Safeguarding 'the right to be forgotten'

The 'right to be forgotten' is considered to be a fundamental human right by various governments, and recent legislation such as the General Data Protection Regulation attempts to establish this right for European citizens.

Often, implementations of these regulations have been revolved around search engines and the right of users to request that search results be removed because they are no longer necessary or has a rightful objection to its existence.

However, the recent Facebook and Cambridge Analytica data scandal and a series of large scale breaches has focused the discussion on the privacy implications of this right. Privacy advocates have renewed their calls to enable account and personal data removal from social media and other online services.

This seems to have broad support; most people agree that the right to be forgotten should allow users to remove accounts and material that they have created in the past¬, but this assumed right presents difficulties for today’s enterprises.

The immediate need is clear, the capability to delete accounts and any associated personal data. But this is not as simple as it might first appear.

Organisations are loath to give up data, it helps them improve their own business models, and quite frankly, it is profitable the resell data and information about clients and individuals.

Now enterprises need to be compelled to part with what it perceives as valuable, and governments are attempting this with legislation such as GDPR.

Beyond the necessary business case, however, lie technological challenges. While many online services have built in deletion and removal options, lingering personal data is a different matter. If this personal information is located in an application or structured database, then the process is relatively straightforward, eliminate the associated account and its data is also removed.

If the sensitive data is in files, detached from applications governed by the business, then they behave like abandoned satellites orbiting the earth, forever floating in the void of network-based file shares and cloud-based storage.

If the right to be forgotten is to be realised, then a key task is locating that personal data and enabling its deletion, thus ensuring the privacy of the end user.

As our online identities continue expand and proliferate online, we must work to safeguard what we consider fundamental rights. The right to be forgotten, to choose to withdraw from online services without leaving our personal data behind, is a key cornerstone in our privacy foundation.

Organisations who value their customers’ privacy will value the right to be forgotten and will take measures to locate and protect their sensitive data.

Information-Management

You Might Also Read:

BBC Forgotten List 'sets a precedent':

 

 

 

« The Cyber Security Intelligence Network
Artificial Intelligence & Threat Detection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

mile2

mile2

Mile2 develop and deliver proprietary vendor neutral professional certifications for the cyber security industry.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

Purdicom

Purdicom

Purdicom (formerly known as Selcoms) is an award winning distributor specialising in Wireless, Cloud & Security technologies.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Assuria

Assuria

Assuria Cyber Security solutions provide protective monitoring of systems and user activity across the whole IT infrastructure.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

PerimeterX

PerimeterX

PerimeterX is the leading provider of solutions that secure digital businesses against automated fraud and client-side attacks.

Lynx

Lynx

Lynx provides high added value services in the area of information systems security and ICT infrastructure building.

Bl4ckswan

Bl4ckswan

Bl4ckswan is a Management Consulting firm specialized in the delivery of information security and compliance services.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

CYSEC SA

CYSEC SA

Cysec is equipped to deliver agile security solutions for the most challenging IT infrastructures around the world.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Purism

Purism

Purism works with hardware component manufactures and the free software community to build high quality hardware that respects your digital life.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Automotive Information Sharing & Analysis Center (Auto-ISAC)

Auto-ISAC provides a forum for companies to analyze and identify threats sooner and share solutions that enhance vehicle cybersecurity.

Whalebone

Whalebone

Whalebone develop user-centric, no-installation network security products for telcos, internet service providers, enterprises, public institutions, and governments.