back to article Brit firms warned over hidden costs of wiping data squeaky clean before privacy rules hit

Not enough companies understand how to properly delete the data they hold – and need to address this if they are to comply with new data protection rules, privacy and security experts have said. Under incoming UK and European regulations, firms will be required to completely remove all the data they hold on an individual if …

  1. Anonymous Coward
    Anonymous Coward

    It is just not going to happen

    Having been employed at a huge "digital" customer company to manage a project to do just this and having scoped (most of) the complexities and scale and ballpark costs, I then saw the appetite of the organisation for the huge effort involved and the opposition from embedded "business managers". My conclusion was that it was never going to happen and it hasn't. I moved on and the company shovelled some more sand over their heads.

    1. Doctor Syntax Silver badge

      Re: It is just not going to happen

      "My conclusion was that it was never going to happen and it hasn't."

      It's probably just a matter of accumulating enough fines for them to realise that it's a way to save money.

      1. Anonymous Coward
        Anonymous Coward

        Re: It is just not going to happen

        just a matter of accumulating enough fines for them to realise that it's a way to save money.

        If it costs millions, and the fines are the usual slap-on-the-wrist, it'll be cheaper to pay the fines.

        1. Remy Redert

          Re: It is just not going to happen

          How does 4% of global annual turn over sound? Because that's the kind of money we're talking about for serious infractions.

          Companies will comply with the GDPR or they will go out of business.

          1. Anonymous Coward
            Anonymous Coward

            Re: It is just not going to happen

            that's the kind of money we're talking about for serious infractions

            "Up to" 4% of turnover. Just like "up to" 20Mbit/s ;)

            1. Doctor Syntax Silver badge

              Re: It is just not going to happen

              "Up to" 4% of turnover.

              It's still a much higher starting point for calculations than at present.

          2. Destroy All Monsters Silver badge

            Re: It is just not going to happen

            More like

            Companies will comply with the GDPR and they will go out of business.

            That's a problem. Y2K redux, with more data and even lower density of skilled IT people.

    2. Adam 1 Silver badge

      Re: It is just not going to happen

      Fines will be treated as a cost of business and passed on to customers. Whilst supply and demand curves should see a reduction in demand if price rises, that can in practice take a while to flow through because of inertia and frankly some services would still be valued at the higher price point.

      You see this all the time as currency movements make imports or exports cheaper or dearer. Unless one of the competitors can actually figure out a cost effective way to comply which is cheaper than the fines, the customer will pay the fines. Maybe in the short term some vendors might make a sell at a loss market share ploy giving the best of both worlds (ie, compliance + no price increase), but I wouldn't hang my hat on it lasting.

      1. Doctor Syntax Silver badge

        Re: It is just not going to happen

        "Fines will be treated as a cost of business and passed on to customers."

        Maybe, but it will then have a bearing on competitiveness. Those who are fined for failure to comply will be competing with those who aren't.

        1. Adam 1 Silver badge

          Re: It is just not going to happen

          @drsyntax

          > it will then have a bearing on competitiveness

          Exactly as I wrote:

          > Unless one of the competitors can actually figure out a cost effective way to comply which is cheaper than the fines

          There is no bearing on competitiveness unless someone is able to come up with a more efficient way to comply (or a loophole that means they don't need to).

          Otherwise the cost will either be absorbed by the shareholders or the customers. Maybe some companies might strategically sacrifice shareholders' profit to grow market share but eventually customers will pay. If I sell a service for 50 quid a month and my competitors are similar in price and I have a new regulation that costs 5 quid a month, I can either raise prices to 55, decide to live on 45 paying the 5 out of my own pocket or leave it at 50 and hope I don't get caught. Perversely, the latter will also grow market share from those who do comply. Laws of unintended consequences and all that...

  2. Anonymous Coward
    Anonymous Coward

    GDPR brokers ...

    There will be a gap in the market for GDPR brokers - similar to PPI outfits - who will take no-win no-fee cases, and simply hit big companies with GDPR requests and charges.

    1. Jon B

      Re: GDPR brokers ...

      Is it fines only or compensation also?

  3. Chris Hills

    Ouch

    This is going to require some serious effort to remove individual records from backup tapes.

    1. LDS Silver badge

      Re: Ouch

      Add some WORM storage than in some countries may be, or have been mandatory for some kind of data (i.e. tax records, including invoices, etc.) and it can become pretty complex - because those supports may be archived somewhere, and deleting single records can be difficult or impossible.

  4. Pen-y-gors Silver badge

    Backups?

    What does the law say about backups? Is there a requirement to delete information from all backups? How about backups on WORM optical media?

    And what about other requirements - insurance policies that run for 12 months may include an element of liability for years in the future. The policy details really should be kept as long as is necessary.

    This all sounds a bit silly - more legislation drafted by people who don't know what they're talking about. Unusual though, for it to come from Brussels - Westminster is normally the expert at drafting impossible legislation (see the 2011 Sun Rising in the West Act)

    1. Steve K Silver badge

      Re: Backups?

      Although less of a problem these days, does this apply to paper-based or microfiche records (e.g. as a backup or if there are records that old - like with life insurance or pensions?).

      As to your point on life insurance etc. I suppose in this case you could argue that if you are still living then you are not about to ask your life insurance/pension provider to delete the information it has on you under GDPR anyway!

      1. Pen-y-gors Silver badge

        Re: Backups?

        @SteveK

        Actually I was thinking of Indemnity insurance, not life assurance. If a business has a 12-month Employers' Liability policy, and during that time negligently exposes workers to e.g. asbestos dust, then when the asbestosis is diagnosed 20 years later the insurance company are still liable. It helps to be able to prove exactly what the policy covered, or even if they were covered.

        1. Anonymous Coward
          Anonymous Coward

          Re: Backups?

          HSE: "Health records, or a copy, should be kept in a suitable form for at least 40 years from the date of last entry because often there is a long period between exposure and onset of ill health"

        2. Rich_G

          Re: Backups?

          According to the ICO a data processor can refuse the right to erase data "to comply with a legal obligation or for the performance of a public interest task or exercise of official authority;" - in the case of insurance policies the FCA (SYSC 9.1.2) policy information must be kept for 5 years.

