Fight to Be Forgotten: Exploring the Efficacy of Data Erasure in Popular Operating Systems

  • Andreas GutmannEmail author
  • Mark Warner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11498)


A long history of longitudinal and intercultural research has identified decommissioned storage devices (e.g., USB memory sticks) as a serious privacy and security threat. Sensitive data deleted by previous owners have repeatedly been found on second-hand USB sticks through forensic analysis. Such data breaches are unlikely to occur when data is securely erased, rather than being deleted. Yet, research shows people confusing these two terms. In this paper, we report on an investigation of possible causes for this confusion. We analysed the user interface of two popular operating systems and found: (1) inconsistencies in the language used around delete and erase functions, (2) insecure default options, and (3) unclear or incomprehensible information around delete and erase functions. We discuss how this could result in data controllers becoming non-compliant with a legal obligation for erasure, putting data subjects at risk of accidental data breaches from the decommissioning of storage devices. Finally, we propose improvements to the design of relevant user interface elements and the development of official guidelines for best practice on GDPR compatible data erasure procedures.


Privacy evaluation Data erasure GDPR Cognitive Walkthrough 



This work has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 675730, within the Marie Skłodowska-Curie Innovative Training Networks (ITN-ETN) framework.


  1. 1.
    Diesburg, S., Feldhaus, C., Fardan, M.A., Schlicht, J., Ploof, N.: Is your data gone?: measuring user perceptions of deletion. In: Proceedings of the 6th Workshop on Socio-Technical Aspects in Security and Trust, pp. 47–59. ACM (2016)Google Scholar
  2. 2.
    Donath, J.: The Social Machine: Designs for Living Online. MIT Press, Cambridge (2014)CrossRefGoogle Scholar
  3. 3.
    EY: IAPP-EY Annual Privacy Governance Report 2018. Technical report, International Association of Privacy Professionals (2018). Accessed 21 Dec 2018
  4. 4.
    Hughes, G.: Tutorial on disk drive data sanitization (2006)Google Scholar
  5. 5.
  6. 6.
    Jones, A., Dardick, G.S., Davies, G., Sutherland, I., Valli, C.: The 2008 analysis of information remaining on disks offered for sale on the second hand market. J. Int. Commer. Law Technol. 4(3), 162–175 (2009)Google Scholar
  7. 7.
    Jones, A., Valli, C., Dabibi, G.: The 2009 analysis of information remaining on USB storage devices offered for sale on the second hand market. In: Australian Digital Forensics Conference, p. 61 (2009)Google Scholar
  8. 8.
    Mahatody, T., Sagar, M., Kolski, C.: State of the art on the cognitive walkthrough method, its variants and evolutions. Int. J. Hum.-Comput. Interact. 26(8), 741–785 (2010)CrossRefGoogle Scholar
  9. 9.
    Westman, M.: eMMC Chip Off - Benefits and Risks Workshop (2017). Accessed 21 Dec 2018
  10. 10.
    Westman, M.: Where Did That Incriminating Evidence Come From? (2018). Accessed 21 Dec 2018
  11. 11.
    McKenzie, C.R., Liersch, M.J., Finkelstein, S.R.: Recommendations implicit in policy defaults. Psychol. Sci. 17(5), 414–420 (2006)CrossRefGoogle Scholar
  12. 12. Operating System Market Share. Accessed 21 Dec 2018
  13. 13.
    Rieman, J., Franzke, M., Redmiles, D.: Usability evaluation with the cognitive walkthrough. In: Conference Companion on Human Factors in Computing Systems, pp. 387–388. ACM (1995)Google Scholar
  14. 14.
    Robins, N., Williams, P.A., Sansurooah, K.: An investigation into remnant data on USB storage devices sold in Australia creating alarming concerns. Int. J. Comput. Appl. 39(2), 79–90 (2017)Google Scholar
  15. 15.
    Spencer, R.: The streamlined cognitive walkthrough method, working around social constraints encountered in a software development company. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 353–359. ACM (2000)Google Scholar
  16. 16.
    Storer, T., Glisson, W.B., Grispos, G.: Investigating information recovered from re-sold mobile devices. In: Privacy and Usability Methods Pow-wow (PUMP) Workshop, p. 2. ACM, University of Abertay, Dundee (2010)Google Scholar
  17. 17.
    Valli, C., Jones, A.: A UK and Australian Study of Hard Disk Disposal (2005)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.OneSpan Cambridge Innovation CentreCambridgeUK
  2. 2.University College London Interaction CentreLondonUK
  3. 3.University College London Information Security GroupLondonUK

Personalised recommendations