Oblivion, Erasure and Forgetting in the Digital Age

• Author: Aurelia Tamò and Damian George
• Pages: 71-87

Oblivion, Erasure and Forgetting in the Digital Age

2014

71

2

A. Introduction

1

Every individual has experienced episodes in his

life he enjoys remembering (and having others

remember), and others that he would like to forget

(or have others forget). As individuals increasingly

make frequent public use of the Internet, users have

become aware of the potential harm persistent

information can cause when stored on the eternal

memory of the Internet. Considering that digital

abstinence is not an option, users are expressing an

increased fear of being haunted by their digital past.1

2

The European Commission (EC) claims to have

recognized the problem and recently proposed a

“right to be forgotten and erasure” as part of the

revision of the 1995 European Data Protection

Directive2 (Directive 95/46/EC) principles. In light

of the increased online activities and opaque privacy

Oblivion, Erasure and Forgetting

in the Digital Age

by Aurelia Tamò and Damian George

Aurelia Tamò is a PhD Candidate, Chari of Information and Communication Law, University of Zurich

Damian George is a junior associate at Nobel & Hug attorneys at law in Zurich

© 2014 Aurelia Tamò/Damian George

Everybody may disseminate this ar ticle by electronic means and m ake it available for download under the terms and

conditions of the Digita l Peer Publishing Licence (DPPL). A copy of the license text may be obtaine d at http://nbn-resolving.

de/urn:nbn:de:0009-dppl-v3-en8 .

Recommended citation: Aurelia Tamò and Damian George, Oblivion, Erasure and Forge tting in the Digital Age, 5 (20 14) JIPITEC

71, para. 1.

Keywords: Right to be forgotten, oblivion, erasure, privacy, data protection, defamation, autocomplete sugges-

tions, notice and take down, EU data protection directive, data protection reform, data protection

regulation, ECJ C-131/12 Google v. Spain

be understood as a generic term, bringing together

existing legal provisions: the substantial right of

oblivion and the rather procedural right to erasure

derived from data protection. Hereinafter, the article

presents an analysis of selected national legal

frameworks and corresponding case law, accounting

for data protection, privacy, and general tort law as

well as defamation law. This comparative analysis

grasps the practical challenges which the attempt

to strengthen individual control and informational

self-determination faces. Consequently, it is argued

that narrowing the focus on the data protection

law amendments neglects the elaborate balancing

of conflicting interests in European legal tradition.

It is shown that the attempt to implement oblivion,

erasure and forgetting in the digital age is a complex

undertaking.

Abstract: In light of the recent European

Court of Justice ruling (ECJ C-131/12, Google Spain

v. Spanish Data Protection Agency), the “right to be

forgotten” has once again gained worldwide media

attention. Already in 2012, when the European

Commission proposed a right to be forgotten, this

proposal received broad public interest and was

debated intensively. Under certain conditions,

individuals should thereby be able to delete personal

data concerning them. More recently – in light of

the European Parliament’s approval of the LIBE

Committee’s amendments on March 14, 2014 – the

concept seems to be close to its final form. Although

it remains, for the most part, unchanged from the

previously circulated drafts, it has been re-labelled as

a “right of erasure”. This article argues that, despite

its catchy terminology, the right to be forgotten can

2014

Aurelia Tamò and Damian George

72

2

policies of web services, the EC wants to strengthen

the control and digital rights of individuals.

Therefore, users should be given the right to have

their data fully removed.3

3

Legal scholars in Europe and the US have debated

the implications of an online right to be forgotten.



taken by Mayer-Schönberger in his oeuvre “Delete”.4

The concept of deletion has since been central to

the academic debate, which focuses on the legal,

philosophical and sociological foundations as well

as potential implications of a policy response.

4 In this article we approach the topic at hand from

a European legal tradition perspective, leaving

aside the US-American concepts in this respect.



US has been rather critical of the concept of the right

to be forgotten.

5

In particular the implementation

of the so-called “Eraser Law” (SB 568, California

Business & Professions Code Sec. 22581) in California

was controversially discussed in the media.6

5 The focus of this article lies on interactions among

      

government activities. We will elaborate throughout

this article that one should not restrict the debate

to the legal provisions but must simultaneously

draw insights from the elaborated case law. We will

support this approach by showing that European

Member States have dealt with questions relating to

oblivion and erasure in the age of online activities

and interactions by continually balancing the

 

norms and concepts.

B. Oblivion, Erasure and Forgetting

– Understanding the Concepts

Behind the Terminologies

I. Privacy Protection in Europe

6

Before discussing new approaches for protecting the

individual’s privacy with data protection tools, we

   

context.

7

The term “data protection” might be misleading

since the protected good is not the data itself but the

data subject’s fundamental privacy rights.

7

While the

protection of privacy, and the individual’s right to

personality in particular, have long been discussed

and contested in national legislations in Europe,

data protection laws have been evolving only since

the second half of the twentieth century.

8

Unlike

mechanisms that protect personality, which are

mostly used retroactively (ex post), data protection

tries predominantly to guarantee the protection in

advance (ex ante) by considering the processing of

data as privacy infringing “by default” and therefore

making processors adhere to data quality principles.

In other words, data protection law

has introduced the default rule that the handling of personal

data is per se an intrusion unless guiding principles were

followed like the purpose limitation principle, the fairness

principle and other safeguards like a right of access to one’s

own data. 9

8 In the European Union, the processing of personal

       

of data quality as provided for in Art. 6 Directive

95/46/EC but must also be legitimate. The criteria

for making data processing legitimate are listed in

Art. 7 Directive 95/46/EC. One important criteria is

consent. However, despite consent being regarded as

a promising tool, the reliance upon consent as a basis

   

private parties has not been successful in providing

the intended self-control of the users.10 The EU’s

data protection reform efforts strive – amongst

other things – to increase the individual’s control

by clarifying, and possibly strengthening, its rights.

11

One of these reinforced rights is currently known

under its original terminology, the “right to be

forgotten”. Thereby, the EU attempts to strengthen

the individual’s self-determination12 with regard to

the processing of his personal data.

II. The Right of Oblivion vs.

the Right to Erasure

9

In both the literature and political discussions, there

   

the overall concept of “deletion” of personal data.

While some use the terms “the right of oblivion”,

“the right to forget”, “the right to be forgotten”

or the “right to erasure” as synonyms, or at least

sometimes interchangeably,

13

others differentiate

among the underlying concepts based on their legal

rationale and scope.14

10

In particular, a distinction between the right of

oblivion and the right of erasure can add value to

the maze of terminologies:

11 First of all, the right of oblivion – or le droit a l’oubli

resp. il diritto al’oblio according to its French and

Italian root15 – has historically been applied in

severe cases of (potential) defamation and breach

of privacy of (mostly) ex-convicts.16 The right offers

deletion of some public data that are no longer

newsworthy, which highlights the importance of

the time component, i.e. the period elapsed between

the creation of the public data and the request for

oblivion.17 The rationale behind the concept of