    2. Anonymous Coward
      Anonymous Coward

      Re: Backups?

      There have got to be exemptions for compliance with legal requirements. I'm wondering how audit trails can be properly maintained.

      1. Anonymous Coward
        Anonymous Coward

        Re: Backups?

        "There have got to be exemptions for compliance with legal requirements"

        There are almost no exemptions under the GDPR. What you've got are six possible justifications for holding personal data, ranging from the very narrow (legislative compliance) to the very broad ("legitimate purposes"). They're all reasonable and easily understood. The more broad the justification the more strong your own justification for using it has to be and the more carefully you have to balance the rights of the person.

        For example. If the law says you hold the data for 7 years, you hold the data for seven years and the individual gets no say. If you decide holding every customer you've ever had in a marketing database to sell at a later date with no record of when or even if consent for that was given is a "legitimate purpose" then I suspect ICO might want to have a word with you.

        1. katrinab Silver badge

          Re: Backups?

          You are required to keep details of sales invoices for 8 years or so [1], but that doesn't mean you can use the data for any purpose other than to calculate your tax liability.

          [1] the actual requirement is 6 years after the deadline for the tax return to which they relate, or 6 years after the relevant tax return was filed if later. If you are a company, and sold something on 1st April 2017, and your company year end is 31st March 2018, the tax return deadline is 31st March 2019 (tax is due 1st January, Companies House deadline is 31st December), and 6 years after that would be 31st March 2025.

    3. Nick Ryan Silver badge

      Re: Backups?

      Backups are an interesting case, and still unresolved from the orginal DPA (1998).

      The latest snake oil GDPR consultant I spoke with (essentially a clueless box ticker tasked with bringing in more consultancy and death-by-powerpoint sessions) seemed to think that when an individual's right to erasure is performed that their data must be removed from all backup media as well. They just couldn't understand that it wasn't a case of just "removing" the details from the tape, and I wasn't even going to waste my time running through the fact that backups are almost always compressed, often encrypted, and the backed up data may be in an application or file system format. In other words, to remove "Joe Bloggs" from your backup data you would have to extract the contents of the backup tape to a system what is able to understand and process all the data formats and structures in place, then to remove/overrite all the data pertaning to "Joe Bloggs" and then to respool the data back to tape. All the while not knackering up whatever arcane data formats and structures are in place.

      Obviously this is technically possible, however how many tapes or tape sets do you have? You'd have to perform this action on all of them where you reasonably suspect that data may be recorded regarding "Joe Bloggs". Once this is done you hope that the backup media are still in a working order.

      The following day you receive another request, this time from "Linda Smith" who also requires that her data is erased... and so on...

      1. Anonymous Coward
        Anonymous Coward

        Re: Backups?

        Both the DPA and GDPR are unequivocal. Backups are an information system, any deletion must include these backups also. This is a huge problem not just for backups but any immutable storage. Data warehousing, hadoopery, all sorts of tech has a huge cost inflicted by this requirement. Dismiss it as "snake oil" at your own risk.

        However your complaint highlights your own noncompliance in another, more fundamental way. If the records were encrypted you'd have the option of deleting the (external) encryption key, thus effectively wiping the records from the tapes. If you've properly protected the personal information you've been entrusted with this aspect is not an issue. The "hidden cost" of all of this is that almost everyone has spent the last twenty years happily ignoring the DPA's requirements and now they've got all of six months to comply with the GDPR because of their own laziness.

        1. Nick Ryan Silver badge

          Re: Backups?

          In my experience the issue around backups has yet to be resolved like this because they are a special case.

          As for deleting an (external) encryption key, are you seriously suggesting that the solution is that every data row relating to each and every identifiable individual in a database has a unique encryption key? While technically possible any system attempting to do this would grind to an immediate effective halt as soon as you tried to do anything in it, particularly when you involve data searches, indexes or reporting. Also, deferring such protection to a unique external key would just mean that you have to manage these keys in the same way, tracking changes to them and deleting them from your backups as well. This is just an arbitrary central and singular database, then there are the ancilliary records and files related to an individual as well as this would mean that you would have to encrypt every document in this way which given that a document could refer to more than one identifiable individual starts to get incredibly messy.

          1. Anonymous Coward
            Anonymous Coward

            Re: Backups?

            "As for deleting an (external) encryption key, are you seriously suggesting that the solution is that every data row relating to each and every identifiable individual in a database has a unique encryption key? "

            Yes. It is commonly (but confusingly) called "tokenisation" and is exactly how banks and government comply with this level of fine-grained requirement.

            And yes, I know exactly how hard a problem it is, it's what I do for a living. The reality is that now with the prospect of real, meaningful fines you can no longer just ignore that this is the law. If you want to have a plethora of high-volume, fine-grained data you either need to be able to rewrite it quickly (i.e. to delete the relevant record) or you need to be able to tombstone that record through either revocation of a tokenisation IV/key or by using some bigtable-esque trickery.

            1. Anonymous Coward
              Anonymous Coward

              Re: Backups?

              Yes. It is commonly (but confusingly) called "tokenisation" and is exactly how banks and government comply with this level of fine-grained requirement.

              The problem is that there is an inherent problem looming: the conflict between mandated retention of information for compliance reasons and privacy. Even if you have a tokenised format that isolates an ID from the actual person (which is FAR from universally the case), you still need some key lifetime mechanism to ensure that data becomes unavailable afterwards and that is a process matter.

              I'm OK with GDPR being pushed in, because companies have a tendency to park any spend if it's not needed, but OTOH I suspect there will still be some serious tweaking required to really make GDPR work as it should. I just hope that won't happen through court cases.

              Oh, apropos privacy consultants - yes, there are many, but few that have a grip on the raw practicalities on making this effectively work, and even fewer know how to make that management efficient. It's truly scary what dares itself sell as a privacy consultant these days, but I guess that's normal for an as yet rather new market.

              1. Anonymous Coward
                Anonymous Coward

                Re: Backups?

                "The problem is that there is an inherent problem looming: the conflict between mandated retention of information for compliance reasons and privacy"

                There is no conflict - the mandate wins.

        2. Anonymous Coward
          Anonymous Coward

          Re: Backups?

