What is Dark Data?
Dark data is information collected and stored by an organization but never analyzed, used, or leveraged, often containing personal data that creates unmanaged privacy risk.
Dark data refers to data that organizations collect and retain but do not actively use for any business purpose. Research estimates that 60-90% of enterprise data is dark data. This unused data often contains personal information that creates privacy risk without corresponding business value—it increases breach exposure, storage costs, and compliance complexity.
The storage limitation principle under GDPR and DPDPA requires that personal data not be kept longer than necessary. Dark data by definition fails this test. DiscoverIQ illuminates dark data by scanning all data repositories and identifying personal data that is stored but not actively accessed or used, enabling informed decisions about retention or deletion.
Relevant Regulations
How IQWorks Helps
Related Terms
Shadow IT
Shadow IT refers to technology systems, applications, and cloud services used within an organization without formal IT department approval or oversight.
Data Discovery
Data discovery is the automated process of identifying and cataloging personal data across an organization technology landscape, including databases, file systems, cloud storage, and SaaS applications.
Data Retention
Data retention refers to policies and practices governing how long personal data is stored before being deleted or anonymized, aligned with regulatory storage limitation requirements.
Data Minimization
Data minimization is a core data protection principle requiring organizations to collect and process only the personal data that is strictly necessary for the specified purpose, and no more.