Abstract:The European Commission’s proposal for a new Data Protection Directive released earlier this year has caused quite a bit of criticism, support, and skepticism around the world. The so-called ‘right to be forgotten’ has received impassioned responses, particularly from U.S. media. Taking a closer look at this right uncovers a rich social and legal history, a significant divide on a data subject’s claim to his or her information once proffered, and the possible meaning and scope of the proposed right.
Two versions of the right to be forgotten can provide for muddled conceptions and rhetoric when not distinguished. The much older – droit a l’oubli (right to oblivion) has historically been applied in exceptional cases involving an individual that has served a criminal sentence and wishes to no longer be associated with the criminal actions. The right of the individual to prevent others from communicating his association to his criminal past is balanced with the public’s right to access the information, which may or may not remain newsworthy. Oblivion finds its rationale in privacy as a human/fundamental right (related to human dignity, reputation, etc.). A second version of the right is one to delete information that a data subject has disclosed passively. In such a context, where data is collected and processed by third parties, a more accurate description would be a ‘right to erasure’. The exact scope and rationale behind the right to be forgotten as proposed in the European Data Protection framework today is not entirely clear. Although some fear that the Directive will embrace both deletion and oblivion, at a minimum the Directive proposes on granting (more) control to data subjects over personal data in the form of erasure.
Research in the two continents has clearly demonstrated a desire for increased control over their personal data, which the current ‘consent’-regime fails to offer. The paper will attempt to give a clear and elaborate overview of both the droit a l’oubli and the more modern right to be forgotten (or rather ‘right to erasure’) in several EU countries, the EU as a whole and the US. How do all of these countries approach the social value of ‘forgiveness’, protection of reputation, etc. And how do they intend to give (back) control to individuals in today’s information society? A thorough analysis of the EU Data Protection Regulation as well as the US’ ‘Consumer privacy bill of rights’ and proposed Do Not Track Kids legislation will follow. Finally we intend to focus on the erasure aspect of the right and layout the questions that must be answered in order to give the right form moving forward.