          "If the records were encrypted you'd have the option of deleting the (external) encryption key, thus effectively wiping the records from the tapes"

          As long as you do not prove that data cannot be retrieved without the encryption key, now and ever, then you don't comply with GDPR. Throwing the key of the cabinet holding the files is not the same than destroying the files.

    4. jimsneddon

      Re: Backups?

      If it is impossible, or unfeasible to remove individual records from media such as backups without affecting the rest of the data (which in itself could be construed as a breach), then it would be deemed out of scope as far as I know.

      As long as it is documented that this has been considered during the right to erasure process the ICO should be fine with this as far as I understand it (the regulation can be vague in areas).

      Hope this helps.

      1. Remy Redert

        Re: Backups?

        You could probably get away with IF you use incremental back ups and store the deletion, so that any restored database would not have the data you were ordered to delete, even if it might conceivably be recovered from the back ups directly.

        If you're planning to just go "Oh if we restore the back up you'll have to ask for your data to be deleted again", expect to be fined.

    5. jimsneddon

      Re: Backups?

      Also, existing legislation such as keeping financial information under FCA rules will take precedence over GDPR legislation.

    6. RegGuy1

      Westminster is normally the expert at drafting impossible legislation

      Westminster is normally the expert at drafting impossible legislation (see the 2011 Sun Rising in the West Act)

      Or the 'Great Repeal Bill/Act.'

  5. Tezfair
    Stop

    6 years of data

    This got me thinking about backups which hold client data. As I read this, those would also have to be cleaned too, but then I thought about the 6 year data retention required by the gov etc. How can a company clean old data but still be compliant?

    Another way of looking at it is I run sage and have backups from day 1 of my biz. If Mr Johnny down the road comes to me and says I need to remove all his data, that will be impossible without deleting the backups, which the tax inspector will demand I restore as needed. Even editing sage won't be enough to remove him and satisfy any future audits.

    1. Doctor Syntax Silver badge

      Re: 6 years of data

      Short memories. A week ago we had this article: https://www.theregister.co.uk/2017/08/07/data_protection_bill_draft/

      In that there's a link to https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/635900/2017-08-07_DP_Bill_-_Statement_of_Intent.pdf

      In there is a brief description of what's proposed which includes the following qualification: as long as it is no longer necessary or legally required for the grounds on which it was originally collected, or there are no overriding legitimate grounds for processing. (p13 for those who want the entire paragraph).

      That should cover the requirement to retain data for HMRC. It's a basis for at least arguing that the difficulty of removing from backups is an overriding legitimate ground for not doing so but you'd then need to have a plan for removing the data after a restore - retain the script for doing the original removal might be a start. It might be a good idea to look at just how many generations of backup you really need.

      OTOH is you're retaining data about previous customers to sell on or pester them you have my complete lack of sympathy.

      1. Tezfair

        Re: 6 years of data

        I missed the article and thanks for the additional link. Appreciated.

      2. Anonymous Coward
        Anonymous Coward

        Re: 6 years of data

        Catch 22?

        "basis for at least arguing that the difficulty of removing from backups is an overriding legitimate ground for not doing so but you'd then need to have a plan for removing the data after a restore - retain the script for doing the original removal might be a start"

        May require recording whose data you need to remove on a restore... in most circumstances record ids to be removed may be okay. But thinking about this, I've come across another question: is there any requirement to keep a record that a request was carried out?

        1. Doctor Syntax Silver badge

          Re: 6 years of data

          "May require recording whose data you need to remove on a restore."

          If you don't have surrogate keys in your database now might be a good time to think about adding them. A cascading delete of record 0e32b622-814a-11e7-8d87-78acc0c6193c is a bit less personal than one for Fred Bloggs. Even without GDPR requirements its also a much better database key.

  6. Alister Silver badge

    None of the best practices quoted in the article are of any use in complying with the GDPR's requirement to allow the complete removal of all data relating to an individual, unless that individual's data is all located on a single physical drive, which is highly unlikely.

    It is therefore impossible to follow best practice in order to comply with the directive, and in practical terms it would require multipass overwriting of portions of databases, and sections of backups, without disrupting the integrity of the rest of the data, the technology for which is not readily available at present.

    1. smudge Silver badge

      it would require multipass overwriting of portions of databases, and sections of backups, without disrupting the integrity of the rest of the data

      In my last job, exactly this problem came up. We were operating a service for a client, and it had a massive customer database. The client said "How do we delete our customers from the system?". Our f**kwit designers said "You don't, because you never asked for that facility." Of course, the f**kwit designers had never thought to ask if it would be necessary, nor realised that compliance with data protection legislation would make it essential.

      So this kicked off a big study, and, yes, one of the findings was that it would be extremely difficult to delete customers without disrupting the integrity of the database. When you have all sorts of links from customers to financial information, to reports, and so on - some of which will identify the customers, but some of which which will merely use customers' data - then you have to be extremely careful not to screw everything up when deleting a customer. No point in complying with data protection legislation if you are now producing false accounting information!

      Of course, it would have been easier if deletion had been designed in from the start. There were also other oddities, such as financial legislation requiring maintenance of customer history for x years (where x varies from country to country). Also the paradox that you might need to keep details of a customer, maked with a flag to say that they don't want to be contacted by marketing.

      Lots of lovely problems to keep everyone occupied!

      1. Michael Strorm

        "Also the paradox that you might need to keep details of a customer, marked with a flag to say that they don't want to be contacted by marketing."

        Exactly the problem I'd been thinking of! Somewhat reminiscent of this...

        LISTER: Holly, is there something that you want?

        HOLLY: Well, only if you're not busy. Would you mind erasing some of my memory banks?

        LISTER: What for?

        HOLLY: Well, if you erase all the Agatha Christie novels from my memory bank, I can read 'em again tonight.

        LISTER: How do I do it?

        HOLLY: Just type, "HolMem. Password override. The novels Christie, Agatha." Then press erase.

        LISTER jabs two-fingered on a keyboard.

        LISTER: I've done it.

        HOLLY: Done what?

        LISTER: Erased Agatha Christie.

        HOLLY: Who's she, then?

