[email protected]: The right to be forgotten

Just knowing that my old personal data is kicking around somewhere puts a damper on my ability to move forward with my life and my identity.

cyber attack 311 R (photo credit: REUTERS)
cyber attack 311 R
(photo credit: REUTERS)
European Commission Justice Minister Viviane Reding is planning to introduce a new online right: the right to be forgotten. The proposed law would give users the right to remove personal data from the computers of businesses that collect and save it. One particular target of the intended directive is Facebook, which is believed to retain data on customers even after they delete their pages.
The “right to be forgotten” was not invented by Reding.
This right actually exists in a number of other contexts. In the criminal context, many jurisdictions allow a convict to apply to have his conviction sealed or expunged after a certain number of years; juvenile convictions are often sealed automatically after a certain period. In the credit context, credit reporting acts often designate a “statute of limitations,” beyond which delinquencies cannot be reported; in the United States this is seven years.
In both of these cases, the right to be forgotten has both an individual-rights justification and a public-interest justification.
One basic human right is privacy: keeping facts about oneself private. Committing a crime or missing a payment may justify some limitations on that right, but they don’t necessarily justify publicizing your misdeeds to everyone forever.
Having some kind of time limit creates a balance.
In addition, there is a public interest in rehabilitating both criminals and deadbeats. Perhaps the employer has a reasonable right to not hire ex-convicts. But as a society we don’t want the ex-cons to return to crime or to live on welfare, so we conclude that the best compromise is to allow some kind of limitation on the price they pay. Likewise we can understand why a lender wants to avoid lending to someone who defaulted long ago. But we would like to give these people a chance to return to full social and economic function, and that can be the dominant consideration.
What about the case of Internet data? What is the ethical justification for the right to be forgotten? Losing your privacy to a computer is not quite the same as losing it to a human being, and it’s pretty unlikely there is actually any person in Facebook or Google who is perusing your five-year-old deleted Facebook page and who actually knows or cares who you are.
Part of it is presumably the fear of hacking. The concern is that sooner or later those defunct Facebook pages will become accessible to a clever teenager.
An additional consideration is not one of privacy but of ownership. We don’t mind if Google makes money off our information, but if the information is truly “ours,” then it might be fair to demand that they pay something for it. This would be comparable in some ways to the reimbursement arrangement Google ultimately made with authors for Google Books. The money Google was making was not actually at the expense of the authors, but there was no real way to say that they made no contribution.
Ultimately, I think the “right to be forgotten” is a lot about the right to reinvent yourself.
Consider the diary analogy. Many people have old diaries of an old, familiar but perhaps very different self. Quite a few are interested in keeping close tabs on these old keepsakes and would show them only to a select few people, if at all. How would you feel if your diary got lost? How would you feel having someone else read it, even if that person was a total stranger? Many people would feel very embarrassed – not because the reader would connect the diary writer with their current selves, but because they want to put that person in their past.
Perhaps just knowing that my old personal data is kicking around somewhere puts a damper on my ability to move forward with my life and my identity.
These considerations may not measure up to the interest we have in rehabilitating ex-convicts, but on the other hand, the cost is not very great either. The private and public interest in deleting the old data (or requiring payment for it) may not be great, but the interest in keeping it around also does not seem overwhelming.
The European Commission now seems inclined to err, if at all, on the side of individual rights.
[email protected] Asher Meir is research director at the Business Ethics Center of Jerusalem, an independent institute in the Jerusalem College of Technology (Machon Lev).