EU Commission Says People Have a 'Right To Be Forgotten' Online

nk497 writes "The European Commission wants to strengthen data protection rules to give more power to consumers — including the right to be forgotten online. Legislation it's looking to push through next year will let consumers know when and how their data is being used, and force companies to delete it when asked. 'People should be able to give their informed consent to the processing of their personal data,' the commission said in a statement. 'They should have the "right to be forgotten" when their data is no longer needed or they want their data to be deleted.'"

Amazing, and ironic

[siddesu]

Is this the same European Commission that decided some time ago to force data and voice service providers to keep phone and email records for years?

Will these data be subject to the "right to be forgotten", or government-retained stuff will be magically excepted?

Consistency, thy name is Europe.

Re:Amazing, and ironic

[Luckyo]

It's perfectly consistent once you stop being an ass and purposefully misunderstand the topic. Government and its way of using information is strictly regulated here - and by regulated I don't mean Bush-style "we do what we want and laws be damned" regulation, but a real working one.
Problem is, facebook, google et al are largely NOT regulated. They can keep your information forever, even if you "delete" it from your account, and sell it to the highest bidder. This is the part where essentially all EU member states start to have problems - here culturally, privacy is taken far more seriously then in US. As a result, the legislation is aimed to bring the american privacy "you have none" culture that is currently used in most of these companies closer in line with the European values. Such as not being able to just mine data and then mass sell it, even after you expressed a wish for data to be deleted instead.

The data and voice service providers have to keep certain data because they are common carriers. They are not, for example, allowed to mine the data and sell it, and they are only allowed to pass the data on when courts or certain legally entitled entities request it. There is no inconsistency, we can have both. We just have to have laws that work, and government that obeys them.

And notably, this is one of the very few issues where you can safely call then "European values", and not look like a clueless idiot, because unlike most things on which we Europeans tend to differ in a major way across our countries' borders, privacy is something treated in a very similar way across borders on the continent.

If this shocks you as an american, that's okay. We're shocked that you view universal healthcare as something bad too. It's a cultural difference. Just because we have universal healthcare doesn't mean we should force it on you, and just because you have no right to privacy (from our point of view) doesn't mean that you should force similar regime on us.

Re:What about other people's data about me?

[captainpanic]

I can delete my Facebook account but I can't delete the photos someone else took with me in them.

All data on Facebook is property of Facebook, not of the people who put it there... so you should be able to ask Facebook to remove it... (according to the text, "companies (i.e. Facebook) will be forced to delete it when asked").

As opposed to... what?

[Moraelin]

Yes, they did mandate keeping the logs for a given time, but then they have to be deleted, and specified who has the right to get them. I.e., it takes a subpoena.

But, as opposed to... what? Just trusting that the companies will automatically delete those logs, and will never use them for marketing or whatnot? Just look at the Facebook for an example of how much better _that_ went than, you know, ooooh, scary inconsistent nanny-state Europe.

Re:What about other people's data about me?

[ledow]

Then Facebook is the same as a photoshop. No-one MADE Facebook take your photos and scan them in and put them online and name you on them - some random individual (presumably someone who knows you, possibly not) put them up. What's the difference between that person getting a copy of the image from a photo shop and showing it to people in your office (presuming they work there too) or a potential future employer, or sticking it in their own photo album, or showing their cousins, or whatever else. You gonna hold the photoshop responsible if that happens?

If there is a photo of you that you don't want people to see - SEIZE the photo, not punish Facebook. The "idiot" that puts that photo online and tags you is the one who drops you in it, not Facebook. They could have done it on a million and one different sites, or in a letter, or pinned the photo to a noticeboard anonymously. And if it was taken in a public place, there's actually NOTHING you can do about it in the majority of sensible countries, so long as the photo is published complete (i.e. they didn't amplify your face and print it out on leaflets that they spread throughout the town but) - In lots of countries you have no right to photographs that include you if you're not the main subject of the photo and it's taken in a public place.

Basically - don't be stupid. That means that any moron that appears in my "photo of a new york street" could get my holiday photos deleted from Facebook - and, in fact, ANYONE could if they just *claimed* to be in the photo. How would Facebook prove / disprove otherwise.

Please stop thinking that the existence of Facebook in particular changes ANYTHING with regards personal privacy. And be more cautious about being photographed pissed out of your skull by work colleagues. And work in places that understand the work-personal life separation and that don't think just Googling each candidate's name is a reliable way to accurately find out about any possible indiscretions (otherwise every John Smith has an AWFUL hard time finding out) - if that's even LEGAL for them to do in the first place.

Heh

[Moraelin]

1. If you think your data in the USA would only be given to the pizzerias, and not to the USA government... heh. It's funny. You do know they subpoenad such stuff from Google and others already, right?