        LISTER: Holly, you just asked me to erase all Agatha Christie novels from your memory.

        HOLLY: Why should I do that? I've never heard of her.

        LISTER: You've never heard of her because I've just erased her from your smegging memory.

        HOLLY: What'd you do that for?

        LISTER: You asked me to!

        HOLLY: When?

        LISTER: Just now!

        HOLLY: I don't remember this.

        LISTER: Oh, I'm going to bed. This is gonna go on all night.

        1. This post has been deleted by its author

      2. Lotaresco

        ' "How do we delete our customers from the system?". Our f**kwit designers said "You don't, because you never asked for that facility." '

        It's not the designers who were f*ckwits.

        HTH.

        1. smudge Silver badge

          It's not only the designers who were f*ckwits.

          To be accurate.

          1. Destroy All Monsters Silver badge
            Holmes

            Fuckwittery can be allayed with large amounts of money and project extensions.

            Just saying.

            Some people expect everything is free.

  7. J J Carter Silver badge
    Joke

    Thinking outside the box!

    I'm keeping all corporate data in OneDrive for Business, so I'm sure a MSFT cock-up will delete it soon enough.

  8. J J Carter Silver badge
    Pirate

    Hurrah for Brexit

    Once we leave the EU, this silly nonsense can be binned!

    1. JimmyPage Silver badge
      Mushroom

      Re: Once we leave the EU, this silly nonsense can be binned!

      Only if we don't want to do business with the EU.

      1. Dan 55 Silver badge

        Re: Once we leave the EU, this silly nonsense can be binned!

        That's quite possible. The likes of Rees-Mogg think Empire 2.0 would be sullied by merely trading with the EU. That there isn't enough rest-of-world to make up for the amount of trade that the UK does with the EU doesn't matter.

      2. Jamie Jones Silver badge
        Big Brother

        Re: Once we leave the EU, this silly nonsense can be binned!

        I'm sure general human rights, cosumer protection, and general data protection will be head of the queue.

        1. Phil O'Sophical Silver badge

          Re: Once we leave the EU, this silly nonsense can be binned!

          I'm sure general human rights, cosumer protection, and general data protection will be head of the queue.

          The European Convention on Human Rights was drafted in 1950 by the Council of Europe, of which the UK is a leading member (it is not an EU body). That was 23 years before the UK joined the EEC, 42 years before it joined the EU.

          The first UK Sale of Goods act was passed in 1893, 99 years before the UK joined the EU. It's been updated many times, and exceeds EU minima in many areas, notably digital services.

          The first UK Data Protection Act was passed in 1984, 11 years before the EU DP directive.

          The UK does not follow the EU unwillingly in these areas, it leads, and there's little reason to feel it would do otherwise in the future.

          1. Anonymous Coward
            Anonymous Coward

            Re: Once we leave the EU, this silly nonsense can be binned!

            "The UK does not follow the EU unwillingly in these areas, it leads, and there's little reason to feel it would do otherwise in the future."

            I would have agreed with you - until Theresa May and her cabinet started wanting to rule by decree in modifying the Great Repeal Bill. Now I don't trust this government to do anything about protecting the,interests of the general public.

            Nor do I trust the current Labour shadow executive - they are just as likely to use the mantra "the end justifies the means".

            1. codejunky Silver badge

              Re: Once we leave the EU, this silly nonsense can be binned!

              @AC

              "Now I don't trust this government to do anything about protecting the,interests of the general public."

              This is the unfortunate problem of the knock off brexit gov running the show. Instead of the spineless hypocrite Cameron we could have had a gov not only dedicated to brexit but one that would have this sorted pretty quick and without much difficulty.

              Unfortunately I dont trust this gov to burn the EU regs.

          2. Anonymous Coward
            Anonymous Coward

            Re: Once we leave the EU, this silly nonsense can be binned!

            no it won't, if you have any dealings with the EU then it will effect you. And I must admit that having started to look at this, the whole thing is a MASSIVE CLUSTER FUCK obviously written by legislators and lawyers who know FUCK ALL about IT and what a unworkable nightmare this will be in its current form!

          3. Anonymous Coward
            Anonymous Coward

            Re: Once we leave the EU, this silly nonsense can be binned!

            I'm sure general human rights, cosumer protection, and general data protection will be head of the queue.

            The European Convention on Human Rights was drafted in 1950 by the Council of Europe, of which the UK is a leading member (it is not an EU body). That was 23 years before the UK joined the EEC, 42 years before it joined the EU.

            This is true, but it's been one of the anti-EU campaigning points for many years, and one of the few aspects the Beloved Leader was enthusiastic about even before the referendum. http://www.telegraph.co.uk/news/2017/04/27/theresa-may-will-take-britain-echr-eventually/

            1. Anonymous Coward
              Anonymous Coward

              Re: Once we leave the EU, this silly nonsense can be binned!

              it's been one of the anti-EU campaigning points for many years,

              Leaving the jurisdiction of the European Court of Human Rights has often been discussed, to prevnt it from blocking British judges from expelling extremists. Withdrawing from the Convention is much less popular, but since both are ECHR there's a lot of confusion, in the press and elsewhere.

              1. This post has been deleted by its author

              2. Anonymous Coward
                Anonymous Coward

                Re: Once we leave the EU, this silly nonsense can be binned!

                Leaving the jurisdiction of the European Court of Human Rights has often been discussed, to prevnt it from blocking British judges from expelling extremists. Withdrawing from the Convention is much less popular, but since both are ECHR there's a lot of confusion, in the press and elsewhere.

                This is a very nice distinction. It's not clear we could leave the court without also leaving the convention that established it, or what meaning there would even be to being in one without also being in the body that upholds it (n.b. even Russia is in it). Of course, the rule of law is much less tiresome if you can choose to ignore it when convenient (British or International), and TM's goal is to leave the convention https://www.theguardian.com/politics/2016/apr/25/uk-must-leave-european-convention-on-human-rights-theresa-may-eu-referendum and it's what the Telegraph at least would like http://www.telegraph.co.uk/news/2017/05/18/britain-bound-european-human-rights-laws-least-another-five/

          4. Doctor Syntax Silver badge

            Re: Once we leave the EU, this silly nonsense can be binned!

