> All the big companies are doing immutable, append-only event logging and probably have no mechanism to expunge this data. All because storage is cheap and they need to hold on to everything for testing or whatever future need that might arise.
I'm very confident that the data is fully removed, because properly deleting data within NN days is treated as very serious internally. But I don't know the details of how it's done for cold storage.
(I would love to see someone subpoena something deleted, say, 1y ago and write up whether it was produced.)
This is not true at all. Here's a recent HN discussion that talks about how Google handles this: https://news.ycombinator.com/item?id=19809259
(Disclosure: I work for Google, but I'm speaking for myself)