Wednesday, June 06, 2018

GDPR and Waste

It’s now been a couple of weeks since the GDPR (General Data Protection Regulations) came into force and the deluge of emails asking to reconfirm subscriptions to mailing lists have subsided. If you are anything like me, you will have taken the opportunity to cut down on the amount of stuff that arrives in your inbox. Even Barkingside 21’s list has been reduced but at least we now know we are communicating with people who actually want our emails and for those who do not there are other ways to keep tabs on us via Twitter, Facebook and RSS feeds. But that is not the end of it, there’s a lot more …

The GDPR regulations enhance the duties of data holders and processors by requiring the correct disposal of confidential waste, including items such as hard drives, old computers, memory sticks, old client data files, paperwork, and marketing materials. Under the new rules the destruction of any form of data is classed as a form of data processing.

For commerce and business this is best achieved by employing a secure data destruction provider to carry out data disposal. Such providers can be found via quick search on the internet and they will securely collect any unwanted media and destroy it by means of approved GDPR shredding or GDPR recycling procedures. They will certify that the data has been destroyed, providing a clear audit trail from the beginning of the process to the end.

This is probably over-the-top for personal use or community groups like Barkingside 21. So, what do we do? Well, let’s start with paper. All paper records that are no longer required are cross-cut shredded and then mixed in with grass cuttings and put in the compost bin. The worms then eat the personal details of all our members and contacts. Handy things, worms.

On to the electronic stuff. Now, when you delete a file on a computer it doesn’t delete the file. It only deletes the reference, or hook, to find the file. As an analogy, in pre-computer days it would be like removing the card from the card index system in a library but leaving the book on the shelf. If you know where to look you can still find the book. So it is with hard drives etc. If the drive is still functional all the data that “was” on there can still be recovered, sometimes even when it has been over-written several times. Even re-formatting a drive does not completely remove all the data.

The only way to ensure the data cannot be accessed by anyone not authorised to do so, is to completely destroy the drive. This is how …

Basically, beat the crap out of it with a hammer (wearing safety goggles of course).
First remove the hard drive from the computer.
Then take the hard drive apart to reveal the platter.
This is the circular disk(s) that hold the data.
These disks can be either metal or ceramic.
The ceramic ones will shatter. The metal ones you can just beat up.

Here’s one that is about to get the treatment. I use a 10lb punner but not everybody has one of these.


Here’s Wiki how …
https://www.wikihow.com/Destroy-a-Hard-Drive

And Snap Guide
https://snapguide.com/guides/destroy-a-hard-drive/

3 comments:

  1. Practical note:If you do break up a hard drive you'll find it contains a couple of extremely powerful and useful magnets (marked 196 S mm 01 in the picture) to be rescued before you discard the rest of it. They are so powerful that you have to prise them apart with a screwdriver and you need to watch they don't clip your fingers when you do that. (And don't leave your credit cards anywhere near them!)

    ReplyDelete
  2. Wow! Paranoia or what?

    If a PC is well beyond its useful life and you want to scrap it, fine.

    But what if you want to pass it on to another family member, say, or a charity or freegle/freecycle it? It won't be much use if you destroy the hard disk!

    Perhaps the drive is too small for your needs and you want to fit a bigger drive in your PC - they are ridiculously cheap now compared with a few years ago. If it is a desktop computer there will be expansion slots and there are usually sockets for two drives at least. If you're lucky, the manufacturer may even have included a spare set of leads, which is even better! So fit your new drive in a spare slot and keep the original. Copy all your valuable data onto the new drive, then reformat the old drive and re-install the operating system. If your PC has been running increasingly slowly and getting cranky in the process, you'll restore it to its original condition as if it was brand spanking new - straight out of the box! Of course, you would have to reinstall the operating system and programs if you were replacing the original disk but now you'll have all of the original capacity plus the capacity of your new drive, so it will take much, much longer to fill up all the space.

    Laptops only have room for one drive but, even then, you can get 2.5" to 3.5" adaptors so that you can mount the old drive in the desktop! Waste not, want not!

    If you are going to pass the PC onto someone else in working order, the situation changes but you've already mentioned the solution but you don't need to pay 'an expert' to do it for you - you can buy programs to carry out the destruction that you simply install yourself.

    Better still, at the moment, a program called SafeErase Professional is part of this month's free software package with the magazine Computer Shopper - but may also be available with other magazine titles. "It uses methods recognised by the US Department of Defense to delete files in such a way that they can never be recovered."

    Look for the August - yes, August! - issue and make sure you buy the Free Software edition (£4.99 as against £4.50 for the edition without the software) and simply read the instructions. I've just got my copy of the mag. so I think I'll install it on my PC!

    ReplyDelete
  3. As you might expect, the software I referred to is not the latest version - it is version 11 whilst the current version is 12.

    Here is the website promoting the latest version:

    https://www.oo-software.com/en/safeerase-hard-drive-data-secure-deletion

    but the free version 11 will be more than adequate for most users. The main enhancement in the latest version seems to be the addition of a special procedure for dealing with SSDs - a new type of drive which is only just becoming widely available (it's faster, but very expensive, so you will pay a premium price for a PC using it and end up with less drive space into the bargain) so I wouldn't bother about it for now.

    ReplyDelete