Skip to main content
SpringerLink
Log in

Forget About Being Forgotten

From the Right to Oblivion to the Right of Reply

  • Chapter
Data Protection on the Move

Part of the book series: Law, Governance and Technology Series ((ISDP,volume 24))

Abstract

User concerns about the dissemination and impact of their digital identity have led to the spread of privacy-enhancing and reputation-management technologies. The former allow data subjects to decide the personal information they want to disclose in the limited scope of a particular transaction. The latter help them adjust the visibility of the information disclosed and tune how other people perceive it. However, as the sources of personal information are growing without their control, and both original and deceptive data coexist, it is increasingly difficult for data subjects to govern the impact of their personal information and for the information consumers to grasp its trustworthiness so as to separate the wheat from the chaff. This paper analyses the aforementioned risks and presents a protocol, an architecture, and a business approach supporting both data subjects in replying to the information linked to them and consumers in gaining opportune access to these replies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    As pointed by Jennifer Stoddart (Canada’s Privacy Commissioner) in Office of the Privacy Commissioner of Canada, “Protect Your Personal Information Because the Internet Never Forgets, Privacy Commissioner of Canada Says—January 27, 2011.”

  2. 2.

    Some famous, traditional examples include Stacy Snyder’s and Andrew Feldmar’s cases, gathered in Mayer-Schönberger, Delete: The Virtue of Forgetting in the Digital Age, chap. 1 Failing to Forget the “Drunken Pirate.”

  3. 3.

    Quinn, “Facebook Costing 16-34s Jobs in Tough Economic Climate.”

  4. 4.

    Wisniewski, Lipford, and Wilson, “Fighting for My Space.”

  5. 5.

    Besmer and Lipford, “Moving beyond Untagging: Photo Privacy in a Tagged World.”

  6. 6.

    Bornoe and Barkhuus, “Privacy Management in a Connected World: Students’ Perception of Facebook Privacy Settings.”

  7. 7.

    Tokunaga, “Social Networking Site or Social Surveillance Site? Understanding the Use of Interpersonal Electronic Surveillance in Romantic Relationships.”

  8. 8.

    Humphreys, Gill, and Krishnamurthy, “How Much Is Too Much? Privacy Issues on Twitter.”

  9. 9.

    Pesce et al., “Privacy Attacks in Social Media Using Photo Tagging Networks.”

  10. 10.

    E.g.: abouteveryone.com, Topix, or the so-called “confessions board” sites which specifically target college students such as JuicyCampus, CollegeACB, LittleGossip, etc. For a review of the evolution of these sites and a discussion from the perspective of US defamation laws, see Schorr, “Malicious Content on the Internet: Narrowing Immunity Under the Communications Decency Act.”

  11. 11.

    “Identity porn” is related, but slightly different, to the better-known concept of “revenge porn”. Both refer to non-consensual dissemination of pornographic material depicting the data subject, but the latter emphasizes a specific motivation of a discloser who had been previously involved in a sexual relationship with the data subject; while the former focuses on scenarios where these contents published are also linked to the data subject’s profile and identity attributes (whoever the disclosers and whichever their motivations might be). See Stroud, “The Dark Side of the Online Self: A Pragmatist Critique of the Growing Plague of Revenge Porn.”

  12. 12.

    Examples of existing of defunct sites that either foster or are frequently used for these practices include Is Anyone Up?, UGotPosted, Is Anybody Down?, Pink Meth, Texxxan.com, and MyEx.com.

  13. 13.

    E.g.: Zoominfo, Pipl, 123people, Yasni, AnyWho, peekyou.

  14. 14.

    Brennecke, Mandl, and Womser-Hacker, “The Development and Application of an Evaluation Methodology for Person Search Engines.”

  15. 15.

    Werbin, “Auto-Biography: On the Immanent Commodification of Personal Information.”

  16. 16.

    Mantelero, “The EU Proposal for a General Data Protection Regulation and the Roots of the ‘Right to be Forgotten.’”

