Comment except when it is, because you don't (Score 1) 91
You make an excellent point. A corollary is a bit of a counter-point. Sometimes you DON'T need to decrypt it, and in those cases you shouldn't be able to.
The most obvious example is passwords. You store those as salted hashes which can't be decrypted. You don't need to know what their password is, you only need to know if it's the same as what they entered or not . We can apply the same principle to data we use for fraud prevention. We want to know if this transaction attempt is coming from the same device / os / ip / location that the legitimate user normally uses. We don't have to store their previous data, only a hash so we can see if the new attempt matches or not.
The OPM didn't need to store details of the applicants' past indiscretions. They could have simply encoded it as a risk score, 1-5. That's like a hash of the narrative, in a aay, irreversible but still useful. Then people couldn't be blackmailed or outed with the information.