            @ Phil O'Sophical

            Careful, now. The Little Englanders get confused if you start telling them facts.

            1. codejunky Silver badge

              Re: Once we leave the EU, this silly nonsense can be binned!

              @ Doctor Syntax

              "Little Englanders"

              Are people still using that term? I was hoping it had gone the way of Eurosceptic when the same argument was had with the same daft threats that also came to nothing. I am looking forward to the terms brexit and remoaner to vanish as well. I occasionally use them as they are well understood but it does grind my gears to use them.

            2. Jamie Jones Silver badge

              Re: Once we leave the EU, this silly nonsense can be binned!

              Careful, now. The Little Englanders get confused if you start telling them facts

              Twatty comments like those should be reserved for your youtube postings.

          5. Teiwaz Silver badge

            Re: Once we leave the EU, this silly nonsense can be binned!

            The European Convention on Human Rights was drafted in 1950 by the Council of Europe, of which the UK is a leading member (it is not an EU body). That was 23 years before the UK joined the EEC, 42 years before it joined the EU.

            Does the current conservative administration know this?

            May was (allegedly) heard to utter something about staying in Europe and leaving the ECHR, back when the Exit vote was going on...

            1. codejunky Silver badge

              Re: Once we leave the EU, this silly nonsense can be binned!

              @ Teiwaz

              "May was (allegedly) heard to utter something about staying in Europe"

              I dont think May has the capability to change that. The geographical position of this country isnt going to change whatever the decisions over the EU.

          6. Jamie Jones Silver badge
            Black Helicopters

            Re: Once we leave the EU, this silly nonsense can be binned!

            The European Convention on Human Rights was drafted in 1950 by the Council of Europe, of which the UK is a leading member (it is not an EU body). That was 23 years before the UK joined the EEC, 42 years before it joined the EU.

            The first UK Sale of Goods act was passed in 1893, 99 years before the UK joined the EU. It's been updated many times, and exceeds EU minima in many areas, notably digital services.

            The first UK Data Protection Act was passed in 1984, 11 years before the EU DP directive.

            The UK does not follow the EU unwillingly in these areas, it leads, and there's little reason to feel it would do otherwise in the future.

            It's a fair point you raise about the UK leading in those fields, and I suppose my post came across with some anti-brexit bias.

            However, whilst I'd love to believe your last point, I'm not at all confident. The UK has dragged it's feet on the increased data protection initiatives - preferring to appease American interests. They also are far worse these days on consumer privacy.

            The investigatory powers bill would likely never have happened without Brexit, and I'm sure many privacy laws will be rolled back, and new EU ones not implemented, all because of Terrorism.

            We are, after all, the most spied on "democracy" in the world.

            “Certain aspects of the bill will not survive under the European Convention on Human Rights, if we manage to stay in the EU,” Joanna Cherry, a Scottish National Party (SNP) MP said in respect of the bill.

            They also gather all social media posts

            The lists go on, and under the current climate, I'm sure things will get wose once the government lose the EU shackles

    2. Lotaresco

      Re: Hurrah for Brexit

      "Once we leave the EU, this silly nonsense can be binned!"

      If you think that is the answer then you haven't understood the question.

    3. jimsneddon

      Re: Hurrah for Brexit

      I assume your comment is tongue in cheek, but just in case it is not, it can't.

    4. H in The Hague Silver badge

      Re: Hurrah for Brexit

      "Once we leave the EU, this silly nonsense can be binned!"

      Ermm, no, you'll likely get a double dose of it as the UK will have to introduce equivalent legislation (unless you want to get rid of data protection altogether). Being more than averagely familiar with the way the UK drafts legislation it's going to be at least as complex as the GDPR and probably come in English, Scottish and NI flavours. And then any business trading with the EU (hopefully there'll be some left) will have to comply with both the GDPR and local equivalent. So more red tape, not less. Thank you so much, not.

  9. Nick Ryan Silver badge

    More GDPR FUD

    Yay! Yet more GDPR FUD. Anybody would have thought that's there a lot of money to be made out of scaring people/organisations into consultancy. :/

    It is NOT REQUIRED, nor specified, anywhere within GDPR that when deleting the information relating to a natural person (i.e. an individual and not a corporate or other abstract entity of any form) that the data has to be securely encrypted, scrubbed, overwritten with random data, zeros, ones or anything.

    The GDPR isn't a particularly hard document to read and Section 3, Article 17 "Right to erasure ('right to be forgotten')" is not prescriptive in how data must be erased, just that it is. In general and where possible throughout the GDPR the wording for any process usually states "reasonable" methods and does not specify any particular implementation - this is very sensible given the rapid change in technology.

    For the convenience of other commentards, here's the section from the GDPR (note the absence of prescribed methods, Para 2 contains the usual terminology around obligations which are reasonable to perform):

    Article 17

    Right to erasure (‘right to be forgotten’)

    1. The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

    (a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; 4.5.2016 L 119/43 Official Journal of the European Union EN

    (b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;

    (c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);

    (d) the personal data have been unlawfully processed;

    (e) the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;

    (f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

    2. Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

    3. Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:

    (a) for exercising the right of freedom of expression and information;

    (b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

    (c) for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3);

    (d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

    (e) for the establishment, exercise or defence of legal claims.

    1. Anonymous Coward
      Anonymous Coward

      Re: More GDPR FUD

      "the controller, taking account of available technology and the cost of implementation, shall take reasonable steps..."

      Well, there's the cop out. If the technical difficulty and cost of implementation is judged by the organisation to be too great, then they can decide not to delete all or some personal data, and claim to be compliant with GDPR. Until (if ever) a test case reaches the courts, or the law if changed to be clearer, then there will be no clear definition of what exactly this phrase means, and what level of cost or technical difficulty will be a threshold.

      1. Nick Ryan Silver badge

        Re: More GDPR FUD

        That's just in relation to the case where the controller has made the data public. The get-out clauses have to be read a bit more carefully than that however generally revolve around business or operational reasons.

      2. Doctor Syntax Silver badge

        Re: More GDPR FUD

        "Until (if ever) a test case reaches the courts, or the law if changed to be clearer, then there will be no clear definition of what exactly this phrase means, and what level of cost or technical difficulty will be a threshold."