  17. 17.

    For a comprehensive review of the Right to be Forgotten, see Mayer-Schönberger, Delete: The Virtue of Forgetting in the Digital Age.

  18. 18.

    Squicciarini, Shehab, and Paci, “Collective Privacy Management in Social Networks.”

  19. 19.

    Squicciarini, Shehab, and Wede, “Privacy Policies for Shared Content in Social Network Sites.”

  20. 20.

    Kenny and Korba, “Applying Digital Rights Management Systems to Privacy Rights Management.”

  21. 21.

    Castelluccia and Kaafar, “Owner-Centric Networking (OCN): Toward a Data Pollution-Free Internet.”

  22. 22.

    Sarrouh et al., “Defamation-Free Networks through User-Centered Data Control.”

  23. 23.

    Kelbert and Pretschner, “Towards a Policy Enforcement Infrastructure for Distributed Usage Control.”

  24. 24.

    Pearson and Casassa-Mont, “Sticky Policies: An Approach for Managing Privacy across Multiple Parties.”

  25. 25.

    Diehl and Furon, “© Watermark: Closing the Analog Hole.”

  26. 26.

    Shein, “Ephemeral Data.”

  27. 27.

    Druschel, Backes, and Tirtea, “The Right to be Forgotten—between Expectations and Practice—ENISA.”

  28. 28.

    Markou, “The ‘Right to be Forgotten’: Ten Reasons Why It Should Be Forgotten.”

  29. 29.

    Thompson and Fertik, Wild West 2.0: How to Protect and Restore Your Online Reputation on the Untamed Social Frontier.

  30. 30.

    Ilešič, JUDGMENT OF THE COURT (Grand Chamber) In Case C‑131/12, REQUEST for a preliminary ruling under Article 267 TFEU from the Audiencia Nacional (Spain), made by decision of 27 February 2012, received at the Court on 9 March 2012, in the proceedings Google Spain SL, Google Inc. v Agencia Española de Protección de Datos (AEPD), Mario Costeja González, (2014).

  31. 31.

    Fujikawa, “Google Suffers New Privacy Setback in Japan.”

  32. 32.

    Court of Justice of the European Union, Opinion of Advocate General Jääskinen delivered on 25 June 2013 Case C-131/12 Google Spain SL Google Inc. v Agencia Española de Protección de Datos (AEPD), Mario Costeja González (2013).

  33. 33.

    Tiffen, “Finkelstein Report: Volume of Media Vitriol in Inverse Proportion to Amount of Evidence.”

  34. 34.

    Cornwall, “It Was the First Strike of Bloggers Ever: An Examination of Article 10 of the European Convention on Human Rights as Italian Bloggers Take a Stand against the Alfano Decree.”

  35. 35.

    Werkers, Lievens, and Valcke, “A Critical Analysis of the Right of Reply in Online Media.”

  36. 36.

    Balog, Azzopardi, and de Rijke, “Resolving Person Names in Web People Search.”

  37. 37.

    Long and Shi, “Web Person Name Disambiguation by Relevance Weighting of Extended Feature Sets.”

  38. 38.

    Köpcke and Rahm, “Frameworks for Entity Matching: A Comparison.”

  39. 39.

    Jonas, “Threat and Fraud Intelligence, Las Vegas Style.”

  40. 40.

    Li, Wang, and Chen, “Identity Matching Using Personal and Social Identity Features.”

  41. 41.

    Berendsen et al., “Result Disambiguation in Web People Search.”

  42. 42.

    Jones et al., “WebFinger.”

  43. 43.

    Slatkin, “Bootstrapping WebFinger Decentralized Discovery with WebFist.”

  44. 44.

    Hansen and Hallam-Baker, “DomainKeys Identified Mail (DKIM) Service Overview.”

  45. 45.

    Ligouras, “Protecting the Social Graph: Client–side Mitigation of Cross–Site Content Forgery Attacks,” 27–29.

