The truth about data removal services

A representational concept of a social media network
(Image credit: Shutterstock / metamorworks)

The world has witnessed a remarkable surge in digital technology in recent years, bringing numerous benefits. However, with the increasing collection and storage of personal and sensitive information, security and privacy have become increasingly important. As a result, data removal services have emerged to address this issue, claiming to permanently erase data from devices and protect users from potential privacy breaches.

Data removal services are designed to remove all traces of data from a device, including files, folders, and other sensitive information. However, the effectiveness of these services has been a subject of debate. 

While data removal services claim to permanently erase data from devices, there is no guarantee that the data is completely erased. In some cases, data can still be recovered using specialized software.

In this article, you'll learn more about data removal services and whether they're worthwhile for your situation. 


Reader Offer: 20% off with code PARTNER20

Reader Offer: 20% off with code PARTNER20
DeleteMe makes it quick, easy and safe to remove your personal data online. Start today with code PARTNER20 for 20% off.

Preferred partner (What does this mean?

The mechanics behind data removal services

data privacy

(Image credit: Shutterstock / Zeeker2526)

Data removal services are becoming increasingly essential in today's interconnected world, where sensitive information is stored and shared across different platforms. When data becomes obsolete or is no longer required, it is crucial to ensure it is disposed of properly. Data removal services offer a reliable solution to this problem by erasing the data securely, making it impossible to retrieve.

These services operate on the principle of overwriting data with random or null information multiple times, making it challenging to recover the original content. The process of data removal involves several advanced algorithms and methods that are designed to render data irrecoverable. These techniques often include overwriting data with random patterns, pseudorandom numbers, or zeros. The process is repeated several times to reduce the possibility of retrieving any traces of the original data.

Moreover, data removal services ensure that the data removal process complies with various regulatory requirements. These include laws like the Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR), which mandate the secure disposal of sensitive data. Compliance with these regulations is essential for businesses and organizations that handle sensitive data, as non-compliance can lead to legal action and financial loss.

Three examples of data removal techniques 

Attention warning attacker alert sign with exclamation mark on dark red background.Security protection Concept.

(Image credit: Shutterstock)

The Gutmann method is a data removal technique that has gained widespread recognition as one of the most effective ways to erase sensitive information from a hard drive completely. Developed by Peter Gutmann, a computer scientist at the University of Auckland, in the late 1990s, this method involves overwriting data with 35 different patterns, which makes it almost impossible to recover the original data.

The basic principle behind the Gutmann method is that data can be recovered from a hard drive even after it has been deleted. This is because when data is deleted, it is not removed from the hard drive. Instead, its space is marked as available for new data to be written over it. However, until new data is written over the old data, it can still be recovered using specialized software.

The Gutmann method is widely regarded as one of today's most secure data erasure methods. It is based on the idea that overwriting the data with multiple patterns makes it more difficult to recover the original data. The 35 patterns used in this method are designed to make it virtually impossible to recover any previously stored data on the hard drive.

Overall, the Gutmann method effectively protects sensitive information and ensures that it is safely erased from a hard drive. It is a highly recommended method for individuals and organizations who need to erase data from their computers securely.

Photo by Markus Spiske on Unsplash

(Image credit: Photo by Markus Spiske on Unsplash)

Another popular technique is the DoD 5220.22-M method, which involves overwriting data with three patterns. The DoD 5220.22-M is a data sanitization method widely used on hard drives. It is also known as the Department of Defense (DoD) standard, a US military-approved wiping process to clean drives. This standard was created in 1988 by the government and offers options to wipe drives, disks, and Solid State Drives (SSDs).

The DoD 5220.22-M standard is designed to ensure that all data on a hard drive is completely erased and cannot be recovered. This is particularly important for sensitive data that needs to be protected from unauthorized access. The standard specifies a wiping process that uses three passes to overwrite the entire hard drive with random characters, making it virtually impossible to recover any previously stored data on the drive.

The first pass of the wiping process involves overwriting the entire hard drive with a series of zeros. The second pass involves overwriting the entire hard drive with a series of ones. Finally, the third pass involves overwriting the entire hard drive with random characters. This three-pass process ensures that all data on the hard drive is completely erased and cannot be recovered.

The DoD 5220.22-M standard is used by the US military and many other organizations that deal with sensitive data. It is a reliable and effective method for ensuring that all data on a hard drive is completely erased and cannot be recovered. It is important to note that this standard is not necessary for everyday use but for situations where sensitive data needs to be protected from unauthorized access.

