Safeguarding 'the right to be forgotten'

The 'right to be forgotten' is considered to be a fundamental human right by various governments, and recent legislation such as the General Data Protection Regulation attempts to establish this right for European citizens.

Often, implementations of these regulations have been revolved around search engines and the right of users to request that search results be removed because they are no longer necessary or has a rightful objection to its existence.

However, the recent Facebook and Cambridge Analytica data scandal and a series of large scale breaches has focused the discussion on the privacy implications of this right. Privacy advocates have renewed their calls to enable account and personal data removal from social media and other online services.

This seems to have broad support; most people agree that the right to be forgotten should allow users to remove accounts and material that they have created in the past¬, but this assumed right presents difficulties for today’s enterprises.

The immediate need is clear, the capability to delete accounts and any associated personal data. But this is not as simple as it might first appear.

Organisations are loath to give up data, it helps them improve their own business models, and quite frankly, it is profitable the resell data and information about clients and individuals.

Now enterprises need to be compelled to part with what it perceives as valuable, and governments are attempting this with legislation such as GDPR.

Beyond the necessary business case, however, lie technological challenges. While many online services have built in deletion and removal options, lingering personal data is a different matter. If this personal information is located in an application or structured database, then the process is relatively straightforward, eliminate the associated account and its data is also removed.

If the sensitive data is in files, detached from applications governed by the business, then they behave like abandoned satellites orbiting the earth, forever floating in the void of network-based file shares and cloud-based storage.

If the right to be forgotten is to be realised, then a key task is locating that personal data and enabling its deletion, thus ensuring the privacy of the end user.

As our online identities continue expand and proliferate online, we must work to safeguard what we consider fundamental rights. The right to be forgotten, to choose to withdraw from online services without leaving our personal data behind, is a key cornerstone in our privacy foundation.

Organisations who value their customers’ privacy will value the right to be forgotten and will take measures to locate and protect their sensitive data.

Information-Management

You Might Also Read:

BBC Forgotten List 'sets a precedent':

 

 

 

« The Cyber Security Intelligence Network
Artificial Intelligence & Threat Detection »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DoSarrest Internet Security Ltd

DoSarrest Internet Security Ltd

DOSarrest is a fully managed security firm specializing in cloud based DDoS protection services to a worldwide client base.

FDM Group

FDM Group

FDM Group is an international Professional services company with a focus on IT. Services offered include Software Testing, and Information Security with a focus on operational security and compliance.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Trust Stamp

Trust Stamp

Trust Stamp provide Identity and Trust as a Service to answer two fundamental questions: “Who are you?” and “Do I trust you?"

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

Tabidus Technology

Tabidus Technology

Tabidus Technology is a cybersecurity association that unites and provides the global protection options against cyber threats.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Hub71

Hub71

Hub71 is a world-class tech ecosystem opening doors to global opportunities from an optimal business environment for entrepreneurial-minded innovators.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.

Troye Computer Systems

Troye Computer Systems

Troye provide a complete range of digital workspace solutions that empower people to do their very best work in a safe and secure manner anywhere, anytime, using any device.

Sentar

Sentar

Sentar is a cyber intelligence company, applying advanced analytics and systems engineering expertise to protect our national security by securing mission-critical assets.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.

INT3L

INT3L

The INT3L group (formerly Defentek) is a provider of national security and intelligence solutions, systems and services.