Data Hoarding: Addressing the Behavioural and Cultural Challenges of Data Minimisation

We all know about hoarders – but what about data hoarders?  Is it a ‘thing’ and how might you change a data hoarding culture?

In a previous post, we discussed Cal Newport’s Digital Minimalism and the benefits of focusing on a small number of digital activities that actually support your values (and ignoring the rest). Reducing digital clutter, he argues, decreases the amount of time spent on activities that aren’t of net value while also increasing intentionality. 

The opposite of Digital Minimalism is Data Hoarding – and the tension between the two plays out in most organisations.  In an era where data is often described as the “new oil,” data minimisation can seem counterintuitive (especially for hoarders!). The idea that organisations should only collect, store, and process the minimum amount of personal data necessary for a specific purpose, can be very confronting for those who like to hang on to their digital records. 

This clash between digital minimalism and data hoarding is often not just a technical or legal issue; it can be deeply rooted in behavioural and cultural practices within organisations.  Understanding data hoarding practices and culture and addressing them effectively can be crucial for the successful implementation of data minimisation principles.

In this post, we look at some of the behavioural and cultural reasons for data hoarding and outline some steps to address those challenges as part of embedding data minimisation in your organisation.

What is Data Hoarding?

Data hoarding (also known as e-hoarding, e-clutter, digital hoarding, digital pack-rattery or cyber hoarding) is a thing.  First identified in 2015, it is defined by researchers as an emerging sub-type of hoarding disorder characterised by individuals collecting excessive digital material which leads to those individuals experiencing stress and disorganisation.[1] 

Research indicates there may be correlation between individuals who exhibit physical and digital hoarding behaviours.  

We’ve included some references to interesting articles at the end of this post. 

Data Hoarding: The Challenges

Accepting that data hoarding is a ‘thing’ – what are some of the contributing factors that should be considered when trying to develop strategies to counteract the practice?

The following are some of those challenges:

Keeping Data for the Future/Just in Case

One of the most common challenges is the tendency to hold onto data “just in case” it might be useful in the future. This mentality is driven by the fear of losing potentially valuable insights or missing out on future opportunities. 

To counter this mindset, organisations should implement strict data retention policies that clearly define what data needs to be kept and for how long. Regular reviews and audits can ensure that unnecessary data is identified and removed, reducing the overall data footprint.

Keeping Data as Evidence

In some cases, data is retained as evidence for potential legal or regulatory requirements. While this is a legitimate concern, it can lead to the unnecessary accumulation of data over time. 

Legal and compliance teams should work together to establish clear guidelines on what constitutes essential evidence and what data can be safely deleted. Implementing a system for securely archiving necessary evidence while eliminating redundant data can help balance legal obligations with data minimisation goals.

Not a good use of time

Data deletion is often seen as a low-priority task that is too time-consuming or tedious to warrant immediate attention. This leads to procrastination and the accumulation of unnecessary data over time. Some 2005 research shows that users typically keep half of the emails they receive and reply to about a third of them.

Automation can play a significant role in addressing this challenge. By deploying tools that automatically enforce data retention and deletion policies, organisations can reduce the manual effort required and ensure that data is managed efficiently. Additionally, embedding data minimisation practices into everyday workflows can make the process less daunting for employees. 

Inertia and Resistance to Change

Established organisations often have deeply ingrained processes and systems that favour data accumulation. Changing these practices can be met with resistance from employees who are accustomed to the status quo.

Change management strategies that include communication, training, and incentives are essential. Highlighting the benefits of data minimisation, such as reduced compliance risks and lower data management costs, can help overcome resistance. Leadership must also champion the cause, setting an example by prioritising data minimisation in their own decision-making.

Data-Driven Culture Misinterpretation

Many organisations promote a data-driven culture, which can sometimes be misinterpreted as a mandate to collect as much data as possible, especially with the rise of AI. The emphasis on data for decision-making can overshadow the importance of responsible data practices, including minimisation. In fact, as information hoarding rises, businesses find it more difficult to extract value from that information and the risks associated with that information grow significantly. 

