Limit Data Retention Periods
Less is more.
There are many reasons why data retention limits are important. Usually, more is better. But in the case of surveillance data, keeping too much for too long can be problematic:
- It creates a security risk as more data creates a bigger target that is vulnerable to misuse or being compromised by hackers.
- It increases the risk that private companies will acquire and publish surveillance data to commercial databases.
- It can potentially be combined with data from other sources, searched, and “mined” to produce detailed profiles of innocent people.
- It can become difficult and time-consuming to process, search through, and use – especially a problem in responding to public disclosure requests.
- Too much data is expensive to store and back up.
These are just a few of the concerns that arise when a strict surveillance data retention policy is not enforced. Limiting data retention can protect privacy, reduce costs, and improve the data’s usefulness for valid law enforcement purposes.
The best solution is to immediately delete any data that is not needed for an investigation before it is stored. Surveillance systems that can compare data against watchlists and reject all unneeded data should be configured to do so. This will help protect innocent individuals from a number of harms that arise from the use of surveillance technologies.
When that is not technologically possible, policies should limit the retention of data to the shortest time needed for processing. Data not needed for an investigation should be securely deleted after the retention period is over. Furthermore, the retention period should be reviewed and shortened as technological advances make it possible to identify and discard unneeded data as it is collected.