Where Laws are Needed

The unresolveable problem with secure deletion is that there are two conflicting requirements. Sometimes you want to be able to get things back easily; other times you'd rather you couldn't get at them than anybody else could get at them. You can't have it both ways: if there's a way that you can recover data, then so can someone else. (It occurs to me that on a non-toy OS, /etc and most of /usr and /home fall squarely into the former category whereas /tmp and much of /var fall into the second category. Can anyone say per-filesystem defaults?)

Surely a better idea would be to pass a law stating that anyone who *acquires* any kind of used storage device should be bound to secrecy in respect of its contents (unless specifically authorised)? Anyone who buys a used disk drive with intent to put it into service should first perform a write test on *every* sector anyway (an ideal opportunity to obliterate any remaining data) -- if they don't, they're a bloody idiot.

There are ways to game such a system, but I'm not sure they are really any worse than the system we already have.