recent work

Right to be forgotten

The UK has stepped up its attempt to opt out of or block the “right to be forgotten” from the EU Data Protection Regulation expected to be enacted next year.  The Guardian newspaper reported, as part of the continuing debate, that the UK is pressing for the change to be made as part of a ‘directive’ as opposed to a ‘regulation’, which will give EU member states more flexibility around how to implement it.

The EU view is that the new Regulation “Is one of the biggest market-openers of the last few years,” according to Viviene Reding, as it “eliminates 27 conflicting rules and replaces them with … a mechanism for the whole continent.”

The right to request the deletion of data would be expanded under the Commission’s draft Regulation and Article 17 specifies a specific ‘right to be forgotten’ giving individuals a general right to force organisations to delete personal data stored about them “without delay”.

Information and technology law expert Luke Scanlon of Pinsent Masons recently wrote in the privacy newsletter, “Everyone wants the ability to protect their identity and not have adverse decisions made about them in relation to employment, insurance or credit, based on information that was once true but, as circumstances change, has become no longer accurate,” he said. “But it is clear, even to the Commission it would seem, that its proposed law cannot practically guarantee that all traces of data that a person has ever shared could be irreversibly erased, even though that is what is written on the label. This certainly creates an unfair expectation, a concern that the Information Commissioner has also expressed.”