Reframing what it means to be data-driven is critical. A true data-driven culture should prioritise the ethical and efficient use of data, not just its collection. Organisations should foster a culture where data minimisation is seen as a best practice that enhances the quality of insights and protects individual privacy.

Lack of Awareness and Understanding

Employees across various levels of an organisation often do not fully understand the concept of data minimisation or why it is important. This lack of awareness can lead to unintentional over-collection of data.

Comprehensive training programs that educate employees about data privacy laws, the principles of data minimisation, and their organisation’s specific policies are essential. Regular workshops, e-learning modules, and real-world examples can reinforce the importance of collecting only the data necessary for specific tasks.

Gatekeeping

In some organisations, certain employees or teams may act as gatekeepers to data, controlling access and retention to maintain power or control. This gatekeeping can hinder data minimisation efforts, as these individuals may resist deleting data they believe is within their domain, even when it is no longer needed.

Promoting transparency and a collaborative approach to data management can help reduce gatekeeping behaviour. Establishing clear data governance policies that define roles and responsibilities for data retention and deletion is essential. Encouraging open communication and shared responsibility can help break down silos and ensure that data minimisation is a collective effort.

Not My Server-Not My Problem

When data is stored on servers that are not directly managed by an individual or team, there may be a tendency to disregard responsibility for it. This “out of sight, out of mind” mentality can lead to the accumulation of obsolete or redundant data.

Promoting a culture of shared responsibility is crucial. Every employee should understand their role in managing data, regardless of where it is stored. Regular training sessions, clear communication, and accountability measures can help ensure that data minimisation is seen as a collective responsibility rather than someone else’s problem.

Practical Steps to Promote Data Minimisation

The following are some practical steps you can take to help embed a culture of sensible data management and data minimisation in your organisation:

1. Implement Privacy by Design

Embedding data minimisation into the design of products, services, and processes ensures that unnecessary data collection is avoided from the outset. This proactive approach aligns data collection practices with privacy laws and regulations. 

Related read: How Privacy By Design Can Reduce Data Breach Worries

2. Regular Data Audits

Conducting regular audits of the data being collected, stored, and processed helps identify areas where data minimisation principles are not being adhered to. These audits can lead to the elimination of redundant or unnecessary data, reducing the overall data footprint.

3. Automate Data Retention and Destruction

Utilising tools that automatically enforce data minimisation, such as setting expiration dates for data or anonymising personal information, can help maintain compliance with data minimisation policies without relying solely on manual processes. 

4. Promote a Culture of Accountability

Creating a culture where employees feel responsible for the data they collect and manage is crucial. Encouraging transparency, open dialogue, and accountability can lead to better data practices across the organisation.

Conclusion

Data minimisation is more than just a regulatory requirement; it is a fundamental principle of responsible data management. However, its successful implementation requires overcoming significant behavioural and cultural challenges. 

By addressing the underlying causes of data hoarding and resistance to change, and by fostering a data culture that prioritises quality over quantity, organisations can not only comply with data protection laws but also build trust with customers and stakeholders. Embracing data minimisation as a core value will lead to more sustainable, ethical, and effective data practices in the long run.

Contact us to discuss how data minimisation could benefit your organisation or to improve your organisation’s data retention practices and policies.

References

  1. Sweeten, George; Sillence, Elizabeth; Neave, Nick (2018). “Digital hoarding behaviours: Underlying motivations and potential negative consequences”. Computers in Human Behavior. 85: 54–60. doi:10.1016/j.chb.2018.03.031S2CID 49487239.
  2. Centre for Research and Evidence on Security. (2020). Cybersecurity Risks of Digital Hoarding Behaviourshttps://crestresearch.ac.uk/types/report/
  3. Thorpe, Susan; Bolster, Alexander; Neave, Nick (2019). “Exploring aspects of the cognitive behavioural model of physical hoarding in relation to digital hoarding behaviours”. Digital Health. 5doi:10.1177/
  4. Dabbish, Kraut, Fussell, & Kiesler, 2005 https://dl.acm.org/doi/10.1145/1054972.1055068

Privacy, security and training. Jodie is one of Australia’s leading privacy and security experts and the Founder of Privacy 108 Consulting.