Data‑deletion backlash surfaces

Elizabeth Holmes’s latest push for people to wipe their online histories has collided with a fresh round of scrutiny over who actually controls deleted data. Holmes is serving a federal prison sentence for Theranos fraud, while Google’s Fitbit is facing renewed questions about how deletion works in practice. (justice.gov; support.google.com) Holmes was sentenced in November 2022 to 135 months, or 11 years and 3 months, after prosecutors said she defrauded Theranos investors of hundreds of millions of dollars. In February 2025, the Ninth Circuit upheld her convictions, sentences, and a $452 million restitution order tied to Theranos. (justice.gov; ca9.uscourts.gov) That history shaped the backlash to her recent data-deletion message. Holmes also filed a commutation request that was still listed as pending in January 2026, according to ABC News, keeping her public profile active as her prison term continues. (abcnews.com) The Fitbit side of the story is less about one viral post than about a long-running argument over consent, retention, and erasure. Google says users can delete Fitbit data or an entire Fitbit service at any time, but its own help pages say deletion can take 30 days for most account information and up to 90 days for device data and backups. (support.google.com; support.google.com) Google’s Fitbit privacy pages also say health and wellness data is kept until a user chooses to delete it or leaves Fitbit, and Google says that data is kept separate from Google Ads. The company’s public privacy page says users can export or delete health data from Fitbit settings or a Google Account. (support.google.com; safety.google) European privacy advocates have been pressing Fitbit on a separate issue since at least August 2023. Noyb, the privacy group founded by Max Schrems, filed three complaints in Austria, Italy, and the Netherlands alleging Fitbit forced users to accept international data transfers and made consent hard to withdraw without losing the service. (techcrunch.com; business-humanrights.org) Those complaints did not center on a proven refusal to honor every deletion request, and public records surfaced in this reporting do not show a regulator’s final ruling on that point. What they do show is a documented dispute over whether Fitbit’s consent and deletion pathways meet the standards required by the European Union’s General Data Protection Regulation. (techcrunch.com; noyb.eu) Google says it gives people “easy-to-find and easy-to-use” privacy settings and the ability to delete or export data anytime. Critics argue that long retention windows, backup systems, and account-linked health records make “delete” a slower and narrower promise than many users assume. (safety.google; support.google.com) That is why the two story lines met so easily online. A convicted executive urging mass deletion landed at the same moment users were revisiting how much power they really have once health and activity data has already been collected. (justice.gov; safety.google)