on Fri Feb 05 2016 23:13:14 GMT+0000 (UTC)

@csharpner
I guess the other thing you might be missing is that your encrypted files might well outlast the integrity of the encryption technique used to protect them. If you release your data to the public, and copies are kept way beyond your expectations, eventually someone might crack the encryption method rendering your data accessible to all. You’d want to be happy that by the time the encryption was likely to be broken, there was no privacy risk left in the data being exposed. For that reason, you might want to give this plan more thought. Probably better to use a trusted friend or two, and you all keep a private copy of each other’s backups (but not publicly), so that you trust everyone who has access to the data to delete when required, and to not open old files if encryption gets broken in the future.

1 Like