What happens when you keep too much sensitive information longer than you really need it?
“Sony Cyberattack Hits Hollywood Stars, Too,” Wall Street Journal, December 5, 2014 B1. Recent hack got multiple copies of social security numbers, some from former employees.
Leaving aside how long you really need to keep that information, how many copies do you really need and do you adequately secure all those copies? Maybe Europe’s approach isn’t that bad.