The ‘Right to be Forgotten’ – Worth remembering?

https://doi.org/10.1016/j.clsr.2012.01.006Get rights and content

Abstract

In the last few years there has been a lot of buzz around a so-called ‘right to be forgotten’. Especially in Europe, this catchphrase is heavily debated in the media, in court and by regulators. Since a clear definition has not emerged (yet), the following article will try to raise the veil on this vague concept. The first part will weigh the right’s pros and cons against each other. It will appear that the ‘right to be forgotten’ clearly has merit, but needs better definition to avoid any negative consequences. As such, the right is nothing more than a way to give (back) individuals control over their personal data and make the consent regime more effective. The second part will then evaluate the potential implementation of the right. Measures are required at the normative, economical, technical, as well as legislative level. The article concludes by proposing a ‘right to be forgotten’ that is limited to data processing situations where the individual has given his or her consent. Combined with a public interest exception, this should (partially) restore the power balance and allow individuals a more effective control over their personal data.

Introduction

The Internet doesn’t forget.

Personal data has become the currency on the Internet. It is collected, stored and used in an ever-increasing variety of ways by a countless amount of different users, producing a “panopticon beyond anything Bentham ever imagined”.1 Cheap sensors,2 have made ‘little big brothers’ out of all of us,3 producing a complex interaction between our different roles as data controller and data subject. In this ‘global village’4 where every piece of information can be remembered until eternity, the question of control over one’s ‘personal data’ becomes the more important. The idea of a ‘right to be forgotten’ – currently being pondered by the European Commission5 – has been pushed forward as an important materialisation of this ‘control-right’. Although many cases6 seem to validate the introduction of this right, when thought through, there are many difficulties and conflicting values at stake. After a critical evaluation of its pros and cons, this article will examine the practicability of a ‘right to be forgotten’ following Lessig’s four principal ‘regulators’ (norms, market, code and law).

Section snippets

Definition

The right of individuals to have their data no longer processed and deleted when they are no longer needed for legitimate purposes.7

Norms

The ‘right to be forgotten’ is a mere crystallisation of the more fundamental wish for ‘control’ over one’s personal data. Although norms with regard to protecting privacy vary among different countries and regions,53

Balanced approach

The first chapter of this article gave a concise overview of the current debate on the ‘right to be forgotten’. Whereas the right seems to give back control to individuals and constitutes some sort of ‘check’ on the data controller’s behaviour, it became clear that the right has some important drawbacks as well. In its original form, the ‘right to be forgotten’ only comes ex post, conflicts with free speech (enabling subtle censorship), is very hard to effectively implement in practice and only

Jef Ausloos ([email protected]), Legal Researcher Interdisciplinary Centre for Law & ICT (ICRI-IBBT) KU Leuven.

References (0)

Cited by (77)

View all citing articles on Scopus

Jef Ausloos ([email protected]), Legal Researcher Interdisciplinary Centre for Law & ICT (ICRI-IBBT) KU Leuven.

View full text