  46. 46.

    https://github.com/onesocialweb.

  47. 47.

    Greasemonkey for Mozilla Firefox (http://www.greasespot.net/) or Tampermonkey for Google Chrome, Opera Next and Safari (https://tampermonkey.net/).

  48. 48.

    O’Connor, “Managing a Hotel’s Image on TripAdvisor.”

  49. 49.

    “Me on the Web” by Google https://www.google.com/settings/me.

  50. 50.

    Weinberg, “An Introduction to Social Media Marketing.”

  51. 51.

    During the first year of the application of the EU data-protection rules to Google search results, only 41.5 % of the removal requests were honored. See Laursen, “Google’s Year of Forgetting [News].”

  52. 52.

    Ibid.

  53. 53.

    Ortlieb, “The Anthropologist’s View on Privacy.”

  54. 54.

    Ibid.

  55. 55.

    E.g. Twitter verified accounts https://support.twitter.com/articles/119135-faqs-about-verified-accounts.

  56. 56.

    Hansen et al., “Privacy-Enhancing Identity Management.”

  57. 57.

    Talukder and Ahamed, “Preventing Multi-Query Attack in Location-Based Services.”

Bibliography

  • Balog, Krisztian, Leif Azzopardi, and Maarten de Rijke. 2009. Resolving person names in web people search. In Weaving Services and People on the World Wide Webeaving Services and People on the World Wide Web, ed. Irwin King and Ricardo Baeza-Yates, 301–23. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. doi:10.1007/978-3-642-00570-1.

    Google Scholar 

  • Berendsen, Richard, Bogomil Kovachev, Maarten Weerkamp Nastou, Evangelia-Paraskevi de Rijke, and Wouter. 2012. Result disambiguation in web people search. In Advances in Information Retrieval, ed. Ricardo Baeza-Yates, Arjen P. de Vries, Hugo Zaragoza, B. Barla Cambazoglu, Vanessa Murdock, Ronny Lempel, and Fabrizio Silvestri, 7224:146–57. Lecture Notes in Computer Science. Springer, Berlin, Heidelberg. doi:10.1007/978-3-642-28997-2.

    Google Scholar 

  • Besmer, Andrew, and Heather Richter Lipford. 2010. Moving beyond untagging: Photo privacy in a tagged world. In Proceedings of the 28th International Conference on Human Factors in Computing Systems—CHI ’10, 1563–1572. doi:10.1145/1753326.1753560.

  • Bornoe, Nis, and Louise Barkhuus. 2011. Privacy management in a connected world: Students’ perception of facebook privacy settings. In Workshop on Collaborative Privacy Practices in Social Media, 19–23. Hangzhou, China. http://bornoe.org/papers/CSCW2011-Privacy-Workshop-Bornoe.pdf.

  • Brennecke, Roland, Thomas Mandl, and Christa Womser-Hacker. 2011. The development and application of an evaluation methodology for person search engines. In EuroHCIR 2011 European Workshop on Human–Computer Interaction and Information Retrieval, CEUR Workshop Proceedings, 42–45, 2011. http://ceur-ws.org/Vol-763/.

  • Castelluccia, Claude, and Mohamed Ali Kaafar. 2009. Owner-centric networking (OCN): Toward a data pollution-free internet. In 2009 Ninth Annual International Symposium on Applications and the Internet, 169–72. IEEE. doi:10.1109/SAINT.2009.34.

  • Cornwall, Janelle L. 2011. It was the first strike of bloggers ever: An examination of article 10 of the European convention on human rights as Italian bloggers take a stand against the Alfano Decree. Emory International Law Review 25(1): 499–538. http://connection.ebscohost.com/c/articles/64295112/was-first-strike-bloggers-ever-examination-article-10-european-convention-human-rights-as-italian-bloggers-take-stand-against-alfano-decree.

