Data deletion and data erasure may sound similar, as one may consider both the actions as ways to “remove data”.
In layman terms, you may think of “data deletion” as emptying a file from the Recycle Bin or Trash (in Mac) or using SHIFT+DEL command to remove a file from a visible location on your system or external drive to an unknown location. Likewise, “data erasure” can be erasing (or wiping) the data so that it vanishes from the storage media to somewhere unknown like a piece of information is erased from paper.
The fact is, both data deletion and data erasure are fundamentally different in every sense; from their purpose and mechanism to the end-results.
This blog brings out the difference in data deletion & data erasure by outlining the critical differences between them. More importantly, it explains why you should be concerned about knowing this difference in today’s world of data vulnerabilities and data protection laws.
Let us begin with understanding what happens when you DELETE data vis-à-vis when you ERASE it.
Technically, the operating system uses a ‘file system’, i.e. a table structure, to keep track of all the logical storage units or clusters on the hard disk and how these clusters store and retrieve data. You may have heard of the File Allocation Table (FAT) & New Technology File System (NTFS) drives in Windows or Apple File System (APFS) volume in macOS. These are some types of file systems used for storing and retrieving the data, i.e. which file is stored from cluster 1 to cluster ‘n’, and so forth. The file allocation table stores the addresses, also known as pointers, of the data stored on the clusters (or Nodes in Mac system).
When a file is deleted, the operating system deletes the pointers to the file and marks the corresponding cluster in FAT or master file table (MFT) as ‘available’ for storing new file or data.
You may be surprised to know that ‘deletion’ does not necessarily delete the file or actual data, but only the pointer, i.e. address to the file, due to which the file becomes invisible and inaccessible to normal usage by user. However, be informed that the deleted file – even the one emptied from the Recycle Bin or deleted using Shift + Del command –still resides in the storage media. It can be retrieved easily using a simple DIY Data Recovery software like Stellar Data Recovery.
Data erasure, on the other hand, involves overwriting the existing data on a storage sector with binary patterns like ‘1s’ and ‘0s’ or meaningless pseudo-random patterns with the purpose to destroy or sanitize it.
‘Data erasure’ also called as data destruction in general aims to eradicate or sanitize the data to render it completely unusable. In simple words, the data turns illegible after it is erased or overwritten with binary patterns.
The overwriting methods used for performing data erasure on a storage media differ in terms of the patterns and passes used (i.e. the number of times a pattern is written) and also how the outcome of a given overwriting method on a drive is verified. For example, the DoD 5220.22-M method uses three passes of 0s, 1s, and random character for data erasure with a 100% verification.
The following table presents a comparison between deletion and erasure across several key aspects:
|Data Deletion||Data Erasure|
|Technical Mechanism||Address of the data is deleted from the master file table (MFT), and the space is marked as available in the MFT.||Data is overwritten with specific binary patterns, resulting in the sanitization of storage media beyond data recovery.|
|Implementation Method||‘Manual’ by using Shift + Del command in Windows or Option + Command + Delete in macOS. Alternatively, the data can be manually emptied from the Recycle Bin or Trash for permanent deletion.||Typically, a software tool is used for data erasure like BitRaser, which implements the overwriting pattern based on the standard used, such as US DoD 5220.22, NIST 800-88, British – HMG, etc. Software erases data and provides a certificate of erasure.|
|End Result||Creation of empty storage space for fresh usage. However, deleted data is present in the system in a readable form by any DIY software.||All the data is overwritten, and the drive is available for reuse without any traces of data left behind.|
|Recoverability||Deleted data can be recovered using a DIY data recovery tool or manual/lab techniques.||Erased data is no longer present on the system & cannot be retrieved by any means – software or in-lab methods/techniques.|
Despite deletion being a common action every computer user does with everyday system usage, it is surprising to find that not as many users are aware of what happens with file deletion.
And that is what a lab investigation had revealed in 2019. The study had investigated 311 used devices, including hard disks, SD cards, and mobile phones, to find that 1 in every 4 devices or 25% devices were disposed of after either deleting the files or formatting the media. The users had used deletion and formatting as the actions for data removal and had, therefore put their sensitive data at risk of potential leakage. They were not aware of data erasure as the process meant for destroying sensitive information.
As understood earlier, data deletion is the process of creating fresh storage space, and it has nothing to do with the removal of data from the standpoint of protecting users’ data privacy. So, being ignorant of this fact can put your data at risk of leakage and misuse.
The study referenced earlier in this blog had also revealed a surprising variety of sensitive personal and business data found present on the disposed of devices. This data was comprised of personal photos and videos, passport and visa details, driving license, national identity card, income tax records, invoices, banking information, etc.
Exposure of this data to an unauthorized third party could lead to grave outcomes like identity theft, financial fraud, personal security threat, brand damage, IP theft, customer loss, and even litigation. For organizations, data deletion can lead to data breach episodes and non-compliance with laws and regulations and incur huge penalties.
Data erasure provides one of the safest and most efficient ways to eradicate redundant data. As understood earlier, the process is based on overwriting the addressable memory locations with binary patterns to destroy the data, rendering it unrecoverable using any data recovery tool or technique.
BitRaser Drive Eraser is a professional software, which implements data erasure as per 24 global standards such as NIST 800-88, US-DoD 5220.22-M, Peter Gutmann, etc. The tool securely erases the complete storage media, including the hidden area of the storage media & remapped sectors.