Safeguarding 'the right to be forgotten'

Uploaded on 2018-07-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The 'right to be forgotten' is considered to be a fundamental human right by various governments, and recent legislation such as the General Data Protection Regulation attempts to establish this right for European citizens.

Often, implementations of these regulations have been revolved around search engines and the right of users to request that search results be removed because they are no longer necessary or has a rightful objection to its existence.

However, the recent Facebook and Cambridge Analytica data scandal and a series of large scale breaches has focused the discussion on the privacy implications of this right. Privacy advocates have renewed their calls to enable account and personal data removal from social media and other online services.

This seems to have broad support; most people agree that the right to be forgotten should allow users to remove accounts and material that they have created in the past¬, but this assumed right presents difficulties for today’s enterprises.

The immediate need is clear, the capability to delete accounts and any associated personal data. But this is not as simple as it might first appear.

Organisations are loath to give up data, it helps them improve their own business models, and quite frankly, it is profitable the resell data and information about clients and individuals.

Now enterprises need to be compelled to part with what it perceives as valuable, and governments are attempting this with legislation such as GDPR.

Beyond the necessary business case, however, lie technological challenges. While many online services have built in deletion and removal options, lingering personal data is a different matter. If this personal information is located in an application or structured database, then the process is relatively straightforward, eliminate the associated account and its data is also removed.

If the sensitive data is in files, detached from applications governed by the business, then they behave like abandoned satellites orbiting the earth, forever floating in the void of network-based file shares and cloud-based storage.

If the right to be forgotten is to be realised, then a key task is locating that personal data and enabling its deletion, thus ensuring the privacy of the end user.

As our online identities continue expand and proliferate online, we must work to safeguard what we consider fundamental rights. The right to be forgotten, to choose to withdraw from online services without leaving our personal data behind, is a key cornerstone in our privacy foundation.

Organisations who value their customers’ privacy will value the right to be forgotten and will take measures to locate and protect their sensitive data.

Information-Management

You Might Also Read:

BBC Forgotten List 'sets a precedent':

 

 

 

« The Cyber Security Intelligence Network
Artificial Intelligence & Threat Detection »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Jetico

Jetico

Jetico provides pure & simple data protection software for all sensitive information throughout the lifecycle. Solutions include data encryption and secure data erasure.

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

Resilia

Resilia

RESILIA is a comprehensive portfolio of tools and training to help your organization achieve global best practice in cyber security.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Cynamics

Cynamics

Cynamics is the only network monitoring solution built specifically for Smart City, Public Safety and Critical Infrastructure networks.

Simply Hired

Simply Hired

Simply Hired is a job search engine that collects job listings from all over the web, including company career pages, job boards and niche job websites.

KBR

KBR

To help governments and other agencies to combat cyber threats, KBR is safeguarding their most valuable systems with sophisticated tools, hardware and training.

Shevirah

Shevirah

Shevirah specializes in products for automated mobile and IoT device vulnerability assessment, penetration testing, and mobile security awareness training.

Centre for Cyber Security Belgium (CCB)

Centre for Cyber Security Belgium (CCB)

The Centre for Cyber Security Belgium is the central authority for cyber security in Belgium.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

McDonald Hopkins

McDonald Hopkins

McDonald Hopkins is a business advisory and advocacy law firm. We focus on insightful legal solutions that help our clients strategically plan for an increasingly competitive future.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.

DV Cyber Security

DV Cyber Security

DV Cyber (formerly A76) is an innovative cyber security company vertically focused on Threat Intelligence and Cyber Security Research.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.