Why Can't Europe Just Forget The Ridiculous Idea Of A 'Right To Be Forgotten'
from the we-can't-forget dept
We've talked about what a dumb idea a "right to be forgotten" is in the past, and yet, Europe keeps looking into just such a law. A leaked copy of the EU's new Data Protect Directive includes a clear "right to be forgotten" initiative:To strengthen the 'right to be forgotten' in the online environment, the right to erasure should also be extended in such a way that any publicly available copies or replications in websites and search engines should also be deleted by the controller who has made the information public.Basically, if there's any information about you online -- even information you created yourself and posted online directly -- that you suddenly decide shouldn't be online any more, you can demand its removal. This is pretty ridiculous for a variety of reasons. While it's positioned as a form of "privacy," that's insane. There's no "privacy" in information you've already released publicly. Pretending that the information can just "disappear" is fantasy-land thinking by EU politicans.
Failing to delete the info in question can lead to rather large fines, up to 1% of a company's revenue. As someone who runs an American company, this bill is particularly worrisome to me. Because of an agreement between the US and the EU, if we allow anyone from Europe to use Techdirt, we have to promise to follow standard privacy practices that meet EU standards and pay some company a yearly fee to make sure we're in compliance. We've done this (even though I'm sure that many, if not most, American websites ignore this rule). But now I need to go explore if this means we would have to delete any old comments from Europeans. As a rule and policy, we do not delete old comments from Techdirt. We get requests from time to time (and every so often a legal threat), but we stand by our policy. If suddenly we have to worry about massive fines from Europe just because someone regrets what they said in a comment years ago, I'm not sure what we'll do. At the very least, we'd have to explore banning comments from Europeans on the site.
What really gets me about this is that the entire "right to be forgotten" doesn't seem to serve any legitimate purpose, other than to pretend that you can somehow delete public information that you later regret. I can't see how that solves any public policy issue, other than that people sometimes regret what they say or do. But out here, in the real world, people learn to get over such things, not to pretend the world is some magical fantasy land where they can delete history.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: europe, privacy, right to be forgotten
Reader Comments
Subscribe: RSS
View by: Time | Thread
Right to not exist
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
The problem is, the internet is all interconnected like some kind of large mesh of ropes that are tied to each other. Everything is connected, and chopping pieces out would have widespread effects on the rest of the net.
[ link to this | view in chronology ]
Re: Re:
You should have the burden of identifying who holds your data and request they delete it. If you miss a few, your problem.
You cannot just request that your data be deleted, and all companies working in Europe have to scour their databases etc to look for you and delete your records.
[ link to this | view in chronology ]
Re: Re: Re:
Where will the line be drawn?
More importantly, who gets to draw it?
[ link to this | view in chronology ]
Re: Re: Re: Re:
Twitter.
[ link to this | view in chronology ]
One thing that really annoys me is forums/comment sections that don't allow you to edit or delete your own posts, even if you just want to correct a glaring spelling mistake. Every forum should allow someone to take their own content down if they later regret writing it, but saying it will then be 'forgotten' is naive. of course many of these same forums reserve the right to 'moderate' ie censor anything you post if it offends them.
The other huge issue is Google's cache. Again, google has the right to cache public information, but for example if I delete my Twitter account, I'd like to know that it won't remain visible on google for the rest of my life.
[ link to this | view in chronology ]
Re:
Why? Once you've posted it, you've generally given a license to use the content as they see fit, including (especially) their ability to keep showing it.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
If you don't want your stuff on the internet then stay off of it.
People are oversensitive and getting worse.
[ link to this | view in chronology ]
logic makes an unwelcome appearance
1) Would it be enough to bar Europeans, if information about Europeans is what must be redactable? That is, can the EU law (and US-EU agreement) force an American site to delete an American's post about a European doing something embarrassing?
2) If posts by Europeans are what must be redactable, would it be sufficient to not verify user identities? That is, if whether a comment must be deleted depends on whether it was posted by a European, and there is no way to prove that the user UK PM David Cameron is actually UK PM David Cameron (or was at the time of posting) then can the comment stay up?
[ link to this | view in chronology ]
Take this statement, for example: "There's no 'privacy'in information you've already released publicly". Suppose it's not YOU who released such information, but the government, a hacker, or an ex-lover. Mike, I'm sure there are things about you that you would rather not have online. How would you feel if they were?
I commend your stance about not deleting comments. Other than that, your stance on this issue is a bit of a head-scratcher.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
If you want to be forgotten, the only way to do so is to never have been known in the first place.
[ link to this | view in chronology ]
Re: Re: Re:
/ifailatinternetzagain
[ link to this | view in chronology ]
Re:
If you want to be forgotten, the only way to do so is to never have been known in the first place.
[ link to this | view in chronology ]
Walks like a duck
If it talks like censorship...
It must be censorship.
This is as bad as the private right to action in SOPA. I can see companies being overrun with requests to "forget me". It will be a nightmare and a burden on every internet company.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I love this idea!
