On 16 August 2012, the ICO published guidance on deleting personal data under the Data Protection Act 1998 (DPA). The guidance describes how organisations can ensure compliance with the DPA when they delete or archive personal data, and explains what the ICO means by deletion and archiving and introduces the concept of putting personal data ‘beyond use.’ The guidance aims to counteract the problem of organisations informing people that their personal data has been deleted when, in fact, it is merely archived and could be re-instated; archived information is “subject to the same data protection rules as ‘live’ information, although information that is in effect inert is far less likely to have any unfair or detrimental effect on an individual than live information.”
Given the fifth data protection principle which provides that “personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes,” the deletion of personal data is an important activity for organisations which control or process personal data. The ICO notes that, although the DPA does not define “delete” or “deletion”, a plain English interpretation implies “destruction” which, in the case of electronic storage, is less certain than, say, incineration of paper records, since information which has been “deleted” may still exist within an organisation’s systems in some form or other.
The ICO says that it will “adopt a realistic approach in terms of recognising that deleting information from a system is not always a straightforward matter and that it is possible to put information ‘beyond use’, and for data protection compliance issues to be ‘suspended’ provided certain safeguards are in place.” The ICO gives specific examples of where putting information ‘beyond use’ would be an acceptable alternative to ‘deletion’. For example, an acceptable alternative may arise where for technical reasons, it is not possible to delete this information without also deleting other information held in the same batch, or where information has been deleted with no intention on the part of the data controller to use or access this again, but which may still exist in the electronic ether where it is waiting to be over-written with other data. The ICO will be satisfied that information has been ‘put beyond use’ if the “data controller holding it: