Giving away an old laptop, desktop, tablet, or external drive feels responsible — especially if the device still works. But before handing it off, remember this: deleting files is not the same as destroying data. In many cases, deleted files can still be recovered with basic data recovery tools, which means your photos, tax documents, saved passwords, bank statements, and personal records may still be sitting on the device.
Why deleting files is not enough
When you drag a file to the trash or recycle bin, the device usually removes the visible shortcut to that file. The actual data may remain on the drive until new data overwrites that space. The FTC explains that deleted files can stay on a computer and may be retrieved with data recovery software unless the drive is properly wiped. FTC guidance on removing personal information
That matters because old devices often contain sensitive information, including:
- Saved passwords and browser sessions
- Tax returns and financial records
- Medical documents
- Personal photos and videos
- Email archives
- Account numbers and identity documents
How big is the data exposure problem?
Data exposure is a massive and ongoing risk. The Identity Theft Resource Center says its breach database includes more than 25,200 tracked data compromises, nearly 12 billion victim notices, and approximately 79 billion exposed records. Identity Theft Resource Center 2025 Data Breach Report While not every exposure comes from discarded devices, the statistic shows why personal data needs to be treated carefully at every stage — including device disposal.
What does it mean to overwrite data?
Overwriting means replacing old data with new, meaningless data so the original files become extremely difficult or impossible to recover. NIST describes media sanitization as a process that makes access to target data infeasible for a given level of effort.
For everyday consumers, that usually means using one of these methods:
- Factory reset with secure erase options
Useful for phones, tablets, and newer computers when the built-in reset tool includes secure erasure. - Disk wiping software
Best for older hard drives where deleted data may still be recoverable. - Cryptographic erase
Works when the device is encrypted and you erase the encryption key, making the data unreadable. - Physical destruction
Best for broken drives or devices that contained highly sensitive information.
What should you do before giving away a device?
Use this quick checklist:
- Back up important files
Save photos, documents, contacts, and records to cloud storage or an external drive. - Sign out of accounts
Log out of Apple ID, Google, Microsoft, email, cloud storage, and password managers. - Remove saved payment methods
Check browsers, app stores, and shopping apps. - Encrypt the device first if possible
Encryption adds protection before wiping. - Use a secure erase or overwrite tool
Don’t rely on regular deletion alone. - Reset the device to factory settings
This prepares the device for the next owner. - Remove SIM cards and memory cards
Phones, tablets, cameras, and some laptops may contain removable storage.
Special note for SSDs
Solid-state drives work differently than older hard drives. Traditional overwrite tools may not reliably erase every storage block because of wear leveling. For SSDs, use the manufacturer’s secure erase tool, your operating system’s built-in erase feature, or cryptographic erase when available. NIST’s latest media sanitization guidance emphasizes choosing sanitization methods based on the type of media and sensitivity of the information.
Before you recycle, donate, sell, or give away a device, wipe it properly. Deleting files is not enough. Back up what you need, sign out of accounts, use secure erase or overwrite tools, and make sure your personal information is gone for good.
