After exposing personal information of more than 650,000 customers, pub chain Wetherspoon decided to delete almost all the customer information it had been storing to reduce risk. After all, the data you don’t have doesn’t need to be checked for compliance, disclosed in a GDPR subject access request or apologized for after a data breach.

In fact, data can be so toxic that Joshua de Larios-Heiman, chair of the California Lawyers Association Internet Privacy Law Committee, suggests thinking of it as uranium rather than oil. “What happens to spent uranium rods? They become toxic assets and getting rid of them is really difficult. People will sue you if you dispose of them negligently,” he says.

If you start thinking of risk in those terms, what data is your organization storing that you’d be better off without?

Don’t collect data you don’t need

To continue reading this article register now

Learn More   Existing Users Sign In

After exposing personal information of more than 650,000 customers, pub chain Wetherspoon decided to delete almost all the customer information it had been storing to reduce risk. After all, the data you don’t have doesn’t need to be checked for compliance, disclosed in a GDPR subject access request or apologized for after a data breach.

In fact, data can be so toxic that Joshua de Larios-Heiman, chair of the California Lawyers Association Internet Privacy Law Committee, suggests thinking of it as uranium rather than oil. “What happens to spent uranium rods? They become toxic assets and getting rid of them is really difficult. People will sue you if you dispose of them negligently,” he says.

If you start thinking of risk in those terms, what data is your organization storing that you’d be better off without?

Don’t collect data you don’t need

To continue reading this article register now

Learn More   Existing Users Sign In