I posted this story on a non-technical message board I frequently visit, as a service for some of the users there who might not have a clue on how easy it is to retrieve data from a supposedly-formatted drive. I decided to pass it along here as well. I think privacy is very important, and with the proliferation of electronic devices that store data, it's getting easier to retrieve information from others.
Here's a story of some dumb-ass kids who recorded themselves smoking weed on a digital camcorder, returned the camcorder to the store, forgot to erase their tapings (most likely due to said kids smoking weed previously) and the next person who bought the open-box camera from the story posted the videos all over the Internet for all the world to see:
Remember to delete your stuff from electronic equipment if you're returning it, selling it or giving it away. And even then, be wary of it.
I was once sold a USB flash drive from a friend, and although my buddy deleted the contents, I was able to see what he had their previously before with a freely-available program off the Internet (don't remember exactly which one right now), out of curiosity. Dude had some... let's say 'interesting' pics of his then-girlfriend.
His way of deleting the contents was to simply do a quick format on the drive from his Windows machine before giving it to me. To avoid all the technical details, for those who don't know, what this does is simply destroy the FAT table and/or boot sector, which is a sort of 'table of contents' for the drive, thus nothing appears when you try to access the drive. But the data is still in the drive's sectors, and unless you rewrite those sectors (either by copying something new in the flash drive or using some software, which I'll get to in a minute), they're easily accessible.
The program I've used for a while with Windows is called Eraser (I carry a portable version of this program on my USB drive, called Eraser Portable), which makes sure your data is clear from your portable device (like flash drives, SD cards for digital cameras, even iPods). In short, what this does is over-write the sectors on the drive multiple times with 'garbage', so it'll be virtually impossible to get that information from freely-available tools. I'm guessing the government has more advanced tools, so for the overtly paranoid, you'd be better off just smashing the drive to pieces and dipping them in a vat of acid.
Just wanted to pass this info along so you people can keep your privacy, and know how easy it is to grab a hold of your data.