It’s taken a long time, but people have finally discovered how much information companies like Google and Facebook have on them. We cannot keep sacrificing our privacy and dignity to continue using the internet. However, at the same time, new digital innovations that millions love and enjoy require our data. So what are we to do?

The biggest issue with the software industry’s data collection is the span of time for which it hoards information. The industry simply does not believe in a delete button. For instance, Google has records of all my locations for the last six years, and Facebook has my deleted messages from nearly 10 years ago.

This kind of long-term data storage may seem innocuous to some. To others, it may even be useful to know what exactly they were doing on a specific day many years ago, or recover messages from a loved one, or see how much their searching and browsing habits have changed over time.

However, as government surveillance is emerging as a growing threat – especially in surveillance states like China or Iran – the long-term data storage enacted by all of the top tech companies is a dream come true for any current or future authoritarian state.

Even if western governments are not enacting any Nineteen Eighty-Four-style policies of tracking your every word and executing you for any rebellious statements, the knowledge of potential surveillance can lead to self-censorship. You are not a threat and you may not have an FBI agent dedicated to you, but even the knowledge that they may look into you can lead to society operating with a subconscious fear of expressing views on the internet.

A 2013 study surveying US writers found that after they learned of the NSA’s mass surveillance programs, one in six avoided writing on a topic they thought would subject them to any kind of surveillance, and a further one in six seriously considered avoiding controversial topics.

This is why we need online privacy: we have the right to be curious or conduct digital actions without constantly being tracked, or fearing future reprisals. As Edward Snowden has put it: “Ask yourself: at every point in history, who suffers the most from unjustified surveillance? It is not the privileged, but the vulnerable. Surveillance is not about safety, it is about power. It’s about control.”

There also isn’t a strong business case for internet companies storing decades-old data. Old information is virtually worthless to advertisers and therefore not profitable for the companies to store. Why would Google need your location from six years ago, or Facebook to store your messages from 10 years ago, to target advertising? You may not live in the same location; you may not have the same friends, interests, hobbies, career, weight or even income as in that time period. Yet they just keep hoarding it.

Therefore, I propose legislation to allow companies to harvest as much information as they like, but with one caveat: they must delete the information from their servers in quarterly blocks. This would allow us to keep using the services we like in the exact fashion that we do now.

They can then offer you an option to download all the data they have on you, if you would like to keep your images or statuses or messages or emails. However, this must be an opt-out option.

The world is constantly changing. It may be too difficult or even impossible to stop entities like the NSA and CIA from monitoring your internet activity, but we can at least take a first step and put a roadblock in place for any potential or future surveillance. They will not have access to your life’s diary at the click of a button, or see everywhere you have been for 10 years, or use searching or browsing history from when you were a teenager to question your character.

This Digital Expiry Date offers companies the benefits of getting your data, personalizing results and still making profits, while putting some control in the user’s hands. You will not have to worry about governments or companies in the future mishandling years’ worth of information – which would limit the damage they could do. A Digital Expiry Date would maintain online innovation and profitability, while helping to prevent any future privacy disasters.

It is not a perfect solution, but it is a start.