I understand that failure to delete any information relating to me entitles me to 1%of the country's revenue; I'll accept gold as payment in order to prevent any further infractions that may occur via the issuance of a cheque.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
You don't need a law for that.
http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
While I'll admit that some of the current standards are hopelessly insufficient, we don't need a law. A law like that becomes the standard, and will not be easy to change when technology or the market changes. A law saying something to the effect of "credit card information must be deleted 90 days after final payment" virtually guarantees that it will be kept for 90 days even in a decade when it may be much better to delete it 15 days later.
[ link to this | view in chronology ]
I like the idea
But on the other hand, what is feasible is to force companies to accept requests to remove the information they have collected on you. Services such as Facebook, Google, LinkedIn, etc... They make a living out of collecting personal data. And that's where the right to be "forgotten" kicks in. You force them to allow you to delete the data they have on you... or face fines.
It's feasible and it protects privacy should you ever want to erase the information on you on a particular site that collected your information. How many times have you heard of sites like Facebook that "close" your account but somehow still keeps all the data. I sympathize with those people who want them to purge that data when closing the account, if specified.
[ link to this | view in chronology ]
Re: I like the idea
If Facebook deletes all of "your" data what happens with the following:
-Tags you put on photos, do they get removed?
-Comments on websites using the Facebook plug-in, do threads suddenly have strange gaps where your posts used to be?
-Messages and posts sent to your friends, do they suddenly disappear?
What happens when you delete your G-mail account? Do you expect every e-mail you ever sent to be deleted? Does Google send some type of special message out to every mail server and they "disappear" all of you messages?
The solution to this problem is simple, don't share information if you don't want other people to have it. I know it is hard in the digital era because of things like cookie tracking, but you do have the option not to signup for or sign into services. I for one don't have a Facebook account and I doubt I ever will, even though I work as a programmer and spend the majority of my time online.
[ link to this | view in chronology ]
Re: I like the idea
In some ways, personal data is currency on the web, you want to network using Linked in, you pay with information that Linked in will collect and probably use.
[ link to this | view in chronology ]
A cultural difference
Anyway, in this case, I wonder if this "right to be forgotten" is more along the lines of a "right to have personal data deleted" (it only applies to personal data, of course, so not merely comments), where keeping the data could amount to an invasion of privacy. The classic example that springs to mind would be the DNA (etc.) databases collected by UK police forces. While under exiting EU law you should be entitled to a copy of the information they have on you (subject to various exceptions) there isn't anything that allows you to get that data (or any other data an organisation holds on you) removed. This might provide such a right (although not if the police groups have a say).
Obviously the right proposed is far broader, but it aligns with the principle of "consent" that is fundamental to EU data protection law; one must consent for any sort of processing or publication of personal information, and that consent can be withdrawn at any point prior to an act of processing or publication. This "right to be forgotten" is merely a formal way of withdrawing that consent, and requiring action based on it.
As for the idea of demanding the removal of data you published yourself, again that doesn't seem too unreasonable; most services already provide some sort of removal capability (usually you have to do it yourself), and it doesn't seem too unreasonable to require such a capability (no different from taking down a poster you've put up somewhere, perhaps?).
[ link to this | view in chronology ]
Once it's on the internet it's like pee in the pool.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
If I want my data gone from Facebook, I should have that ability.
[ link to this | view in chronology ]
Re:
And if I want to cancel my Sears account, they should delete all data related to me as well. Sales records, everything! The sale never happened. They can change their income statements, inventory, taxes...
[ link to this | view in chronology ]
Re:
See how stupid this sounds? Now read your post again. Now back down here. Now up to yours. I'm on a horse.
[ link to this | view in chronology ]
Well if I have a right to be forgotton
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What goes around comes around
[ link to this | view in chronology ]
The right of the rich and powerful to have things they don't like about themselves to be covered up law.
Why not expand it to how far it actually needs to go, that we need to develop a technology to erase things about people from our minds, we can all queue up once a month to have the zaps delivered to make sure that none of us can remember a scandal or misdeed by someone.
It makes perfect sense.
Maybe a better amendment would be to add the caveat that this law can not apply to anyone who has ever held office.
It worked in Indiana where someone was pushing a drug testing for welfare recipients. Someone merely added an amendment that required the Asemblymen voting on this to undergo the same testing... they immediately withdrew the bill.
http://boingboing.net/2012/01/31/illinois-assemblyman-withdraws.html
It also got some attention in Virginia from a state senator doing battle with the anti-abortion minded...
"To protest a bill that would require women to undergo an ultrasound before having an abortion, Virginia State Sen. Janet Howell (D-Fairfax) on Monday attached an amendment that would require men to have a rectal exam and a cardiac stress test before obtaining a prescription for erectile dysfunction medication."
http://boingboing.net/2012/01/30/va-state-senator-attaches-rect.html
There does seem to be a general disconnect from these absurd ideas until you make them apply to everyone.
[ link to this | view in chronology ]
Quid pro Quo
If some teenager (such as the ones recently barred by US security) who post something silly on Facebook, want it to still be there 10 , 15, or 20 years from now. Please Mr Zuckerman take it down, or Mr Zuckerman if you don't take it down you will hear from my lawyer. Which would YOU prefer?
