Robert Bond (email@example.com) is Partner & Notary Public at Bristows LLP in London, UK.
As data protection laws continue to evolve around the world, one of the core data protection principles—storage limitation—remains a priority. It requires organizations to retain personal data for only as long as it is necessary for the purposes for which they are required. The challenge is that the necessary amount of time has not been defined.
The European Union General Data Protection Regulation provides specific requirements for the storage limitation principle, saying that personal data shall be “kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.”