What’s the difference between erasing, formatting, overwriting and destroying?

When disposing of end-of-life laptops, hard drives or smartphones, it’s critical to ensure that data is truly gone. Yet the terms erasing, formatting, overwriting and destroying are often used interchangeably. In reality, these methods differ greatly in effectiveness, security and legal compliance. Especially in Europe, where GDPR and information security are paramount, data carriers must be processed correctly.

Erasing a file usually means removing it from the operating system, for example by dragging it to the recycle bin and emptying it. However, the actual data remains on the storage medium and can easily be recovered using simple software. That’s why erasing is never a secure method for deleting sensitive data.

Formatting is often seen as a thorough way to clean a device, but this is misleading. Whether it's a quick or full format, the file system structure is simply rebuilt. The underlying data usually remains intact and can often be recovered. Formatting does not meet GDPR standards and is not recognised by European authorities as valid data erasure.

Overwriting replaces the entire content of a storage device with random data or zeros. This method is designed to permanently erase data, especially on traditional hard drives (HDDs). However, with flash storage like SSDs, USB drives or smartphones, overwriting is more complex, since not all memory cells are accessible by the operating system.

That’s why professional software is essential. Tools like Blancco or YouWipe overwrite data according to international standards (such as NIST 800-88), verify whether each sector has been securely wiped, and generate a certified report. This report includes the serial number, the method used, the date and verification results. For companies and governments, this offers a reliable and compliant solution that meets GDPR, ISO 27001 and other regulations.

Physical destruction means the data carrier is mechanically or thermally destroyed, by shredding or incinerating. This is the only method where the storage medium no longer exists, making data recovery impossible. For defective devices, physical destruction is often the only viable choice.

Out of Use offers organisations two secure forms of data destruction:

• Certified digital overwriting with professional tools such as Blancco, including verification and reporting
• Physical destruction of data carriers that are non-reusable or require extra security

This ensures your organisation’s old data is fully unreadable and irretrievable, with proof you can show during internal audits or external inspections.