2. Oooh, scary Euro-fascists, 'cause you can dig up something from 65 years ago. Heh. Ah, the joys of semi-literate trolls who never heard of anything after WW2 because it's not in the Hollywood movies they mistake for education... Besides, I guess it saves the home-schooled right from acknowledging that the rest of the world has actually moved out of the 40's.

3. But if you want to compare fascists, let's compare fascists.

The USA moved a minority to concentration camps for, pretty much, fearing that their political sympathies may not be the proper ones... when? Oh wait, it was during the WW2 too.

The USA had the idiotic McCarthy scare... when? Until the late 50's? Shouldn't you remember that too, if for Europe the 1936-1945 era counts as recent enough?

The USA imprisoned and tortured people for mere suspicions, and skipping all human rights or safeguards of the rule of law... when? Oh, wait, that was in the 21'th century. I guess the 1945 is scarier because it's more recent than that, huh? Oh wait, it isn't.

The USA datamined not just phone records, but even grocery lists, to try to find out who's a muslim... when? Oh, wait, that's 21'st century too.

So, remind me, which of the two should you fear more? The ones who actually tortured people for the mere suspicion of supporting the wrong gang 2-3 years ago, or those who did it 65 years ago?

Re:Agreed

[ashkante]

Assuming that the effort put into this law is more than half-assed, I am thinking that there may be a distinction between "data I have put there (into the cloud) to be stored, as in documents, photos, database contents, etc", versus "data that the companies collect, as in webpage visit counters, IP addresses, browser and system stats". I, personally, include web registration data, addresses, phone numbers among the latter. And yes, I would like to have those erased, along with backups if I stop using the web service. As for impersonation, that can wreak some pretty nasty havoc with your life even without such legislation and needs further looking-into. I am grateful at least that I don't have to write laws about it :D

Re:Agreed

[JaredOfEuropa]

Let the damn companies have whatever policies they want, force them to be open about those policies

That is how it should be. And a number of European countries have data privacy laws to that effect. Companies have to publish what they are going to do with your data and are not allowed to do anything else with it. They also have to let you know, on request, what data they have on you. Not a bad law, but I would like to see it extended a little bit, as follows:

A company's data privacy disclaimer/statement shall not exceed half a page of text (A4/Letter in 12 point letters, in case someone wants to get smart with fine print). It shall not be embedded in a longer generic disclaimer, but stand on its own.

Better yet, the government could issue a generic, well-understood disclaimer in which companies provide the details about the data, access, retention, sharing, etc. Currently it is not humanly possible to read these disclaimers, being half a book's worth of legalese. This is done on purpose.

Re:What about other people's data about me?

[Haedrian]

The problem isn't facebook as-such - the problem is how the web is turning into a semantic one - which lets you link information to one another.

If in the old days, I had a website with a few friends which we put images on - then only my friends would know about that. If I had any embarassing images, or images of me getting wasted or something - there is no problem at all.

People have many different aspects - and they would kindly like to keep those aspects seperate. You may be known to your friends as "That person who can belch the loudest", but when you're writing a C.V. - you don't put it over there. People want to keep these information private to certain people- the problem is that with all the links now - you can't really do that.

To give a proper example - take Linkln (which is used for 'professional' networking) and Facebook. You would ideally have a professional 'aspect' being shown there for your employer to see that you went to convention X, worked at company Y for N years et cetera - you don't want your employer to look at your 'wild side' on Facebook.

To summerise the above disjunctions - I may want my different aspects to be avaliable online - but I don't want everyone to be able to access them - and I want to be able to 'erase' mistakes which happened in my past - especially to someone important. People change (and therefore have "A right to be forgotten") and people have different aspects for different people - the way you are towards your friends =/= way you are towards your partner =/= towards your parents =/= towards your employers.

Re:What about other people's data about me?

[commodore64_love]

>>>They've always been able to do that.

False. When I was growing-up I had no way of publishing a photo to the whole world. I know because I tried it a couple times, but there was nothing like facebook, and the internet was still limited to just a few thousand college professors & computer hobbyists. Only the mass media corporations had the resources to distribute to the entire globe. - Not until ~2000 did the WWW reach greater than 50% of the population, and allow them to could share photos to the whole world. SO YES facebook, myspace, and other services have changed the level of distribution.
.

>>>those sorts of HR department investigations are (in most civilised countries) completely 100% inaccurate and completely 100% illegal

You saying the US is uncivilized? We are a different culture from the UK, that's true, but that doesn't mean we're not civilized. We have rule of law just like you do, and without a pesky queen to overrule it, or the will of the people. Anyway:

Here it's perfectly okay for HR departments to run background checks on their employees, including contacting the Social Security (SS) department to retrieve your employment history, and online postings/websites. And I suspect even in the EU, if it's illegal, it's still performed by the human resources employees in secret. (Like in the movie GATTACA where it was illegal to sample people's genes, and yet employers did it anyway.)

Maybe you'll understand better after you become a victim yourself.
I used to think like you, that nothing would ever happen,
until I became scammed a few times, and 2 employers stole my wages.