  • Court of Justice of the European Union. 2013. Opinion of Advocate general Jääskinen delivered on 25 June 2013 Case C-131/12 Google Spain SL Google Inc. v Agencia Española de Protección de Datos (AEPD), Mario Costeja González.

    Google Scholar 

  • Diehl, E., and T. Furon. 2014. © Watermark: Closing the analog hole. In 2003 IEEE International Conference on Consumer Electronics, 2003. ICCE., 52–53. IEEE. Accessed 24 Oct 2014. doi:10.1109/ICCE.2003.1218801.

  • Druschel, Peter, Michael Backes, and Rodica Tirtea. 2011. The right to be forgotten—between expectations and practice—ENISA. Heraklion, Greece. http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/the-right-to-be-forgotten.

  • Fujikawa, Megumi. 2014. Google suffers new privacy setback in Japan. The Wall Street Journal. http://online.wsj.com/articles/google-suffers-new-privacy-setback-in-japan-1412933523.

  • Hansen, Marit, Peter Berlich, Jan Camenisch, Sebastian Clauß, Andreas Pfitzmann, and Michael Waidner. 2004. Privacy-enhancing identity management. Information security technical report 9(1): 35–44. doi:10.1016/S1363-4127(04)00014-7.

    Article  Google Scholar 

  • Hansen, Tony, and Phillip Hallam-Baker. 2009 Domainkeys identified mail (DKIM) service overview, no. RFC 5585: 1–24. https://tools.ietf.org/html/rfc5585.

  • Humphreys, Lee, Phillipa Gill, and Balachander Krishnamurthy. 2010. How Much Is Too Much? Privacy Issues on Twitter. In ICA 2010, 1:1–29, 2010. http://www2.research.att.com/~bala/papers/ica10.pdf.

  • Ilešič, M. 2014. JUDGMENT OF THE COURT (Grand Chamber) In Case C–131/12, REQUEST for a preliminary ruling under Article 267 TFEU from the Audiencia Nacional (Spain), made by decision of 27 Feb 2012, received at the Court on 9 Mar 2012, in the proceedings Google Spa, (2014).

    Google Scholar 

  • Jonas, Jeff. 2006. Threat and fraud intelligence, Las Vegas Style. IEEE Security & Privacy Magazine 4. doi:10.1109/MSP.2006.169.

    Google Scholar 

  • Jones, Paul, Joseph Smarr, Gonzalo Salgueiro, and Michael Jones. 2013. WebFinger. Internet RFC Series, no. RFC 7033: 1–28. https://tools.ietf.org/html/rfc7033.

  • Kelbert, Florian, and Alexander Pretschner. 2012. Towards a policy enforcement infrastructure for distributed usage control. In Proceedings of the 17th ACM Symposium on Access Control Models and Technologies - SACMAT ’12, 119. New York, USA: ACM Press, 2012. doi:10.1145/2295136.2295159.

  • Kenny, Steve, and Larry Korba. 2002. Applying digital rights management systems to privacy rights management. Computers & Security 21(7): 648–664. doi:10.1016/S0167-4048(02)01117-3.

    Article  Google Scholar 

  • Köpcke, Hanna, and Erhard Rahm. 2010. Frameworks for entity matching: A comparison. Data & Knowledge Engineering 69(2): 197–210. doi:10.1016/j.datak.2009.10.003.

    Google Scholar 

  • Laursen, Lucas. 2015. Google’s year of forgetting [News]. IEEE Spectrum 52(5): 16–17. doi:10.1109/MSPEC.2015.7095187.

    Article  Google Scholar 

  • Li, Jiexun, G. Alan Wang, and Hsinchun Chen. 2010. Identity Matching using personal and social identity features. Information Systems Frontiers 13(1): 101–13. doi:10.1007/s10796-010-9270-0.

    Google Scholar 

  • Ligouras, Spyros. 2012. Protecting the social graph: Client–side mitigation of cross–site content forgery attacks. University of Crete. http://elocus.lib.uoc.gr/dlib/9/4/9/metadata-dlib-1354176330-646953-4363.tkl.

