Google LLC today published an extensive white paper outlining how it deals with user requests to delete data on its cloud platform.

The white paper explores how Google handles such requests on its Google Cloud Platform, as well as the processes the company itself goes through to delete user’s data.

Google’s cloud security and privacy product manager Eric Chiang said in a blog post that the deletion of data “needs to be balanced” in order to ensure its safe and effective and doesn’t impact on its cloud services. Chiang explained that all of the data stored on GCP is encrypted at rest, and also replicated on active systems and copied to backup servers in order to protect against loss of that information and ensure its availability.

“Your data may be replicated in multiple locations to ensure you have uninterrupted access to your projects, even if there are performance-impacting changes in the environment,” Chiang said. “Redundant copies of your data can be stored locally, regionally, and even globally on active and backup storage systems, depending on the geographic limitations you configure.”

As a result, deleting data on Google’s cloud isn’t such a simple process, and it also depends on the type of data the user is requesting to be deleted.

“You can flag a specific resource, a GCP project, or your Google account for deletion,” Chiang noted. “GCP services are configured to await these requests and initiate different processes depending on the type and scope of deletion request.”

From a user’s perspective, the process is fairly simple. Simply delete whatever needs to be deleted, and it will be marked as such and removed from the user interface, the white paper explains. But behind the scenes, certain GCP services will actually continue to store that data for a while before the “logical deletion” begins, wherein the data is actually wiped from Google’s servers.

Chiang said this “grace period” in which the deleted information remains stored on Google’s servers is so it can permit recovery of erroneously deleted data.

“Once the data is marked as deleted and any recovery period has ended, customer data is deleted in two ways: mark-and-sweep garbage collection and cryptographic erasure,” Chiang said.

He added that it takes about two months from the time of the request to delete data from active systems, and six months to remove that data from backup servers, as shown in this graphic:

Google also takes steps to ensure that data deleted from its servers cannot be recovered later. Most techniques used to recover deleted data from hard drives are expensive, but they do exist, so Google guards against this by securely decommissioning its physical storage media whenever it needs to be replaced.

You can read the white paper here for more details. Google has also posted this video to YouTube explaining how data gets deleted from its data centers:

Featured image: Pexels/Pixabay