Full Disclosure mailing list archives
Re: Secure Data Deletion Idea?
From: Rachael Treu-Gomes <rara () navigo com>
Date: Thu, 31 Mar 2005 12:24:44 -0600
For starters...
Other than the standard difficulty of proving a negative...
("Prove to me you didn't read this book." "Prove to me
you didn't keep this data." "Prove to me you're adequately
following HIPAA/SOX/GLBA/etc regs regarding privacy where
appropriate on data that you don't have but had, that may
or may not have contained sensitive information. subject
to privacy laws...")
Questions as to willful disregard and accomplice spring to
mind in cases where a company is being paid to launder and
destroy evidence. You could probably write a contract
releasing you from liability, to the tune of,"...the client
asserts that all data being submitted for destruction is
legally eligible for destruction and the service provider
assumes no responsibility for..."
...but that's hardly "no-questions-asked."
ymmv,
--ra
--
rachael treu-gomes rara at navigo dot com
..quis custodiet ipsos custodes?..
(this email has been brought to you by the letters 'v' and 'i'.)
On Thu, Mar 31, 2005 at 10:23:40AM -0800, John Blood said something to the effect of:
I know there are a lot of people that want to comment
on this....
I'm thinking about what the possibilities for a secure
data deletion business would have in the United
States. What are the legal ramifications of providing
a no questions asked data wiping service to businesses
and individuals (using tools like DBAN, Erase, etc).
It's understood about data not being totally "gone" no
matter how many times it is erased, blah blah blah,
but are there any constraints that would prevent such
a business from flourishing?
__________________________________
Yahoo! Messenger
Show us what our next emoticon should look like. Join the fun.
http://www.advision.webevents.yahoo.com/emoticontest
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Secure Data Deletion Idea? John Blood (Mar 31)
- Re: Secure Data Deletion Idea? Rachael Treu-Gomes (Mar 31)
- Re: Secure Data Deletion Idea? Gary E. Miller (Mar 31)
- NVIDIA and Zdnet.de vs Microsoft alex (Mar 31)
- Re: NVIDIA and Zdnet.de vs Microsoft ADT (Mar 31)
- Re[2]: NVIDIA and Zdnet.de vs Microsoft bjerregaard (Mar 31)
- Re: NVIDIA and Zdnet.de vs Microsoft J u a n (Mar 31)
- Re: [security] NVIDIA and Zdnet.de vs Microsoft Alex (Mar 31)
- Re: [security] NVIDIA and Zdnet.de vs Microsoft Alex (Mar 31)
- Re: NVIDIA and Zdnet.de vs Microsoft Morning Wood (Mar 31)
- Re: NVIDIA and Zdnet.de vs Microsoft ADT (Mar 31)
- Re: Secure Data Deletion Idea? Valdis . Kletnieks (Mar 31)
- Re: Secure Data Deletion Idea? dk (Mar 31)