  • Long, C, and L Shi. 2010. Web person name disambiguation by relevance weighting of extended feature sets. Third Web People Search Evaluation Forum WePS3 CLEF 2010 (2010): 1–13. http://ceur-ws.org/Vol-1176/CLEF2010wn-WePS-LongEt2010.pdf.

  • Mantelero, Alessandro. 2013. The EU proposal for a general data protection regulation and the roots of the ‘right to be forgotten’. Computer Law & Security Review 29(3): 229–235. doi:10.1016/j.clsr.2013.03.010.

    Article  Google Scholar 

  • Markou, Christiana. 2015. The ‘Right to Be Forgotten’: Ten reasons why it should be forgotten. In Reforming European Data Protection Law SE—8, ed. Serge Gutwirth, Ronald Leenes, and Paul de Hert, 20: 203–26. Law, Governance and Technology Series. Springer, Netherlands, 2015. doi:10.1007/978-94-017-9385-8_8.

    Google Scholar 

  • Mayer-Schönberger, Viktor. 2011. Delete: The virtue of forgetting in the digital age. Princeton: Princeton University Press.

    Google Scholar 

  • O’Connor, Peter. 2010. Managing a Hotel’s image on TripAdvisor. Journal of Hospitality Marketing & Management 19(7): 754–72. doi:10.1080/19368623.2010.508007.

    Google Scholar 

  • Office of the Privacy Commissioner of Canada. 2011. Protect your personal information because the Internet never forgets, Privacy Commissioner of Canada says-27 Jan 2011. Ottawa, 2011. https://www.priv.gc.ca/media/nr-c/2011/nr-c_110127_e.asp.

  • Ortlieb, Martin. 2014. The anthropologist’s view on privacy. IEEE Security and Privacy 12(3): 85–87. doi:10.1109/MSP.2014.57.

    Article  Google Scholar 

  • Pearson, Siani, and Marco Casassa-Mont. 2011. Sticky policies: An approach for managing privacy across multiple parties. Computer 44(9): 60–68. doi:10.1109/MC.2011.225.

    Google Scholar 

  • Pesce, João Paulo, Diego Las Casas, Gustavo Rauber, and Virgílio Almeida. 2012. Privacy attacks in social media using photo tagging networks. In Proceedings of the 1st Workshop on Privacy and Security in Online Social Media—PSOSM ’12, 1–8. New York, USA: ACM Press. doi:10.1145/2185354.2185358.

  • Quinn, Sarah (On Device Research). 2013. Facebook Costing 16-34s Jobs in Tough Economic Climate, 2013. http://ondeviceresearch.com/blog/facebook-costing-16-34s-jobs-in-tough-economic-climate.

  • Sarrouh, Nadim, Florian Eilers, Uwe Nestmann, and Ina Schieferdecker. 2011. Defamation-free networks through user-centered data control. In Security and Trust Management SE—12, ed. Jorge Cuellar, Javier Lopez, Gilles Barthe, Alexander Pretschner, 6710: 179–93. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 2011. doi:10.1007/978-3-642-22444-7_12.

    Google Scholar 

  • Schorr, Joanna. 2014. Malicious content on the internet: narrowing immunity under the communications decency act. St. John’s Law Review 87(2). http://scholarship.law.stjohns.edu/lawreview/vol87/iss2/15.

  • Shein, Esther. 2013. Ephemeral data. Communications of the ACM 56(9): 20. doi:10.1145/2500468.2500474.

    Google Scholar 

  • Slatkin, Brett. 2013. Bootstrapping WebFinger decentralized discovery with WebFist. One Big Fluke, 2013. http://www.onebigfluke.com/2013/06/bootstrapping-webfinger-with-webfist.html.

  • Squicciarini, Anna C., Mohamed Shehab, and Joshua Wede. 2010. Privacy policies for shared content in social network sites. VLDB Journal 19: 777–796. doi:10.1007/s00778-010-0193-7.