[ link to this | view in chronology ]
Re: Quid pro Quo
And the person made his feed private now so he is no longer being monitored by DHS or General Dynamics scouring the web looking for people showing them in a bad light.
[ link to this | view in chronology ]
Anonymity
[ link to this | view in chronology ]
The Basic Problem Is, The Law Won’t Work
Doesn’t matter whether you think such a law is morally justifiable or not, the basic fact is that it would be unenforceable.
Yes, people are doing stupid things on the Internet, and then regretting it later. Yes, it is having devastating effects on some lives and careers. Seems like the only real answer is for people to stop being so judgemental about such peccadilloes.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Shouldn't they be worried about making complete privacy the default option on any service rather than opt-in like Facebook (and others) frequently present stuff?
I can see the reasoning behind this but they are going at it the wrong way.
[ link to this | view in chronology ]
Re:
I don't think that's an appropriate matter for legislation. As long as they're not doing anything fraudulent or deceptive, you can choose to use the service or not.
[ link to this | view in chronology ]
This means that Techdirt doesn't have to do much if an EU citizen wants their personal information removed. In this case the personal information is limited to their name and email address. All it would take is a simple database search on that person's email, and to replace the name and email with suitable anonymous values. That makes the commenter nothing more than an Anonymous Coward.
The main intent of the law is for firms that hold large quantities of personal (and potentially sensitive) information on an individual. Marketing companies, for example, would have to remove any identifying data on that person. They would not, however, need to remove that data from any anonymous aggregates that they use for statistical purposes.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
eh?
I'm a web designer and forum owner, and I welcome this idea. It's not hard to give a person a "delete my account" button. You don't even need to remove the posts, just remove the name associated with the posts.
This is more to do with facebook, google and other massive websites building profiles on it's users, then keeping it forever. Facebook starts making a profile for you even if you don't have a facebook account. All they need to do is give the option to the user to hard erase all information connected to their account, that's not hard, that's not infeasible. So this won't be used to to delete random comments, but to delete the profiles sites make on you.
I think you're all taking the word "forgotten" way too literally, of course they don't think the information will be forgotten, but it will be deleted.
[ link to this | view in chronology ]
Superinjunctions etc
I worry about a few things with a "right to delete" law such as this.
John Smith writes on Techdirt "the sky is red"
Peter Jones writes "John Smith says the sky is red but I disagree".
John Smith writes to Mike and demands his remark is removed.
Does Mike have to find and remove Peter Jones' comment too ?
I would like to see
- the right to ask Facebook et al to COMPLETELY delete an account and all related historic data
- a company such as Facebook make it clear in their TOC when you signup that there might be a charge for this and what the charge would be. (Then they can't complain about the urden)
- where I signed TOC's that hand over copyright of my postings, there should be a clear fee structure for buying it back.
- the company would also make it clear where their responsibility ends (ie with their own servers). Mirrors, caches etc held elsewhere are not their problem and they won't scour the internet clearing up stuff that propagated as a result of it being publically accessible at some point.
I heard someone on the news (a publicist) complaining that a 1 week jail term 20 years ago was the first thing that comes up on google about his client. I thought "tough".
I don't think ANYONE should be able to censor facts that have at anytime been in the public domain. And that includes people running for office with previous DUI's etc. A fact is a fact, and it can't be copyrighted and shouldn't be censored.
Therefore if I choose to demand to redact my comments in a forum
- I better make sure I didn't give away the copyright first (read the TOC's !) or else be prepared to buy it back.
- I should understand that the FACT that I made comments on the forum will be true and available in the public domain , even if the content is not.
I don't think it's unreasonable for google to remove cached copies of content where the original content has been legitimately removed by some legal process. I'm sure they do already , but that's just a personal guess.
[ link to this | view in chronology ]
IP block Europe, then declare the problem solved. The idiots raising a fuss will buy it and never bother you again, and everyone else will use a proxy.
[ link to this | view in chronology ]
Problem lies between keyboard and chair, not with the technology.
Worst comes to worst, ban European IPs from posting. Yeah they can use proxies, but then the comment will have the appearance of originating somewhere other than Europe so you could plead ignorance.
[ link to this | view in chronology ]
Can someone explain to me...
I don't know though. Am I interpreting the bill wrong? Someone want to explain to me how this is a bad bill?
[ link to this | view in chronology ]
How about the delete button?
Simply code a delete button into the site and allow people to delete their own comments at any time.
The End
p.s. If someone posts anonymously and can't delete, well, then their privacy or "right to be forgotten" is not being infringed then, is it?
p.p.s. If someone quoted them before they erased their post, well, too bad. Their words are no longer just their own. You got caught saying something you believed. Deal with it.
[ link to this | view in chronology ]
Re: How about the delete button?
[ link to this | view in chronology ]
Re: How about the delete button?
That is what happens when you publish to a communication platform.
Deal with it.
[ link to this | view in chronology ]
Who's there?
Let's go on a bike ride!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Regardless of whether these laws get enacted, I would propose to the W3C a new tag: so if information DOES disappear we'll have searchable evidence of it - and, as a bonus, we'll get those groovy blacked-out lines wherever info is redacted.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What about metadata?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]