London: It’s the weekend. You’ve had a bit too much to drink, and not only do you tell your friends on Facebook, but just to make sure the entire world knows, you post it publicly on Twitter too.
Better than that, boosted by the world-beating confidence of a few beers, you post pictures that you think at the time will convince the world of your god or goddess-like awesomeness.
The next morning, you regret drinking quite so many beers. Years later, you have even more regrets as you’re passed over for a job because a potential employer saw those pictures. Now, the question is, should you be able to erase your digital past?
The answer in Europe appears to be yes, and the European Commission is set to propose a law that will give internet users the “right to be forgotten”.
The proposal is a revision to Europe’s Data Protection Directive, which governs how companies handle personal data.
Viviane Reding, vice president of the European Commission, says the changes woiuld simplify and harmonise the regulation across the 27-member European Union, which she believes will save companies 2.3bn.
However, the proposals to streamline data regulations across the EU have largely been overshadowed by what she called the “right to be forgotten”. On Sunday, she told the DLD conference in Germany: “People must be able to easily take their data to another provider or have it deleted if they no longer want it to be used.”
She added: “It is clear that the right to be forgotten cannot amount to a right of the total erasure of history. Neither must the right to be forgotten take precedence over freedom of expression or freedom of the media.”
In addition to the right to be forgotten, she wants to enshrine a right to data portability so that people can not only delete data but also take their data with them to switch services. Reding is also proposing that companies notify people within 24-hours after a data breach that their personal information might have been compromised.
Regulation meets reality
For an individual, it’s pretty clear why they would want to be able to scrub the Internet of embarrassing tweets, Facebook updates and pictures they had taken, especially ones taken years earlier but still easily searchable on social networking sites.
Businesses are increasingly using social networks to make hiring and firing decisions, and businesses are also hiring private investigators to “trawl social-media sites for intelligence about competitors and to watch for insider leaks, product complaints and evidence of employee misconduct”, according to an article in a US newspaper.
Even if enacted, in practice, the right to be forgotten will be devilishly difficult to carry out. A good case in point is that of a British girl who posted pictures of herself to social networking site Bebo when she was 15-years-old. The pictures turned into an internet meme, and she became known simply as the ‘Epic Boobs girl’.
She filed a privacy complaint with the Press Complaints Commission after lads’ magazine Loaded offered 500 for assistance “in encouraging the woman to do a photoshoot with the magazine”, according to the Press Gazette.
The PCC questioned the tastefulness of the piece but ruled that the pictures were so widely available that the magazine was only making comment on something available widely online.
In 2010, at the time of complaint, pictures of were the third in a Google search of “boobs”. A search for “Epic Boobs” girl returned 1,760,000 resutls.
The girl didn’t recall what her privacy settings were when she set up the account, but even with privacy settings, it’s entirely possible her friends on Bebo began circulating the pictures.
Industry pushes back
Facebook has been tangling with privacy regulators in the US and Europe. Both it and Google have agreed to submit to privacy audits for the next 20 years, bowing to pressure from the US Federal Trade Commission.
Drafts of the new European regulations have called for fines for violations of the data protection, possibly as much as 1 percent of their global revenues.
Once the European Commission proposes the new directive, it will take two or more years for it to be ratified by member states, but in the meantime, lobbying around the bills will be intense.
It won’t be just social networking companies that push back against the law. Ron Zink, Microsoft Europe’s chief operating officer and associate general counsel, told the Financial Times:”We have been pushing for harmonisation of privacy laws for several years, but we are concerned that these proposals may be too prescriptive.”
Are there things online that you wish you could erase? Have you posted something online that then went out of control, including your control?
29 mins ago