The Guardian today featured two articles that bring home the risks of governmental policies and directives seeking to enforce the ‘right to forget’. One was about Britain (wisely) seeking to opt-out of EU’s data protection regulation that dictates the right for people to delete information from the Internet, such as an embarrassing photo. The other article is about the British Library archiving the Web, in collaboration with other main copyright libraries. With one hand, many governments are seeking ways to enable libraries to overcome restrictions, such as copyrights, to capture our cultural heritage, while with the other hand, many governments are imposing regulations that will make it easier to erase that history. In the name of privacy and data protection, governments are legitimizing their role in censoring the Internet and Web, and creating new threats to freedom of expression.
Erasing history is not only Orwellian and unfeasible, given the scale of the Web, but it will have a chilling effect on freedom of expression – ushering in a legitimate government role in censorship, even in liberal democratic societies. It is clearly an issue of Internet governance that any advocate of freedom of expression should not ignore. It will also create a legal swamp by expanding law and regulation in the privacy and data protection area that is already fraught with uncertainties, and arguably already covers any abuse of personal privacy that is the target of right to be forgotten rules.
My apologies for this brief position statement, but I have written more about this threat to expression in a UNESCO publication and a review in Science. If you think I may wish to forget that I wrote these words at some future date, you may want to save it on your computer.
References
Dutton, W. (2010), ‘Programming to Forget’, a review of Delete: The Virtue of Forgetting in the Digital Age by Viktor Mayer-Schönberger in Science, Vol. 327, 19 March: 1456. http://www.sciencemag.org/cgi/content/summary/327/5972/1456-a
William H. Dutton, Anna Dopatka, Michael Hills, Ginette Law, and Victoria Nash (2011), Freedom of Connection – Freedom of Expression: The Changing Legal and Regulatory Ecology Shaping the Internet. Paris: UNESCO, Division for Freedom of Expression, Democracy and Peace. Reprinted in 2013; Trans. In French and Arabic.
What qualifies as personal data? Certainly credit card numbers, birth dates, and other personal identification information, but should drunk Facebook pictures, tweets about skipping work to go see a movie, and strip teases on webcams qualify? Or worse, individuals with a shady past who want to become public officials but wish to erase their histories in order to avoid public scrutiny? The definition of “personal” and “legitimate reason” have to be narrowly applied so that this “right” doesn’t spin out of control. http://lawblog.legalmatch.com/2013/05/02
Professor Dutton,
Thanks for the response.
According to commissioner Reding one of the key provisions of the “right to be forgotten” is:
“If an individual no longer wants his personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.”
Wouldn’t this provision address my use case? Since evernote and netflix have no legitimate reason to keep my data, they should be forced to remove it.
Saqib
Saqib, while I am sympathetic with your frustrations, I think your interpretation of the ‘right to be forgotten’ illustrates one part of the problem. It is aimed at the individual who might post a text or photo that could be damaging to themselves – in hindsight. For example, I might want to remove a photo of myself that I posted years ago. You are asking for a right to purge a service of all information they hold about you. I don’t think this policy would or should reach so far. But I can understand how you might think it would. Surely you don’t have the right to force a university or a landlord from holding information about you once you leave the institution or apartment. That is their record of your payments, their income, etc, which they must keep. So a huge problem with the ‘right to be forgotten’ is the uncertainty surrounding its definition.
Thanks for your comment, Bill
Professor Dutton,
For me the “right to be forgotten” is the basic right.
Last month I wanted to close “delete” my evernote account because of the security breach at evernote. But it turns out evernote does not let you delete your account. You can disable the account, but not delete. That means that evernote will store my account info for ever, and possibly the deleted notes in some archived manner.
Another example is Netflix. Even if you delete your account, it retains all your profile, preferences, payment details and any other associated information with your account forever. There is no way to get that deleted.
The “right to be forgotten” will help me in getting this situation remedied by forcing the service provider to delete my information once there is no longer a legitimate reason to keep it.
Saqib