EU regulation on "right to be forgotten" to allow you to cleanse your internet history?
Poor old Paris Brown eh? The Daily Mail really showed that 17 year old girl who was boss. Of course, whether you agree with the idea of a youth commissioner at all, and regardless of young Paris’ suitability for the job, it does highlight the perils of modern life online. Would you be happy if a comment you made online a number of years ago came back to bite you and prevented you getting a job?
The EU has been a bit hit and miss recently with data directives- the one about opting in to mailings is probably well received (by consumers, if not by dirty marketeers) but the new cookie law has just meant time and trouble for businesses and resulted in disinterested annoyance for most consumers.
However, new proposals in the EU’s latest general data protection regulation are seeking to uphold the “right to be forgotten”, that is, the right to be able to delete historical information held about you on the web.
Article 17 of the proposed regulation says that everyone should have the right to remove unnecessary personal data from the web and that it will be the service providers’ (data controllers’) responsibility to do so “without delay”. Furthermore, if that data controller has shared the deletable information with any third parties, it is also their responsibility to contact these third parties and arrange for deletion of the data. The penalty for non-compliance would be a fine of €500,000, or up to 1% of worldwide turnover. Heavy stuff.
Now. While most people would probably support the notion of being able to delete old stuff, this regulation would affect all data controllers in a fairly heavy-handed way. The UK is currently opposing the regulation on the grounds that they want it amended such that someone wishing to delete personal information will need to contact all the relevant third parties themselves. The UK also wants country-specific rules on the right to be forgotten, which is fine for websites only operating in one country, but a potential nightmare for sites with multinational users.
And there are more potential problems. As noted in The Drum, the broad brush of this right to be forgotten could result in abuse and censorship of the web- when ‘celebrity’ tweeters offer money to get someone’s arms broken or link to porn, will they be able to demand anyone savvy enough to have taken a screenshot must delete it to protect their rights? And where there’s a right that can be thwarted, there’s a breeding ground for aggressive (and expensive) claims agencies. And if even Google and Facebook are struggling to comply with requests to remove photos (if you didn’t take the photo it’s not yours to remove), is it even enforceable?