On the internet, as with most of life, you can’t count on things lasting forever. Websites close down, servers get turned off, the wrong button gets hit and years of work is erased. But just as you can’t depend on anything persisting, you can’t count on everything disappearing, either. Those photos of you looking ridiculous in college, which your friends uploaded to Facebook? Even if you delete your account, they’ll linger. From old blog posts to comments left on forums to tweets, things have a way of stubbornly persisting on the internet. It’s hard to predict what will disappear and what will last, but that persistence is partially why some sites and services have baked in disappearance as a feature.

Intentional ephemerality, the kind first popularized by Snapchat in 2011, is a sort of antidote to the digital hoarding that characterized the first 30 years of the Internet. The assurance of a digital expiration date is freeing. Why worry so much about what you say when you know it will disappear soon anyway?

Facebook CEO Mark Zuckerberg touted all these positive qualities of what he called “reducing permanence” online last week, announcing in a Facebook post that they would be at the core of a new “privacy-focused” platform he plans to build. “I believe the future of communication will increasingly shift to private, encrypted services where people can be confident what they say to each other stays secure and their messages and content won't stick around forever,” he wrote.

In his post, Zuckerberg laid out the promise of ephemerality as a way to make people feel more comfortable sharing online, but it’s not an ironclad strategy. “Ephemerality is a mixed bag,” says Gus Rossi, global policy director at the nonprofit Public Knowledge, which advocates for an open internet. Though Rossi believes it’s generally good that not everything stay online forever, he also notes that ephemerality can make people feel more secure or private than they actually are. “The risk is that you delete something that could be inconvenient or embarrassing for you in the future, and someone took a screenshot of it," he says. "Then it’s going to be around anyway.”

Even the most encrypted messaging services are only as secure as the person receiving the message. Plenty of people have sent messages they believed to be ephemeral only to find out later that wasn’t the case, whether due to the platform’s data management or their own mistakes. Guaranteed ephemerality---where something disappears forever, leaving no trace---is a lie.

Privacy researcher and former United States Digital Service engineer Kathy Pham emphasizes that ephemerality requires careful system design. Often, she notes, the reason for data permanence is not that companies even want the data around forever, but rather they just have “lazy data practices.” Early on, security problems with Snapchat’s API allowed unauthorized third-party apps to plug into the service and undermine its promise of instant deletion. When a hacker got into one of those third-party apps in 2014, hundreds of thousands of photos and videos were posted online in an event dubbed the Snappening. After that attack, Snapchat began actively designing against third-party intrusions.

Users of ephemeral and encrypted messaging apps also need to keep careful track of their privacy settings and other ways they can leave unintentional digital traces—things that are not always obvious at first glance. Former Trump campaign chair and convicted fraudster Paul Manafort reminded the world of that last year when special counsel Robert Mueller accused him of witness tampering via, among other things, WhatsApp, the Facebook-owned messaging app. Though his original messages were fully encrypted, Manafort failed to turn off a setting that automatically backs up messages to iCloud, where they were not—and where the FBI eventually obtained them.