Curiosity leads to far too much information
I discovered PhotoRec a few years ago after misdirecting a format command to the wrong drive. I'm sure you've been there. I also happened to pick up a few used SCSI disks around the same time as part of a PC-tinkering itch to play around with various controllers that used to be the stuff of dreams but now are completely redundant.
The previous owner had removed the partitions. Being a curious sort, I pointed PhotoRec at one or two of them. They must have belonged to a recruitment agency or similar, as vast quantities of photographs of passports, driving licenses, and various other identification docs were immediately recovered. No encryption of course.
Nice to know your personal data is being so carefully handled, no?
A blast of DBaN cleared the drives out good enough to me from recovering any more, though DBan and Sledgehammer might be necessary to stop the truly determined!
Obviously this was all pre-GDPR but one has to wonder if it would now be possible to file a lawsuit on behalf of those whose data was not suitably disposed? There is the minor problem that identifying those individuals in the first place to tell them employment agency X has screwed up would itself be a contravention of GDPR. So how does one ever get justice over sloppy handlers...?