We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

David Zax

A View from David Zax

Europe, Data, and the 'Right to Be Forgotten'

The EU talks tough on data protection.

  • January 25, 2012

The European Union is about to propose new rules on data protection, according to several sources. Among the proposals will be the possibility of levying stiff fines on companies for losing customers’ data, and a so-called “right to be forgotten” (the same one I wrote about last year). Not everyone is happy about the proposed legislation, and we can expect to see a debate drag on though the legislative process.

In one corner is Viviane Reding, vice president of the European Commission. It’s her belief that users are not properly protected under current laws (one example: the fact that Sony waited six days before informing their customers of a massive data breach). “We need individuals to be in control of their information,” Reding said at a recent conference in Munich.

In the other corner is just about the entirety of the tech industry. At that same conference, for instance, Sheryl Sandberg of Facebook gently hinted that impeding the flow of data in the social network could be bad for business, and included some impressive numbers of the economic impact of Facebook. “[T]he charming Ms. Sandberg was … giving a warning to Ms. Reding,” opines the Wall Street Journal’s Ben Rooney. “See that €15.3 billion in economic impact, see those 232,000 jobs? Do you really want to jeopardize that? Do you really think that giving people the right to be forgotten, or any of those other tricky data protection rules you are thinking about bringing in are worth the risk?”

Much as with SOPA and PIPA, tech companies large and small are rallying to say that while they applaud (some of) the EU’s goals, the legislation may be overreaching. In fact, it’s the small tech companies that may be hit hardest by some of the legislation’s requirements—for instance, the obligation to have a data protection officer on staff. “[T]hese measures are likely to cost EU businesses billions to implement and even more to maintain on an ongoing basis,” James Mullock, head of data privacy at the law firm Osborne Clarke, told Reuters.

The most colorful assertion of the EU legislation is the so-called “right to be forgotten.” Some question whether anyone really has the power to erase all traces of data, even if a user wants them to. “[A]re we really responsible for going to find every cached copy that may have filtered out there?” Microsoft’s Ronald Zink wondered aloud. “What is the obligation beyond our set of properties? It’s hard to know how you would pull back all the copies of a given piece of content.” Zink has been making the rounds, also telling FT, for instance, that the proposals may be “too prescriptive.”

Others had wondered whether the “right to be forgotten” could be used as a form of censorship, if applied to members of the press. But Reding has since addressed that concern, stating, “The archives of a newspaper are a good example. It is clear that the right to be forgotten cannot amount to a right of the total erasure of history.”

Data security is hugely important: too important not to legislate, while too important to rush into legislation. Perhaps it’s a good thing, then, that the EU’s legislative process reportedly might last up to two years.

Want to go ad free? No ad blockers needed.

Become an Insider
Already an Insider? Log in.
Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivery each weekday to your inbox

    The MIT Technology Review App

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.