I've come across the ICO's new guidance on deleting personal data. http://www.ico.gov.uk/for_organisations/data_protection/the_guide/inform ation_standards/~/media/documents/library/Data_Protection/Practical_appl ication/deleting_personal_data.ashx Although backups are not specifically mentioned, the following section refers to circumstances where "information has been deleted with no intention on the part of the data controller to use or access this again, but which may still exist in the electronic ether. For example, it could be waiting to be over-written with other data." If the information has been put 'beyond use' then the data controller is not required to grant individuals subject access. There are also four tests, or 'safeguards' that need to be in place to satisfy this definition. Does this mean that if an email is deleted from the 'live' system, but may persist for a time in daily/weekly/monthly backups, while waiting to be overwritten by subsequent backups, there is no obligation to restore that backup to locate relevant personal data? There is no intention to process the data again, therefore by this interpretation the records would be 'deleted' rather than 'archived'. Or alternatively, is holding a backup for disaster recovery purposes still an intention to 'use or access' the data again? best wishes Mark Ogden Mark Ogden Information Policy Advisor Information and Knowledge Management British Council The British Council is the United Kingdom's international organisation for cultural relations and educational opportunities. We are a registered charity; 209131 (England and Wales) SC037733 (Scotland). We create international opportunities for the people of the UK and other countries and build trust between them worldwide. This message is for the use of the intended recipient(s) only. If you have received this message in error, please notify the sender and delete it. The British Council accepts no liability for loss or damage caused by software viruses and you are advised to carry out a virus check on any attachments contained in this message. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^