Data removal services are not limited to hard drives and solid-state drives. They also extend to smartphones, tablets, and other mobile devices. These services employ specialized software that can erase all data from the device, including contacts, messages, photos, and videos.

Hammer

(Image credit: Photo by Moritz Mentges on Unsplash)

You can also destroy the drive containing data if you no longer need it. This technique ensures that the data is rendered irrecoverable and cannot be used for any malicious purposes. 

There are different ways to achieve this. One way is through physical destruction, such as drilling or hammering holes in the drive. Another way is to use a professional shredder explicitly designed for hard drives. Shredding the hard drive completely destroys the data and cannot be retrieved. 

It is important to note that simply throwing away the hard drive is not a safe method, as experienced hackers can still recover the data. Therefore, it is essential to take the necessary measures to ensure that the data is destroyed and cannot be accessed by anyone.

Third-party certification

NIST entrance

(Image credit: NIST)

Some providers undergo third-party certifications to build trust and confidence in their services. These certifications are provided by organizations such as the National Institute of Standards and Technology (NIST), which provides guidelines against which data removal software can be tested. Services that attain these certifications are considered more reliable and trustworthy in their claims.

NIST guidelines cover a range of areas, including data sanitization methods, verification and testing procedures, and documentation requirements. By adhering to these guidelines, data removal services can ensure high security and protection for their client's data. For example, NIST guidelines recommend using multiple data sanitization methods to ensure that data is completely erased and cannot be recovered. They also require that data removal software undergo rigorous testing to ensure its effectiveness and reliability.

In addition to assuring clients, third-party certifications can benefit data removal service providers. By attaining these certifications, providers can differentiate themselves from competitors and demonstrate their commitment to data security and privacy. This can help to attract new clients and build a strong reputation in the industry.

Overall, third-party certifications such as those provided by NIST can play an essential role in ensuring the reliability and effectiveness of data removal services. By adhering to these guidelines, providers can offer high-quality services that meet clients' needs and help protect sensitive information from data breaches and cyber threats.

Limiting factors and real-world challenges

Data removal services face several challenges in ensuring that data is completely and irretrievably erased. One of the biggest challenges is fragmentation and redundancy in storage systems. Complete eradication becomes more challenging when data is spread across multiple storage areas or overwritten data is duplicated in other locations. This is because data removal services typically rely on overwriting the existing data with new data to ensure the original data is no longer recoverable. However, ensuring that all copies of the data have been overwritten becomes more challenging if the data is fragmented or duplicated.

Another challenge that data removal services face is the effectiveness of their algorithms on different types of storage devices. While modern storage devices generally support standard data writing and erasing algorithms, older devices or those not compliant with current standards might present limitations regarding data removal efficacy. This is because these devices might not support the same algorithms or have different data storage structures, making it more difficult to erase data.

Furthermore, data removal services must consider the different file systems of other operating systems. For example, the NTFS file system used by Windows stores data differently than the HFS+ file system used by macOS. This means that algorithms that work effectively on one type of file system might not be as practical on another, making it essential for data removal services to thoroughly understand the different file systems and how they store data.

The effectiveness of data removal services

As noted above, data removal services employ multiple overwriting techniques to ensure that the original data is overwritten with random data patterns, making it nearly impossible to recover the original information. 

Despite the effectiveness of data removal services, it is essential to note that no service can guarantee 100% success in all scenarios. Advanced recovery techniques and specialized software, often employed by forensic experts, might recover data fragments from overwritten sections. In such cases, the data removal service's effectiveness may be diminished.

However, the benefits of using data removal services far outweigh the risks. By using these services, individuals and organizations can significantly reduce the chances of data breaches, protect themselves from potential legal and financial consequences, and help to ensure compliance with industry regulations. 

In today's world, where data breaches are becoming increasingly common, it is essential to take all necessary precautions to protect sensitive information. Data removal services are crucial, and their effectiveness cannot be overstated.

You might also like to read about removing yourself from the internet and bridging the data security gap: navigating data protection.

Bryan M Wolfe

Bryan M. Wolfe is a staff writer at TechRadar, iMore, and wherever Future can use him. Though his passion is Apple-based products, he doesn't have a problem using Windows and Android. Bryan's a single father of a 15-year-old daughter and a puppy, Isabelle. Thanks for reading!