How will the EU's 'right to forgotten' work in practice?
- Reduce text size Decrease text size
- Increase text size Increase text size
- Print article Print
- Jump to comments Comment
- Share this article Share
- Email article to a friend Email
The European Commission plans to amend its Data Protection Directive to protect individuals’ ‘right to be forgotten’, but that raises a number of complex questions that have to be resolved
In the 1990s, the web was a place of anonymity. “On the Internet, nobody knows you’re a dog,” a famous New Yorker magazine cartoon joked in 1993.
But things have changed since then. Today, everyone knows you’re a dog.
The growth of social networking sites, the use of data gathering and mining by businesses and the increasing sophistication of search engines mean that anyone who wants to conceal their online identity now needs both determination and a considerable amount of technical knowledge.
Businesses routinely gather, store and analyse online information about consumers, often without their knowledge. Last year, MP Tom Watson wrote to health secretary Andrew Lansley asking why four web analytics companies were able to track users as they visited pages on the NHS Choices website.
This is not for want of opposition. Social networking giant Facebook has often come under criticism for the way it handles user privacy, while Google has been censured in several European countries for gathering data through individuals’ Wi-Fi connections as part of its Street View project.
And there are growing concerns about the way that third-party profiling websites, as well as tools used by businesses to ‘mine’ opinions, views and sentiment about their brands online and on social media, are creating vast, and largely unregulated, stores of personal information.
But remaining anonymous is still an “ever increasing challenge” for consumers, the UK’s information commissioner, Christopher Graham, has remarked.
Now, the European Commission is getting ready to take action. In a set of proposed amendments to its directive on data protection, which forms the basis of data protection laws in member states, including the UK’s Data Protection Act, the EC has included measures to protect an individual’s ‘right to be forgotten’.
In a consultation document explaining the proposed amendments, the EC articulated this as “the right of individuals to have their data no longer processed and deleted when [it is] no longer needed for legitimate purposes.”
According to Viviane Reding, European commissioner for justice, citizens should be able to refuse consent for data about them to be processed, withdraw their consent at any time in the future, and ask websites and other services to remove any information about them from online and offline data stores. According to a spokesperson for the commissioner, “It is your data, and it is gone for good.”
Continued...
