Presentation from UCC CCJHR 2010

1. The right to delete Paul Bernal – London School of Economics

2. Personal data on the internet Massive amounts are held Current commercial models rely on it The data that is held is vulnerable – and may be increasingly so The existence and use of that data is something that concerns people – and rightly so It’s our data, isn’t it??

3. The right to delete To address the existence of this data To encourage the development of business models that don’t rely on the holding of data To begin the process of putting data subjects in control of their own data

4. Personal data in the new internet The Google/Facebook model Behavioural tracking Commercial data gathering The market in personal data

5. Data vulnerability Physical loss – e.g. HMRC/MOD data losses Hacking Vulnerability to government action: Subpoenas, USA PATRIOT act, Data retention Swiss banking data/Chinese Google hackers Commercial vulnerability T-Mobile data-selling scandal Changes of ownership etc

6. What can happen to lost data? Into the hands of criminals – nastier and better-targeted scams Into the hands of governments – used without the normal restrictions (e.g. Germany) Into the hands of less scrupulous or less controlled businesses or different jurisdictions Into the overall data morass

7. What can be done? Systematic culture change – emphasis on data security More powerful, better resourced and better supported data protection systems Better use of technological protection – encryption etc More community awareness of the issue

8. But there will always be problems: Human errors Human malice Technological errors Community pressures New technological and business ideas

9. Data minimisation Already a principle within data protection, but one that is effectively paid only lip-service to It needs to be better enforced – both better detected and more harshly punished. Punishment for data protection breaches are generally for losses or inappropriate processing, not for failures of data minimisation Needs to be put in the hands of the data subjects

10. New business models (1) The drive behind the current web model has been the business concepts of Google and Facebook New business models could bring about new changes – but how to get them to happen? We need a change in assumptions – that unless you have a strong NEED to hold data, you should not hold that data One key could be giving data subjects the right to delete

11. New business models (2) Currently it is the business that decides whether data should be held, anonymised or deleted If that decision is put in the hands of the data subject, businesses would think twice before using business models that rely on the data being held Instead, they might look for ways to use the data immediately, then discard it

12. The right to delete Not ‘the right to be forgotten’ – no rewriting of history or censorship A change in paradigm. The assumption is that data can and should be deleted if the data subject wants it, unless there are pressing reasons the other way The right needs to be made easily applied – access to data and then the ability to delete it directly on the web A shift in the nature of data protection – putting the focus on the rights of the individual, not on the obligations of the data controllers

13. When can data be held? Paternalistic reasons – for the benefit of the individual (e.g. medical data) Communitarian reasons – for the benefit of the community (e.g. criminal records) Administrative or economic reasons – for the benefit of society (e.g. tax records, electoral rolls) Archival reasons – for a good, accurate and useful historical record (e.g. newspaper records, British Library ‘right to archive’) Security reasons – for national security or criminal investigations (e.g. data retention laws)

14. Business reasons…. ….are not enough

15. Deletion and anonymisation Closely related – and complex Data can relate to more than one individual Data controllers might offer the option to anonymise rather than delete – but it should be the data subject’s option

16. Data protection principles The right to delete extends and improves implementation of data protection principles First point is better data access rights Second is putting data minimisation in the hand of the data subject Important to ensure that this right does not replace the data controller’s responsibility for data minimisation, but adds to it

17. Implications Gives individuals more control and autonomy Forces those holding data to justify why they’re holding it – in such a way that users understand Encourages the development of better business models Could end up supporting individuals even in places where data protection doesn’t apply – because the big businesses develop global business models

18. Human rights in the online world With our online life more and more integrated into our offline life, we need to focus on rights in the online world Those rights must include our ability to control and shape our digital footprint The right to delete data is just one of the rights that will be needed. p.a.bernal@lse.ac.uk http://personal.lse.ac.uk/bernal