In “Why self-deleting data may be the solution”, Data Strategy editor David Reed comes up with the appealing thought that now may be the time to invent self-deleting data. He writes:
“Records that automatically removed themselves from a database after a given period of time would answer some critical issues currently facing the data industry — growing customer resistance to providing personal information, compliance with the Data Protection Act, even respecting individual Human Rights.
… consider the current debate over retention of DNA profiles of innocent people. The UK already has the largest DNA database in the world and the idea has even been floated of capturing genetic data on everybody at birth. Yet a citizen’s inquiry set up by the Human Genetics Commission recently not only rejected universal coverage, but also urged that the innocent – and criminals with spent convictions – should have their profiles deleted. Instead of having to write and request this to happen, self-deleting data would automatically tackle the issue after a specified period.
The same approach might also resolve the contentious issue of data transfers on airline passengers between the EU and the US. …
Such a mechanism would also support compliance with probably the most- contravened principle of the Data Protection Act — that data should not be kept for longer than is necessary. …. If individuals knew records would self-erase in three years’ time, then they might regain their trust in data controllers. That resolves both the problem of gaining permission and of remaining compliant at a stroke …”.
[source: David Reed, writing in Data Strategy, 18 September 2008].