I’d like to update my thinking on the following question:
What is the responsible way to get rid of electronic information that one does not want, or that one has a legal duty to get rid of (like irrelevant personal information)?
Some of the alternatives:
- delete the information from one’s drive. (unlikely to be satisfactory, since ‘undelete’ programs are readily available)
- reformat the drive
- apply a specialized ‘wiping’ program (one or more times)
- destroy the drive physically
- encrypt the data on the drive then destroy the keys
Ontario’s Information and Privacy Commissioner takes the view that the best way properly to get rid of (third party) personal information that one no longer wants to hold or that one is required by law not to hold, is to destroy the medium on which it is found — wiping disks “may not … irreversibly erase every bit of data on a drive.” [See the IPC Fact Sheet on secure destruction of personal information, Dec 06 [1] PDF]
I am not aware of any instances in Ontario, or elsewhere in Canada, in which PI was improperly recovered from a wiped disk, though; so the Commissioner may be giving a counsel of perfection.
Likewise I know of no instance before any Canadian privacy commission where someone was sanctioned for inadequate destruction of electronically-stored PI. Do you?
Is there any circumstance in which it might be considered professionally negligent for counsel to recommend ‘only’ running it through a wiping program a few times to protect the information from inappropriate eyes?
Is there any circumstance in which a regulatory authority might find someone in breach of a duty of confidentiality for having ‘only’ run it through a wiping program a few times?
What do you recommend to your clients? Do you know of anyone (client or otherwise) who has ever had any problems with data thought to be destroyed by any method turning up again, either in the wrong hands or in their own (besides finding another source of its storage…)?