        This is fairly standard procedure for a lot of legislation. It's actually a means of future-proofing - the courts can redefine the interpretation when circumstances change.

  10. Anonymous Coward
    Anonymous Coward

    "...completely remove all the data they hold on an individual..."

    Now suppose a senior executive at Google -- say Larry Page -- asks Google to "completely remove all the data they hold on" HIM.

    *

    I'm puzzled about the exact scope of this hypothetical request:

    - Is it "only" the records held by Google-as- search-engine?

    - Or is it ALL RECORDS OF ANY TYPE held by Google-the-business?

    *

    If it is the second definition, that would include employment records, project records, company reports to government, internal Google email and so on. Larry Page would vanish.

    *

    Even if one were to use the first definition, does that definition include MENTION of Larry Page? If that were to be the case, then Google would have to remove any gmail which mentioned Larry Page, any Google hosted USENET mentioning Larry Page, and so on. What about hyperlinks which do not mention Larry Page, but which link to a page which does?

    *

    And as others have pointed out, once EVERY reference to Larry Page has been identified (which ever definition is used), then all the backup copies which containing ANY reference have to be EDITED -- because, for obvious reasons, the backups can't be deleted.

    *

    As with all large projects, scope definition is key. This one sounds completely out of control even before it starts!!!!

    1. Nick Ryan Silver badge

      Re: "...completely remove all the data they hold on an individual..."

      Information you are required to retain for legal purposes is specifically excluded from many of the clauses of the GDPR, for example exclusion 17.3(b) of the "right to erasure" is:

      (b) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

  11. MrKrotos

    This is going to be fun...

    Yeah we have been looking at this and taking advise from ext consultant.

    Yes they mean ALL DATA held on that person, all data on the disks and all the data on tapes.

    The funny bit for me is you also have to delete the actuall request as well, so a little later down the line you have no idea if this person has used your service before.

    For me this will open up the possiblity for people to use a services, request deleting and then sign up to the same service again as a "New user" and so get the new user rates. Mobile phone deals anyone?

    1. Anonymous Coward
      Anonymous Coward

      Re: This is going to be fun...

      That's kind of built into new user deals in that they have a fixed contract term. You can usually get something similar once your contract is over if you're willing to leave instead, so this would just be another way of doing it, probably at the cost of losing your number.

    2. Anonymous Coward
      Anonymous Coward

      Re: This is going to be fun...

      "The funny bit for me is you also have to delete the actuall request as well, so a little later down the line you have no idea if this person has used your service before."

      It's perfectly possible to remove the data and the request and in the future still work out if someone has been a customer previously. You store hashes, I can't take a hash and convert it back in to personally identifiable data, but I can compare new incoming data to that hash to make sure someone doesn't try and add a person back to a mailing list, or to make sure someone isn't committing fraud.

      1. Anonymous Coward
        Anonymous Coward

        Re: This is going to be fun...

        This is tricky - hashes are specifically called out as PII under GDPR. Or rather anything with a 1:1 mapping is deemed "pseduo-anonymised" and is put in the same bucket as entirely cleartext data due to the proven ease with which we can reconstruct identities from metadata and due to the small space from which we are producing the hashes.

        However using a hash for such a purpose could easily be justified as a "legitimate purpose", just as retaining an IP address (also now explicitly PII) in your logs is legitimate when you're using it to monitor your infrastructure or protect against DDoS.

        What wouldn't be kosher would be then using that hash to correlate someone's identity across the web without their knowledge or consent - it's PII by the back door. Remember the GDPR is as much concerned with the reason for processing the data as it is the data itself.

    3. Stork Bronze badge

      Re: This is going to be fun...

      Well, yes. We are running a small business renting out holiday houses, and naturally register names, emails etc in connection with our bookings.

      This is done 1) in our reservation system, and 2) in our invoicing system which do not talk together. So that is two systems which different rules, obviously.

      How about emails then? All the data (virtually) can be found found there too, at least with some effort.

      And I am even reasonable IT literate. I bet 95% of SME's hardly have the faintest... But then there is so little money in going after those, so they are probably ok :-/

  12. Anonymous Coward
    Anonymous Coward

    Bullshit...

    "firms will be required to completely remove all the data they hold on an individual if that person requests it."

    So a company specialising in Data erasure touts bullshit about how they can remove data.

    Maybe they should do a bit of reading before spouting this crock of horsehit.

    "You can refuse to comply with a request for erasure where the personal data is processed for the following reasons:

    to exercise the right of freedom of expression and information;

    to comply with a legal obligation or for the performance of a public interest task or exercise of official authority;

    for public health purposes in the public interest;

    archiving purposes in the public interest, scientific research historical research or statistical purposes; or

    the exercise or defence of legal claims."

    Source:

    https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/the-right-to-erasure/

    And there are also more protections (as asked above). Just read this:

    https://gdpr-info.eu/art-17-gdpr/

  13. Anonymous Coward
    Anonymous Coward

    Shits and giggles

    Just for fun I'm going to contact all the credit score companies such as Experian, Equifax etc and ask to have all my details removed...

    1. Anonymous Coward
      Anonymous Coward

      Re: Shits and giggles

      Yeah sorry nope. CRAs exist on a statutory basis and are regulated by the FCA.

  14. Anonymous Coward
    Anonymous Coward

    Required to prove...

    Person: I want you to wipe all the data you have on me.

    Company: Sure we can do that. Company wipes all data on that person.

    Person: Can you provide proof that you have wiped all my data?

    Company: Sorry we have no record of your request to delete all your data.

  15. andy 103
    WTF?

    How does it work for historical orders?

    So imagine you run an ecommerce website. It has details of all the orders made.

    If someone requests all their data be removed, that's not just their account, but all the details of the orders they made, delivery address, products ordered etc?

    How does that work? Companies are required to keep information on orders for both accounting and security purposes. Imagine if someone phoned up and said, oh I didn't receive my 5k retina display iMac. Oh, well we'll have to send you a new one as someone may or may not have wiped your details. Or, we can see a payment was made, but have no idea who it was from, or what for.

    Sounds like it's not been thought through. At all.

