Home WEEE obligations Reducing WEEE costs Our charges Collection Contact us What we will do About us Data destruction Recycle or Reuse?

Can you safely dispose of an old computer without risking having your data stolen? Yes - if the hard drives are wiped.

In order to be sure that a deleted file really is deleted, it is necessary to repeatedly overwrite the data sectors of that file. This process is not simply “erasing” or “formatting” the drives, which is not sufficient, as there are numerous tools available to recover “lost” data from residual magnetism on disk drives. To erase data from a drive, wiping programmes overwrite each bit on the drive with unusable, nonsensical, data. The unusable data bit replaces the magnetic imprint of the previously written bit, but, because drive heads wobble, it makes sense to overwrite the data on the drive more than once as the drive head will track differently over the disk during different writes. The older the drive, the more writes are needed to ensure that the old data has been replaced by unusable data. The newer the drive, the fewer passes are needed.

There are many different standards for wiping drives, each one recommending a certain number of overwrites. For example, the US Department of Defence has published guidelines for wiping magnetic media to guarantee that all data previously contained on that magnetic media is gone forever. This specification, DOD5220.22-M, requires that every single location on a magnetic media device is overwritten three individual times, first by writing a fixed value once, then its complement value once, and finally a selected value once. After the final overwrite is completed, the disk is read to check the overwrites, and the new contents are verified to make sure that the desired pattern is indeed written on the drive. British standards exist: HMG Infosec Standard No. 5 (Baseline) and HMG Infosec Standard No. 5 (Enhanced Level). Basline certified products may be used to clear Government-classified data up to RESTRICTED when disposing of storage media outside secure environments; Enhanced Level products may also be used to purge CONFIDENTIAL and SECRET data. The exact criteria used to certify erasure products in the UK seem to be secret!

The following is paraphrased from an article by Steve Elderkin, a computer forensics expert.

Computers change at a rapid rate. Most of the overwriting standards were written by government agencies as a means of destroying data on drives containing unclassified material. These standards were based on the specifications of the hardware available at the time. The architecture of a ten megabyte drive produced in the early 1980s is very different from that of a modern 250 gigabyte drive.

A hard disk drive looks and operates much like an old fashioned record player. Information is recorded and retrieved by a magnetic head mounted on a moveable arm, which hovers over a rapidly spinning disk. Each drive contains one or more disks; the disks in desktop PCs are usually made of aluminium (which gives the hard disk its name), whereas high quality glass is often used for disks in laptop computers. Old hard drives had such small capacities because the read and write heads of the drives did not track very accurately - they wobbled. The more the disk head wobbles, the less accurate it is. Modern drives have heads that can access the disks far more accurately, allowing more data to be fitted onto the same space on the disk.

In this example, the particular bit on the hard drive has been written four times. To the left hand side of the diagram, on the older hard drive, the imprints of previous writes can clearly be seen. This means that it is possible to recover data left from a previous file by reading the small amounts of magnetic charge left around the edges. The more modern the drive, the less wobble there is in the disk heads, resulting in a lower chance of having any residual bits of data to look at.

Is it possible to recover old, overwritten, data with an electron microscope, advanced statistics, and special programming skills? Data recovery, even with these specialised and powerful tools, is so difficult that it can be called impossible. There are thousands of millions of bits on a disk - it would take years to recover enough bits to begin to think about looking for data, and, even then, it would be virtually impossible to know which bits of data combine with which others. The chances of recovering previously overwritten data on a newer drive are even lower than on an older drive.

How many overwrite passes are needed? One! Data is so incredibly difficult to recover after being overwritten that, even with the special tools and knowledge described above, data is not going to be recovered from the drive. Internet searches for examples of overwritten data being recovered show no events where a person recovered more than a couple of bits of a byte.

The Department of Defense standards may help the fearful to sleep better at night, but one overwrite is enough to protect any data from being recovered.

Companies need to to be able to completely trust the organisation which receives their end-of-life IT equipment, and the people within that organisation.

Does the organisation have a dependable procedure in place to:

	securely handle and store systems or hard disks, with tracking records, to enable tracing?
	effectively and reliably destroy data on hard drives, or physically destroy non functioning drives?
	reliably certify to the company that they have destroyed data on all hard disks?
	allow verification of their certification?