[aeyes]

Sometimes it might be a single field in a 1MB nested structure that you have to remove. So it gets encrypted when the whole structure gets stored and when the field is to be deleted you just throw away the key instead of modifying the entire 1MB just to remove a few kB.

[dylan604]

If you're comparing gov't regulations to delete data to saving a few KB, then I think you're looking at this wrong.

[viraptor]

It's few KB per-record. In practice when schemes like that are applied, it means "in total we can remove this key and not rewrite 10M rows across 3 data stores which itself would cost $$$ and make the database and incremental backups cry".

[ByteJockey]

Bingo.

We did a similar thing except replacing the values with a UUID and storing the pair in a lookup table somewhere. Delete that row and none of the rest of the data is able to be tied back to a human being.

Bonus, most people didn't need that data, and it was no longer given out to everyone who grabbed the entire dataset.