With global personal information flows increasing, efforts have been made to develop principles to standardize data protection regulations. However, no set ofprinciples has yet achieved universal adoption. This note proposes a principle mandating that personal data be securely destroyed when it is no longer necessary for the purpose for which it was collected. Including a data deletion principle in future data protection standards will increase respect for individual autonomy and decrease the risk of abuse of personal data. Though data deletion is already practiced by many data controllers, including it in legal data protection mandates wil further the goal of establishing an effective global data protection regime

Document Type


Publication Information

16 Indiana Journal of Global Legal Studies 363-384 (2009)

Creative Commons License

Creative Commons Attribution 3.0 License
This work is licensed under a Creative Commons Attribution 3.0 License.