Disposal of data is an important consideration at the end of the data supply chain. It’s never the most exciting stage, and it doesn’t generate any immediate value, so it’s often overlooked. However, regulatory requirements and common decency demand that we think through how data will be disposed of when it’s no longer useful.
Since whole disciplines of cybersecurity are devoted to securing data, those with no interest in cyber-security might find it helpful to consider one key concept: centralization vs. federation.
With data at rest—files in a file cabinet—we can imagine shredding files when they are no longer needed. Many organizations only got rid of paper files when they ran out of space. Digital storage, however, isn’t visible and has such little cost that we might not even realize what data we still have laying around gathering digital dust.
When we think about data in motion and the many distributed and synchronized, or ‘federated', copies of data out there, it may be nearly impossible to find and delete all of the data a user has disclosed or had generated about them.
As mentioned earlier, if we can avoid storing the data in the first place—as Apple does by processing face recognition on a user’s phone rather than in the cloud—we may not have as much data to secure (and potential harms to avoid). Therefore, it’s critical to consider how data deletion and disposal will occur, even if only to prompt us not to unnecessarily store sensitive data in the first place.
All copies of raw data about individual vehicles is deleted from the manufacturer's central servers as well as any locally-stored records once the correct insights have been extracted and anonymized.
It's necessary to remove users' data under certain circumstances. When a user closes their account, requests data deletion, is incapacitated, or dies, data holders need to be prepared.
The "right to be forgotten" refers to the need to prevent anyone from viewing data that the original discloser doesn't want them to have access to. In Afghanistan, for example, the resurgence of the Taliban in 2021 prompted many women to erase evidence of their work and education outside the home to avoid being targeted by conservatives.
The right to be forgotten has important implications for other marginalized groups in dangerous political situations, such as LGBTQ people who may need to erase posts or other content to avoid running afoul of homophobic laws which intend to erase certain groups of people from public discussions, like Russia's so-called 'anti-homosexual propaganda' law. The right to be forgotten is legally afforded in some jurisdictions, such as the European Union, Argentina, and the Philippines. In some jurisdictions, it may be applied retroactively to data that companies previously thought they would not need to guarantee deletion of.
The right to be forgotten is also critically important to respect in the context of inexperienced users disclosing data they wouldn't otherwise share if they knew the implications; or still-maturing users like children and teens.
Sometimes the right to be forgotten exists in tension with the desire for accountability, as with criminals who might wish to hide evidence of their crime.
