Skip to main content

Do you have the ‘right to be forgotten?’ EU citizens may soon

Image used with permission by copyright holder

The European Commission has outlined a proposal for reforming data protection laws in the European Union, touting the move as a way to both protect consumers’ and individuals’ privacy as well as save businesses billions every year by reducing the overhead needed to comply with current regulations. As outlined by EU Justice Commissioner Viviane Reding, the proposed laws would make data protection requirements uniform across the EU’s 27 member states, increase penalties for rule breaches, and would enshrine both a right for people to access and transfer their personal data as well as a “right to be forgotten” — that is, have data about them deleted it there are no legitimate reasons to keep it.

If enacted, the proposed regulations would be the first comprehensive reform of European data protection standards since 1995.

“The protection of personal data is a fundamental right for all Europeans, but citizens do not always feel in full control of their personal data,” said EU Justice Commissioner Viviane Reding in a prepared statement. “My proposals will help build trust in online services because people will be better informed about their rights and in more control of their information. The reform will accomplish this while making life easier and less costly for businesses.”

EU Justice Commissioner Viviane RedingSetting standards

The EU’s 1995 Data Protection Directive guaranteed EU citizens a right to data protection, but the specifics have been difficult to manage, with different member states implementing the law in different ways. Similarly, the complexity of inter-jurisdictional cases (where, say, a user is in one country and a company with data about them is in another — or outside Europe) created even more headaches. The result is that businesses looking to manage data responsibly have to deal with scores of different sets of regulations and enforcement agencies, and citizens often have little idea where to turn if they’re concerned about how their data is being used. And they are concerned: A recent Eurobarometer survey (PDF) found seven out of 10 Europeans are worried their personal data may be misused.

To keep businesses happy, the new regulations would impose a single set of data protection rules that would apply across the entire EU. And while businesses and individuals would still have to deal with individual data protection authorities in their respective countries, they can work with that single agency even then data is being processed by companies outside the EU. The idea here is to reduce paperwork, bureaucracy, and administrative costs: The European Commission estimates the changes will save businesses about €2.3 billion a year. In exchange for lower regulatory burdens, companies also have some stiffer requirements: They have to report data breaches as soon as possible (like, within 24 hours) and can be penalized up to €1 million or two percent of their global revenue for breaching data protection regulations.

The proposed regulations also include many tools to help everyday people manage their personal data and understand how it is being used. First of all, it defines personal data as essentially any information about an individual, whether it be their name, a photo, an email address, details of their private or professional life, medical information, posts on social networking sites, and even their IP address.

Companies would have to acquire explicit consent to collect and use personal data, rather using “assumed consent” mechanisms such as continuing to use an account beyond a certain date. (Take note, Google!) Companies must also explicitly inform users if their personal data will be handled abroad.

The regulations also require users be able to transfer their data from one service provider to another. This is a bid to increase competition amongst services by preventing them from keeping users from leaving because their data is held hostage. For instance, if someone wants to switch from Facebook to Google+ right now, they’ll essentially be saying goodbye to most of the data (photos, videos, posts, comments, files, etc.) they’ve put on Facebook. The portability requirement would make such moves simpler, but it’s not clear what sort of technical solutions would satisfy the regulatory mandate.

The right to be forgotten

facebook-timeline-andrewPerhaps the highest-profile item in the proposal is the “right to be forgotten,” that would require Internet companies to delete data about a user unless there are legitimate reasons to keep it around. In other words, if a Facebook user chose to delete his or her account, Facebook would actually have to delete it, not just put it in a kind of inaccessible limbo, where it’s information is still used to target advertising, tailor services, and (potentially) fall into the wrong hands. Consumer rights advocates note that a “right to be forgotten” helps Internet users have confidence in their ability to manage their personal data; however, many industry watchers expect companies like Facebook to argue about what a “legitimate” reason for retaining data might be. From Facebook’s point of view, keeping an account in limbo is a wonderful service, so they can restore the account if (no, when!) the user decides to come back.

The proposal also includes a new directive that will apply data protection principles to police and law enforcement matters, both domestically and internationally. The European Commission argues that having the same legal framework in all EU member states will enable police forced to more effectively battle online crime and fraud, and also ensures that personal data used by law enforcement is uniformly protected throughout the EU.

Broader implications

If the European Commission’s proposal is enacted and resonates with EU citizens, it could have significant repercussions in the rest of the world, since so many major Internet players — from Amazon to Netflix to Google to Facebook to Twitter to Apple — all operate in Europe. Most of those companies would not want to be in a position where they’re perceived to treat personal data with care…but only in Europe.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
The 5 best websites like Craigslist in 2024

For years, Craigslist has been the go-to website for scoring a free sofa or finding an apartment. But there are plenty of other alternatives to Craigslist that do an equally fine job, oftentimes with a more attractive interface and fewer spam postings. The 5 best Craigslist alternatives are:

Facebook Marketplace
OfferUp
Locanto
Mercari
Recycler

Read more
How to stop spam emails in Outlook, Gmail, and more
A person sitting on the grass and taking notes at a laptop.

Spam and other unwanted emails are a nuisance, and it can seem like keeping them away from your inbox is a losing battle. But while you won't be able to prevent every piece of spam from landing in your inbox, it is possible to significantly reduce the number of messages that show up.

In this guide, we'll show you how to use filters, blocking, and spam reporting features to help stop spam from invading your inbox. We'll also go over a few more tips on how to reduce unwanted messages overall.
How to stop spam in Gmail
If you use Gmail, the most popular email client, you will eventually start getting spam. Here are our two favorite ways to deal with it.
Block spam in Gmail

Read more
How to add a signature in Gmail on desktop and mobile
how to file for stimulus

Email signatures are a great way to automatically include your contact information to your email correspondence. If you'd like to add a signature to your emails in Gmail, it's easy enough to add one. You'll just need to go through your Gmail settings to do it.

In this guide, we'll show you how to add a signature in Gmail whether you're using the desktop website version of Gmail or its mobile app.
How to add a signature on your desktop
Step 1: Launch your favorite browser and log into your Gmail account as you normally would.

Read more