Digital hoarding is very common – especially for emails. A ‘difficulty deleting’ factor represents a more emotional attachment to files and may apply to digital items with more personal value. Does a business or department know the amount and type of files that employees are routinely keeping?
Those in a workplace with data protection responsibilities accumulate and retain more digital files than those without such responsibilities.
Lack of deletion is typically driven by the demands of the job. A worker may be aware that digital hoarding might lead to negative consequences for themselves, and their organisation; yet they persist. Those scoring higher in physical hoarding personality characteristics are more likely to display digital hoarding behaviours. There appears to be four types of digital hoarders: the ‘Collector’, the ‘Accidental Hoarder’, the ‘Hoarder by Instruction’ and the ‘Anxious Hoarder’.
These are among the findings of a project funded by CREST, the Centre for Research and Evidence on Security Threats.
As the researchers – Dr Elizabeth Sillence and Dr Kerry McKellar; and Profs Nick Neave and Pam Briggs – point out, digital hoarding unlike physical hoarding does not show up in living space (or lack of it), yet personal and professional life may still be negatively affected by such behaviours and the workplace may suffer as a function of operational inefficiencies resulting from excessive digital clutter.
Digital hoarding has clear implications for cybersecurity and data protection within organisations, they add. Developing a greater understanding of the different characteristics of individuals with data hoarding tendencies will enable organisations to mitigate these cybersecurity risks. Organisations may not realise the extent of digital data accumulated; much of it likely to contain personal data. “For example, personal information about candidates for a post or personal data around student circumstances may be kept as undeleted emails or as saved documents, either intentionally or accidentally. Ultimately, such practices can render both the individual .”and the organisation at risk of non-compliance with GDPR [EU-wide general data protection regulation].”
As the 34-page report says, to get around storage limits, staff may use cloud platforms. “These are popular choices for individuals because they offer large or unlimited storage space that requires little maintenance from the user. However, cloud platforms can raise additional privacy concerns that users may not fully understand.”
For more visit the CREST website at: www.crestresearch.ac.uk/projects/cyber-security-risks-digital-hoarding/.