    1. Doctor Syntax Silver badge

      Re: How does it work for historical orders?

      "Sounds like it's not been thought through. At all."

      Sounds like you haven't read the comments where this has been dealt with a number of times. No, I'm not going to explain it to you now. All you have to do is go back up thread and read the several quotations given from official sources.

      1. andy 103

        Re: How does it work for historical orders?

        "this has been dealt with a number of times."

        It hasn't been dealt with properly though. Read some of the comments further down where people have highlighted how it doesn't even begin to cover what's actually required. No, not going to bother explaining this to you either.

        1. Doctor Syntax Silver badge

          Re: How does it work for historical orders?

          "Read some of the comments further down where people have highlighted how it doesn't even begin to cover what's actually required."

          I have.

          Numerous comments about legal requirements to keep data for which there are exceptions, both in the passage from the statement of intent paper I quoted and from the GDPR which was also quoted.

          Numerous other comments about removing from backups and Nick Ryan has quoted the GDPR on this:

          2. Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data. The section I've highlighted seems to deal with this.

    2. Anonymous Coward
      Anonymous Coward

      Re: How does it work for historical orders?

      They wouldn't be required to delete data that was obtained for legitimate reasons, eg orders placed / goods dispatched and records held for a period of time - 6 years? What will happen is that the company that still posts advertising stuff to me even though I haven't bought anything off them for over 10 years will be getting a request to remove my details.

    3. mark l 2 Silver badge

      Re: How does it work for historical orders?

      I was wondering the same thing, the sale of goods act mean that a customer can return an item to the seller for years after it was purchased if it was not deemed fit for purpose. But if the customer asks to have all their personal details removed then how are you supposed to verify that the customer ever bought the product in the first place if they come back and say its faulty?

      It won't take scammers long to exploit this to their advantage.

      1. Doctor Syntax Silver badge

        Re: How does it work for historical orders?

        "But if the customer asks to have all their personal details removed then how are you supposed to verify that the customer ever bought the product in the first place if they come back and say its faulty?"

        Much the same as now: "Have you got the receipt?".

  16. Pen-y-gors Silver badge

    Most fundamentally fundamental issue...

    Why is to deemed reasonable to re-write history? Correcting errors is one thing, but deleting facts is another.

    If I have a customer who pays me money, I'm required to keep records for 7(?) years anyway. But our relationship is a fact. They can't pretend that it never happened. If they gave me a testimonial which was published in the local paper, am I required to track down every extant copy and cut the advert out with scissors? If I included a list of customers in the annual accounts, do I have to get them back from Companies House and edit them?

    There is probably a case for not publishing data for x years, but (to quote the Grauniad) 'facts are sacred'. Lock sensitive medical data away for 100 years, but don't delete it, it could be useful in the future, tracing inherited diseases. Criminal convictions? Mark them as spent on the PNC, and lock them away. But they've been published in the local paper. How will those records be removed?

    1. Nick Ryan Silver badge

      Re: Most fundamentally fundamental issue...

      Under GDPR you are still required to retain records as legally required by your government, this includes financial records.

      Where data is made publicly available there is a very clear clause, Article 17 para 2 which states

      2. Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

      In other words, reasonable steps. As long as you can justify and argue what you consider are reasonable steps then you will be OK. There are also a host of exclusions (under para 3) that apply to the entire right to erasure article.

  17. Anonymous Coward
    Anonymous Coward

    This is great

    Forum posts from when I was a kid - these probably don't have backups on tapes or CDs - great to be able to force their hand!

    AC because you guys are largely against - the forums I'm thinking of also didn't have AC hence this situation.

  18. jason 7

    Now distill all that down to the sharp end of...

    Hanna the operations clerk. Yeah...sorted.

    I can see GDPR being the new WEB2.0/SEO/QR Code/Web App Bullshit Consultancy trough.

    A lot of sharp suits and BMW 5 series will be seen cruising the streets at £2000 a day and I look forward to all the GDPR spam in due course.

  19. Lotaresco

    Welcome to my world

    I have been working with the need to both preserve and to securely erase data for, mmmm a long time. Each time customers express a desire to do both, the arguments that have been presented above recur (again and again). It's normal for a requirement to be that data is to be retained and disaster proof for generations but that if there is an over-riding reason to get rid of a record then the record should be purged from wherever it may be.

    Regulators suffer from a lack of imagination about where data may (legitimately) be. On clients, on stand alone systems, on server(s), SAN, NAS, rented (cloud) storage etc, etc. A data dictionary that records where all this stuff is, is large to begin with. Then there's the problem that purging data is not just deleting it, but one of over writing the data so that it can't be recovered. However you can't do that at the level of individual records.

    Deleting an encryption key can sound like the magic bullet, but it doesn't work. You also have to delete every copy of the key, including the ones that are on paper or lurking in some forgotten document that someone created years ago and never told anyone about. In short this is a really difficult problem with no absolute answers and no absolute end point. Given the way that storage optimises itself and things like wear levelling work there are often multiple plain text copies of data that are on a device, just not easily accessible to the OS, but there for anyone with access to forensic tools.

    I can see cases where an attempt to purge a record would involve the obvious of purging a record from a database followed by discovering all the backup copies and mystically removing the same record from those, scanning the unallocated space of every storage device for occurrences of the record, taking a trip to some $DEITY forsaken archive inside a mountain, asking AWS/Azure if they would mind purging the drives that once held the data.... and so it goes. Some of these things are unlikely to be possible.

    1. TechnicalBen Silver badge

      Re: Welcome to my world

      If people are writing your encryption key on paper, you already lost... lost a lot of things.

      But the other arguments do still stand. Having individual keys for each user, and keeping a record of which systems (and backups) use that key is possible though. However I would have thought it would need to be a system (and server/infrastructure) created for this task in mind, from the ground up!

      As a central database with the key, requests given/sent etc would help a little, over having 7 or so systems all having the key.

  20. Anonymous Coward
    Anonymous Coward

    Data retention for 6 six years?

    My bank often asks verification questions relating to events/locations from over 35 years ago. I only recently rejoined them after 33 year gap. When questioned, I'm told it's in their records apparently and no, they have no intention of removing it even though some facts are clearly wrong such as my death 27 years ago (I share an usual name with my father who has passed on).

