The right to be forgotten is unrealistic, says ICO
Deputy Information Commissioner David Smith compares right to be forgotten online to attempting to expunge a criminal record
The "right to be forgotten" online, a principle that broadly aims to govern when and how websites are allowed to serve cookies to users' devices, was dealt a blow today by privacy watchdog the Information Commissioner's Office (ICO).
Deputy Information Commissioner David Smith today told an audience at Infosec 2013, a security event in London, that the right is "unrealistic".
"The right to be forgotten is important, but it's not realistic, information doesn't flow online in that way. You can't expunge your criminal convictions and wish they'd never happened, and you can't expunge all trace of yourself online either.
"Even [EC Commissioner] Viviane Reding [who proposed the right to be forgotten] says this is more of a slogan than a reality."
However, Smith added that the proposal reminds businesses about existing requirements, which state that organisations cannot keep information on individuals for any longer than they need.
He added that a shift in the balance of power between organisations and individuals, in terms of personal data, is coming.
"Right now you can ask a business to delete the data they hold on you, but you need to make the case, you need to present compelling legitimate grounds.
"In future that balance will change. I can ask and you have to present compelling legitimate grounds why you should keep my data. It's an important shift."
He added that the change is in part driven by social networking, for example to allow people to go to an organisation like Facebook and demand to have images of themselves removed.
"But it gets tricky where someone else has posted an image with me on it, and those images may have gone everywhere. But the proposals only say reasonable steps must be taken to delete information," he concluded.