Skip to Content

Europe, Data, and the ‘Right to Be Forgotten’

The EU talks tough on data protection.
January 25, 2012

The European Union is about to propose new rules on data protection, according to several sources. Among the proposals will be the possibility of levying stiff fines on companies for losing customers’ data, and a so-called “right to be forgotten” (the same one I wrote about last year). Not everyone is happy about the proposed legislation, and we can expect to see a debate drag on though the legislative process.

In one corner is Viviane Reding, vice president of the European Commission. It’s her belief that users are not properly protected under current laws (one example: the fact that Sony waited six days before informing their customers of a massive data breach). “We need individuals to be in control of their information,” Reding said at a recent conference in Munich.

In the other corner is just about the entirety of the tech industry. At that same conference, for instance, Sheryl Sandberg of Facebook gently hinted that impeding the flow of data in the social network could be bad for business, and included some impressive numbers of the economic impact of Facebook. “[T]he charming Ms. Sandberg was … giving a warning to Ms. Reding,” opines the Wall Street Journal’s Ben Rooney. “See that €15.3 billion in economic impact, see those 232,000 jobs? Do you really want to jeopardize that? Do you really think that giving people the right to be forgotten, or any of those other tricky data protection rules you are thinking about bringing in are worth the risk?”

Much as with SOPA and PIPA, tech companies large and small are rallying to say that while they applaud (some of) the EU’s goals, the legislation may be overreaching. In fact, it’s the small tech companies that may be hit hardest by some of the legislation’s requirements—for instance, the obligation to have a data protection officer on staff. “[T]hese measures are likely to cost EU businesses billions to implement and even more to maintain on an ongoing basis,” James Mullock, head of data privacy at the law firm Osborne Clarke, told Reuters.

The most colorful assertion of the EU legislation is the so-called “right to be forgotten.” Some question whether anyone really has the power to erase all traces of data, even if a user wants them to. “[A]re we really responsible for going to find every cached copy that may have filtered out there?” Microsoft’s Ronald Zink wondered aloud. “What is the obligation beyond our set of properties? It’s hard to know how you would pull back all the copies of a given piece of content.” Zink has been making the rounds, also telling FT, for instance, that the proposals may be “too prescriptive.”

Others had wondered whether the “right to be forgotten” could be used as a form of censorship, if applied to members of the press. But Reding has since addressed that concern, stating, “The archives of a newspaper are a good example. It is clear that the right to be forgotten cannot amount to a right of the total erasure of history.”

Data security is hugely important: too important not to legislate, while too important to rush into legislation. Perhaps it’s a good thing, then, that the EU’s legislative process reportedly might last up to two years.

Keep Reading

Most Popular

It’s time to retire the term “user”

The proliferation of AI means we need a new word.

Sam Altman says helpful agents are poised to become AI’s killer function

Open AI’s CEO says we won’t need new hardware or lots more training data to get there.

An AI startup made a hyperrealistic deepfake of me that’s so good it’s scary

Synthesia's new technology is impressive but raises big questions about a world where we increasingly can’t tell what’s real.

Taking AI to the next level in manufacturing

Reducing data, talent, and organizational barriers to achieve scale.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.