Most businesses collecting data they never use, survey finds Most companies in the UK, France and Germany collect data they never use, according to a new survey. Data storage providers Pure Storage said a survey of 308 IT decision makers across the three countries in July that it commissioned found that 72% of organisations "have gathered data that was not used later on". The survey …
I would say that large numbers of organisations capture information that is not looked at after initial capture.
Typical example is for compliance purposes. Let's say an organisation needs to keep their email and telephone records for x years - those records are probably never inspected. The simple answer to the Data Protection issue is that the records are being kept for compliance purposes.
Any organisation that raises invoices will say that they have to keep copies of them for compliance purposes. Do they make use of them? Probably only if there's a query.
Of course those records could be made much more useful by sticking them in a Data Warehouse, or similar, but I get the impression that this is not within the context of the survey.
thank you for a more polite response than mine, which would have been just "No * Sherlock."
The article did, however, raise a question or thought: if, rather than a data warehouse, 'we' move things like invoices, copies of correspondence etc, into something like Amazon Glacier, where there is a monthly storage charge plus a retrieval charge that we incur if the compliance people come calling a couple of years later, who pays that charge? Is it just a cost of business, along with the storage itself - a cost that can be charged for "compliance record keeping" or similar?
who is to blame?
I suspect that's the wrong question.
My guess (IANAL) is that the provider is to blame, but you will be held responsible. The onus is on you to protect the data, which includes choosing reliable subcontractors.
Think of a purely internal equivalent. You store it on a single disk, which suffers a head crash. Who's responsible, you or, say, Seagate?
"... data shall be obtained only for one or more specified and lawful purposes ... data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed ... shall not be kept for longer than is necessary for that purpose or those purposes..."
Tsk tsk tsk.
Following suspicious behaviour from specific groups (to pluck an example our of the air, Chechens who had visited the home country, googled radical sites, were flagged up by Russian security agencies) is apparently not done, but following your hot ex and her new husband as they shop and go on vacation, that definitely. Because spy boys will be boys.
@Monsieur DePlume
I worked on at least two defence projects where we were the first to actually examine data that had accumulated for years, but there had never been money allocated to studying it. We were looking at ancient magnetic tapes in ancient formats, religiously collected because orders are orders. Sometimes the tapes had been transcribed to CDs.
The military people we dealt with were all strongly oriented to the here and now, and not interested in going over old data.
"Why do you collect all this data?"
"Well, because we can and it might be useful someday..."
"But many recent events have shown that, even when you've *had* the data and *known* about the perpetrators, you've not been able to use that information to stop the attacks because it's buried under a mountain of crap about everyone else."
"..."
Those who search for reasonable reasons are wrong. Businesses keep as much as they can of what they collect because storage is cheap and intelligently deleting what you don't need is expensive. Unfortunately security is also expensive.
As an example, my personal tax returns go back to the days of paper copies. I know I'm not legally required to keep all of them but some might not be old enough to toss. To delete them I'd have to find the requirements, find the appropriate files, shred them, and repeat every year. It's much easier to ignore it and keep everything.
Scientists measure everything, just in case they might need it. Companies record everything, just in case they might need it. Engineers store everything, just in case they might need it.
You have to work hard to figure out and throw away everything you don't need, and you might regret it later. There is simply no incentive to do it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
