When you delete a file on a computer running the Windows operating system, the file is sent to the Recycle Bin. The Recycle Bin is just another folder on your hard drive. The file can easily be recovered by opening the Recycle Bin, clicking on the file name, and selecting Restore in the menu.
You can delete a file without sending it to the Recycle Bin by holding down the [shift] key while you delete the file. (Turn off the NUM LOCK key, or use the DEL key that's not in the numeric keypad.) But this still does not erase the file.
When you delete a file, if your system uses the FAT (File Allocation Table) file system, which is the only one available for older Operating Systems such as Windows 98, it removes the file's name from the directory and puts a special code in the first character of the file's FAT entry to indicate that those allocation units are available for new files. The file data itself is stored completely separate from the directory and FAT and remains intact on the storage device.
Newer Operating Systems, like Windows XP, use the NTFS (New Technology File System) which replaces the FAT and directory with the MFT (Master File Table). When a file is deleted, the Operating System marks the file name in the MFT with a special character to indicate that those allocation units are available for new files. Again, the file data itself is stored completely separate from the MFT and remains intact on the storage device.
Defragmenting or formatting the storage device may relocate the clusters occupied by the deleted file, but the file data may still remain intact on the storage device. Over time, saving new files on the storage device may cause some, or all, of the deleted files allocation units to be overwritten, but until then, there are many utilities available which can be used to recover your deleted file.
If your system uses a FAT storage device, someone can simply use the DOS undelete command followed by the name of the file. If they don't know the name of the file, they can type undelete without a file name and it will undelete all deleted files, prompting them one at a time.
If your system uses a NTFS storage device, someone can use Norton Utilities, or one of the many NTFS undelete utilities available for free on the Internet, including NTFS boot disks and live Linux CDs. The NT Resource kit contains a utility called DiskProbe which can be used to search for and view the data on a disk.
Many people delete all their files before they donate or give away their computer, not realizing that their private information is easily recoverable. Even reformatting a drive does not completely erase the data. This poses a significant risk of identity theft. The only way to really erase a file is to use one of the many file shredders or secure delete utilities.
There are many secure delete utilities available for free on the Internet. These utilities overwrite the file's data with a bit pattern, making the file unrecoverable. SDelete (Secure Delete) is a Sysinternals utility that can be downloaded for free from Microsoft's web site.
To use SDelete, open a Command Prompt and type the command sdelete followed by the files path, or to securely delete and entire drive, enter sdelete followed by the drive's letter.
Note that agencies such the CIA can recover even shredded files by using sensitive instruments that analyze magnetic residuals on the storage media. SDelete claims to implement the Department of Defense clearing and sanitizing standard DOD 5220.22-M, which means it uses techniques that make files unrecoverable, even by technology that can read residuals on magnetic media.
If you think you're erasing your private information by deleting it, you may actually be leaving yourself exposed to the risk of identity theft. Use SDelete or one of the many secure delete utilities available for free on the Internet to make sure your file data is gone forever.