    I have similar problems elsewhere where companies will not correct PII & broker same or feed this crap to CRA's.

    From what I can see, this can't come soon enough and to be brutually honest, I couldn't give a damn how much it costs businesses who generally care little for PII. The GDPR may not be perfect, but perhaps after a few hefty fines have been metered out via the courts they may start to put there house in order and realise that there is a consequence to incorrect/out of date PII.

    The closest anaology I can think of is how software has been developed. When we had limitations software had to be lean and efficient. Nowadays, it doesn't matter and who really cares anyway.

    1. Anonymous Coward
      Anonymous Coward

      Re: Data retention for 6 six years?

      > I'm told it's in their records apparently and no, they have no intention of removing it even though some facts are clearly wrong such as my death 27 years ago (I share an usual name with my father who has passed on).

      Doesn't this make them in breach of the existing DPA and liable for a complaint if you wished to take matters further? They have incorrect information about a data subject (you) and are refusing to change it. IIRC that is a breach.

    2. Doctor Syntax Silver badge

      Re: Data retention for 6 six years?

      "they have no intention of removing it even though some facts are clearly wrong such as my death 27 years ago (I share an usual name with my father who has passed on)."

      Well, there's an offence under the Mark 1 DPA let alone GDPR.

      1. jason 7

        Re: Data retention for 6 six years?

        I was under the impression if it was kept on paper it was excluded. Hence why Govt. Spooks kept dossiers on UK citizens on paper.

        1. Anonymous Coward
          Anonymous Coward

          Re: Data retention for 6 six years?

          I have not seen anything about exceptions to paper records.

          1. Alan Brown Silver badge

            Re: Data retention for 6 six years?

            "I have not seen anything about exceptions to paper records."

            There aren't any exceptions

            The "database" of the Consulting Association was kept on index cards. https://www.parliament.uk/documents/commons-committees/scottish-affairs/BIE-011-Kerr-for-publication.pdf

  21. Anonymous Coward
    Anonymous Coward

    Silient Guy

    Don't know what all the fuss is about with regard to the new GDPR but at the moment. But nobody has commented to the fact that the new GDPR has now given all member states PUBLIC AUTHORITIES TOTAL control over ITS CITIZENS ‘DATA’; while under Directive 95/46/EC member states; state authority’s had to apply the same ‘data protection’ as all other organisations; where NOW they CAN CHANGE; ERASE; SHARE; ETC.; ANY personal ‘DATA’ as they see fit.

    This can be clearly seen when comparing Article 7 (f) in Directive 95/46/EC against Article 6, Point (f) in the GDPR. Both documents attached. What makes this more disgusting is that this is applicable to the most vulnerable ‘a child’ (as noted in GDPR Article 6 (f). What is been done to change this? NOTHING

  22. -tim
    Facepalm

    Are you sure you can erase data?

    Most modern file systems do a copy on write so they put the new data on different disk blocks. SSDs do something like that as well often with a RAID6 like feature using other blocks as well. It seems that if you try to scrub a record, you can still go trolling around in the raw disk partitions to find the scrubbed data even on encrypted disk volumes. The same can be done with SSDs if you pull their chips off or use some of the special firmware to reconfigure the disks. It would be nice to be able to tell file systems not to do a copy on write for some data but I'm not aware of any that make that optional.

    1. Anonymous Coward
      Anonymous Coward

      Re: Are you sure you can erase data?

      "Erasure" for the purposes of GDPR is any reasonable action that makes the data effectively inaccessible.

      Delete the encryption keys, tombstone the rows, shred the disk, it's all the same.

      Not to be confused with Erasure for all other purposes.

      aaaalwaaaays...

    2. TechnicalBen Silver badge
      Joke

      Re: Are you sure you can erase data?

      Could just let bit rot do it's thing. Even an SSD won't last forever...

      ... if we blast it off into space into the sun!

  23. J J Carter Silver badge
    Trollface

    Shame!

    The Wayback Machine will have to be erased using Mil-Spec algorithms on the media

    1. GrapeBunch Bronze badge

      Re: Shame!

      "The Wayback Machine will have to be erased using Mil-Spec algorithms on the media"

      Wayback Machine has more fundamental problems. I had my website hosted at an ISP. For many years, I could find old versions of the site at the Wayback Machine. Then the ISP decided not to host websites any more. It's Canada, it's a race to the bottom, I understand. I made sure to Wayback Machine - snapshot my site. But when I came back after the date when the ISP had erased all the sites, I found that in the Wayback Machine, all versions of my site were : "Page cannot be displayed due to robots.txt."

      Upon erasing all the webpages, the ISP added a robots.txt that would discourage web spiders looking for info that was not there:

      User-agent: *

      Disallow: /

      The Internet Archive interprets it to mean "don't show this", even though the ISP never had ownership over any of the material.

      If even the Internet Archive, with a clear purpose, fairly independent, run by smart people and "lives in" The Land of the Free and Amendment(s) Thereof, can so easily become confused (and it's the same decision now as it was two months ago when first the problem was brought to their attention), is it any surprise that some are foreseeing a world of hurt from the GDPR?

  24. EnviableOne Bronze badge

    Standard For Data Sanitisation

    NIST 800-88r1 or ISO/IEC 27040 work

    I hope this is not just FUD put out by blancco to selll more of there erasure licences, but it sounds like it.

  25. Tezfair

    Just thinking about this again

    What about emails? If a request to forget comes in, does that mean that someone has to go through all the mailboxes looking for that user?

    1. Anonymous Coward
      Anonymous Coward

      Re: Just thinking about this again

      Does search not work?

  26. TheElder

    How will they delete this?

    People still use paper.

    Data Storage

  27. GrapeBunch Bronze badge

    Offshoring

    Nobody's mentioned offshoring yet. For example, offshore your live data requirements to a non-GDPR jurisdiction such as USA. All the way down to shipping old tapes and DVD-R disks to the Third World as a "just in case" alternative to destroying them which might otherwise be required to become compliant. With suitable corporate arm's-lengthedness as secreted by appropriate lawyer-arachnid-molluscs.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019