Safeguarding 'the right to be forgotten'

Uploaded on 2018-07-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The 'right to be forgotten' is considered to be a fundamental human right by various governments, and recent legislation such as the General Data Protection Regulation attempts to establish this right for European citizens.

Often, implementations of these regulations have been revolved around search engines and the right of users to request that search results be removed because they are no longer necessary or has a rightful objection to its existence.

However, the recent Facebook and Cambridge Analytica data scandal and a series of large scale breaches has focused the discussion on the privacy implications of this right. Privacy advocates have renewed their calls to enable account and personal data removal from social media and other online services.

This seems to have broad support; most people agree that the right to be forgotten should allow users to remove accounts and material that they have created in the past¬, but this assumed right presents difficulties for today’s enterprises.

The immediate need is clear, the capability to delete accounts and any associated personal data. But this is not as simple as it might first appear.

Organisations are loath to give up data, it helps them improve their own business models, and quite frankly, it is profitable the resell data and information about clients and individuals.

Now enterprises need to be compelled to part with what it perceives as valuable, and governments are attempting this with legislation such as GDPR.

Beyond the necessary business case, however, lie technological challenges. While many online services have built in deletion and removal options, lingering personal data is a different matter. If this personal information is located in an application or structured database, then the process is relatively straightforward, eliminate the associated account and its data is also removed.

If the sensitive data is in files, detached from applications governed by the business, then they behave like abandoned satellites orbiting the earth, forever floating in the void of network-based file shares and cloud-based storage.

If the right to be forgotten is to be realised, then a key task is locating that personal data and enabling its deletion, thus ensuring the privacy of the end user.

As our online identities continue expand and proliferate online, we must work to safeguard what we consider fundamental rights. The right to be forgotten, to choose to withdraw from online services without leaving our personal data behind, is a key cornerstone in our privacy foundation.

Organisations who value their customers’ privacy will value the right to be forgotten and will take measures to locate and protect their sensitive data.

Information-Management

You Might Also Read:

BBC Forgotten List 'sets a precedent':

 

 

 

« The Cyber Security Intelligence Network
Artificial Intelligence & Threat Detection »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

iTrinegy

iTrinegy

iTrinegy is a world leader in Application Risk Management offering solutions to mitigate all networked application deployment risks

QTS

QTS

QTS Realty Trust, Inc. is a leading provider of secure, compliant data center, hybrid cloud and managed services.

The Data Privacy Group

The Data Privacy Group

The Data Privacy Group provide expert professional services underpinned by world leading automation tools and a consulting team specialized in privacy and data protection.

Irdeto

Irdeto

Irdeto is the world leader in digital platform security, protecting platforms and applications for media & entertainment, gaming, connected transport and IoT connected industries.

Farsight Security

Farsight Security

Farsight Security provides the world’s largest real-time actionable threat intelligence on how the Internet is changing.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Phosphorous Cybersecurity

Phosphorous Cybersecurity

Phosphorus has fully automated remediation of the two biggest IoT vulnerabilities, out of date firmware and default credentials.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

CyberAcuView

CyberAcuView

CyberAcuView is a company dedicated to enhancing cyber risk mitigation efforts across the insurance industry.

Mitnick Security

Mitnick Security

Mitnick Security is a leading global provider of information security consulting and training services.

European Data Protection Supervisor (EDPS)

European Data Protection Supervisor (EDPS)

The EDPS is the European Union’s independent data protection authority. We monitor and ensure the protection of personal data and privacy when EU institutions and bodies process personal information.

Dapple Security

Dapple Security

Dapple Security is creating cutting edge technology utilizing responsible biometrics that protects people and privacy through a first-of-its-kind passwordless platform.

HLB System Solutions

HLB System Solutions

HLB System Solutions: Empowering businesses with proactive IT management, consulting, security, and cloud solutions. Seamless tech for growth!

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.