Written by 
A Dutch scientist has developed a system of deleting private details from databases automatically with pre-set time bombs that ensure redundant personal data is not left festering on company hard drives.
Dr Harold van Heerde of the Centre for Telematics and Information Technology at the University of Twente says his database software allows information to degrade as it becomes less relevant to the company or organisation holding the data.
The system, the scientist claims, means there would be far less danger of legacy details being leaked in a security breach.
“A lot of data becomes increasingly less valuable for a service provider over time, but they tend to keep it and often don’t take sufficient precautions to protect it, so there is no balance between the value of the data and privacy risk,” van Heerde told PC Pro.
“The idea with this is that data is deleted according to a timetable so that consumers can better trust the companies that retain personal information.”
Van Heerde said his prototype could be programmed to delete in a systematic manner to comply with data retention laws or privacy policies.
“Everything starts with the policy and you could say that after one month this value must be removed or after six months all the data must be removed,” he said. “It can be ongoing, so a company can keep what they think is relevant for longer, but remove, say, personally identifiable data much sooner.”
Van Heerde said his work had proved the feasibility of the concept but that software companies would need to take on the baton to turn the concept into a commercial product.
“Hopefully, one day service providers that collect data can use this as a marketing tool, with a logo or badge showing that they responsibly delete data as it goes out of date,” he said.
