Companies need to separate personal data from other data as early as possible. Yes, this requires some work and rethinking of data structures, it is doable though. Why would it be impossible to do this in your opinion? Do you have a more concrete example that we can discuss?
In General, I think requiring that companies do not hold on to your personal data indefinitely is a pretty reasonable regulation. If there were exceptions e.g. for backup data it would provide a convenient loophole for companies to keep the data.
Also, if companies keep copies of their personal data lying around it increases the risk of the data being stolen or leaked into the public. We have seen that even for the largest companies it's impossible to avoid "losing" data once in a while, so making sure that this data contains the least amount of sensitive information possible is very reasonable. The regulation does not even assume that companies are malicious, it just assumes that sh*t happens and tries to mitigate potential damage to individuals.
Companies need to separate personal data from other data as early as possible. Yes, this requires some work and rethinking of data structures, it is doable though. Why would it be impossible to do this in your opinion?
I'm very wary of making that assumption, because so much data could potentially be personal data even if it's not obvious. Remember that the real criterion here is data that is or could be linked to an identified individual. With the kind of progress being made with data mining and analysis and the kind of processing power being devoted to those activities today, there are few safe assumptions any more about what becomes impersonal data just because it's been "aggregated" or "pseudonymised".
Let's consider a common example. Suppose a business operates a web site, and like most such businesses it keeps server logs. Those logs are useful for a wide variety of purposes and some of the data may remain useful for long periods, to allow analysis of things like how the site is being used or whether certain patterns are useful for detecting potential threats, or even to provide evidence that a customer did in fact use the services on the site during a certain period in the event of a dispute over charges.
In themselves, those logs probably don't inherently contain personal data. However, each record does have data such as IP addresses within it, which may be quite easy to link to a specific customer in practice and thus make everything in that record into personal data.
Now, suppose a customer who has been using that site for a while stops, and then files a notice to remove all personal data about them that the site operator isn't legally allowed to keep despite that notice. In order to comply with that request, must the site operator therefore delete all records based on the server logs, including any backups or derived data, to which that customer might be connected?
I can't immediately see why the site operator would be allowed to keep those records with a literal reading of the new rules. However, removing them would potentially undermine useful and reasonable business functions such as those mentioned above. Moreover, the cost of doing so might be substantial, and the adjustments required so the infrastructure used to process those logs can support this sort of retrospective editing might also be substantial.
In such a case, I think the balance would usually be too far towards the individual. The imposition on the site operator is great, both in the effort to comply with the request itself and in the damaging effects on reasonable business practices. The risk to the visitor of that potentially identifiable data being used for typical purposes in connection with server logs is low. Unless there are other relevant factors that point the other way (perhaps if the site deals with a particularly sensitive subject) the cost to the site operator is almost certainly disproportionate to the benefit to the individual.
IP addresses are an interesting example, as they're explicitly mentioned as personal data in the directive since in many contexts they're sufficiently unique to associate them with a given user.
Really would like to discuss this further, if you're interested feel free to send me a mail (discoverable via my profile)
In General, I think requiring that companies do not hold on to your personal data indefinitely is a pretty reasonable regulation. If there were exceptions e.g. for backup data it would provide a convenient loophole for companies to keep the data.
Also, if companies keep copies of their personal data lying around it increases the risk of the data being stolen or leaked into the public. We have seen that even for the largest companies it's impossible to avoid "losing" data once in a while, so making sure that this data contains the least amount of sensitive information possible is very reasonable. The regulation does not even assume that companies are malicious, it just assumes that sh*t happens and tries to mitigate potential damage to individuals.