Safeguarding 'the right to be forgotten'

The 'right to be forgotten' is considered to be a fundamental human right by various governments, and recent legislation such as the General Data Protection Regulation attempts to establish this right for European citizens.

Often, implementations of these regulations have been revolved around search engines and the right of users to request that search results be removed because they are no longer necessary or has a rightful objection to its existence.

However, the recent Facebook and Cambridge Analytica data scandal and a series of large scale breaches has focused the discussion on the privacy implications of this right. Privacy advocates have renewed their calls to enable account and personal data removal from social media and other online services.

This seems to have broad support; most people agree that the right to be forgotten should allow users to remove accounts and material that they have created in the past¬, but this assumed right presents difficulties for today’s enterprises.

The immediate need is clear, the capability to delete accounts and any associated personal data. But this is not as simple as it might first appear.

Organisations are loath to give up data, it helps them improve their own business models, and quite frankly, it is profitable the resell data and information about clients and individuals.

Now enterprises need to be compelled to part with what it perceives as valuable, and governments are attempting this with legislation such as GDPR.

Beyond the necessary business case, however, lie technological challenges. While many online services have built in deletion and removal options, lingering personal data is a different matter. If this personal information is located in an application or structured database, then the process is relatively straightforward, eliminate the associated account and its data is also removed.

If the sensitive data is in files, detached from applications governed by the business, then they behave like abandoned satellites orbiting the earth, forever floating in the void of network-based file shares and cloud-based storage.

If the right to be forgotten is to be realised, then a key task is locating that personal data and enabling its deletion, thus ensuring the privacy of the end user.

As our online identities continue expand and proliferate online, we must work to safeguard what we consider fundamental rights. The right to be forgotten, to choose to withdraw from online services without leaving our personal data behind, is a key cornerstone in our privacy foundation.

Organisations who value their customers’ privacy will value the right to be forgotten and will take measures to locate and protect their sensitive data.

Information-Management

You Might Also Read:

BBC Forgotten List 'sets a precedent':

 

 

 

« The Cyber Security Intelligence Network
Artificial Intelligence & Threat Detection »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Research Institute in Science of Cyber Security (RISCS)

Research Institute in Science of Cyber Security (RISCS)

RISCS is focused on giving organisations more evidence, to allow them to make better decisions, aiding to the development of cybersecurity as a science.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

vArmour

vArmour

vArmour is the industry’s first distributed security system that provides insight and control for multi-cloud environments.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Meditology

Meditology

Meditology Services is a top-ranked provider of information risk management, cybersecurity, privacy, and regulatory compliance consulting services exclusively for healthcare organizations.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

iManage

iManage

iManage's intelligent, cloud-enabled, secure knowledge work platform enables organizations to uncover and activate the knowledge that exists inside their business.

GetHacked.ca

GetHacked.ca

GetHackded.ca is a certified company offering penetration testing and specialized cybersecurity services.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.