Selective Memory: Retention, Privacy and Surveillance during Adverse Digital Events

Data minimization and deletion are foundational to good privacy and information governance, yet adverse digital events repeatedly expose a different weakness. Organizations cannot reconstruct events or defend decisions because evidence no longer exists, cannot be accessed, or resides with a third-party. This panel explores selective memory, how different data types (e.g. instant messages, email, activity logs, SaaS artefacts) justify different retention and availability choices, and how those choices intersect with privacy and transparency obligations, surveillance legislation, proportionality and minimization, and incident response realities. Our experts will debate the conflicting priorities professionals must navigate to build a defensible data environment.

What you will learn:

• Minimizing data exposure against meeting evidentiary requirements, employing strategies to reduce uncertainty and liability in digital crises or regulatory probes.

• Guidance for balancing data minimization with Privacy Act rights and obligations for record-keeping and effective incident response.

• Why accessible records are essential for reconstructing incidents, establishing timelines, and defending organizational actions.