    Article  Google Scholar 

  • Squicciarini, Anna Cinzia, Mohamed Shehab, and Federica Paci. 2009 Collective privacy management in social networks. In Proceedings of the 18th International Conference on World Wide Web—WWW ’09, 521. New York, USA: ACM Press, 2009. doi:10.1145/1526709.1526780.

  • Stroud, Scott R. 2014. The dark side of the online self: A pragmatist critique of the growing plague of revenge porn. Journal of Mass Media Ethics 29(3): 168–83. doi:10.1080/08900523.2014.917976.

    Google Scholar 

  • Talukder, Nilothpal, and Sheikh Iqbal Ahamed. 2010. Preventing multi-query attack in location-based services. In Proceedings of the Third ACM Conference on Wireless Network Security - WiSec ’10, 25. New York, USA: ACM Press, 2010. doi:10.1145/1741866.1741873.

  • Thompson, David, and Michael Fertik. 2010. Wild west 2.0: How to protect and restore your online reputation on the untamed social frontier. amacom, 2010.

    Google Scholar 

  • Tiffen, Rodney. 2012. Finkelstein report: Volume of media vitriol in inverse proportion to amount of evidence. Pacific Journalism Review 18(2): 37–40.http://www.pjreview.info/sites/default/files/articles/pdfs/pjr18(2)_finkelsteinreport_tiffen_pp37-40.pdf.

    Google Scholar 

  • Tokunaga, Robert S. 2011 Social networking site or social surveillance site? Understanding the use of interpersonal electronic surveillance in romantic relationships. Computers in Human Behavior 27(2): 705–13. doi:10.1016/j.chb.2010.08.014.

    Google Scholar 

  • Weinberg, Tamar. 2009. An introduction to social media marketing. In The New Community Rules: Marketing on the Social Web, 1st ed., 1–18. O’Reilly Media, Inc.

    Google Scholar 

  • Werbin, Kenneth C. 2012. Auto-biography: On the immanent commodification of personal information. International Review of Information Ethics 17: 46–53. http://www.i-r-i-e.net/inhalt/017/werbin.pdf.

  • Werkers, Evi, Eva Lievens, and Peggy Valcke. 2007. A critical analysis of the right of reply in online media. In Third International Conference on Automated Production of Cross Media Content for Multi-Channel Distribution (AXMEDIS’07), 181–88. IEEE, 2007. doi:10.1109/AXMEDIS.2007.11.

  • Wisniewski, Pamela, Heather Lipford, and David Wilson. 2012. Fighting for My Space. In Proceedings of the 2012 ACM Annual Conference on Human Factors in Computing Systems—CHI ’12, 609. New York, New York, USA: ACM Press, 2012. doi:10.1145/2207676.2207761.

Download references

Author information

Authors and Affiliations

  1. Universidad Politécnica de Madrid, E.T.S.I. Telecomunicación, B-204.1, Av. Complutense 30–Ciudad Universitaria, 28040, Madrid, Spain

    Yod-Samuel Martin

  2. Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, E.T.S.I. Telecomunicación, B-204.1, Av. Complutense 30–Ciudad Universitaria, 28040, Madrid, Spain

    Jose M. del Alamo

Authors
  1. Yod-Samuel Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jose M. del Alamo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yod-Samuel Martin .

Editor information

Editors and Affiliations

  1. Law, Science, Technology and Society (LSTS), Faculty of Law and Criminology, Vrije Universiteit Brussel, Brussels, Belgium

    Serge Gutwirth

  2. Tilburg Institute for Law, Technology, and Society, Tilburg University, Tilburg, The Netherlands

    Ronald Leenes

  3. Law, Science, Technology and Society, Faculty of Law and Criminology, Vrije Universiteit Brussel, Brussels, Belgium

    Paul De Hert

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Science+Business Media Dordrecht

About this chapter

Cite this chapter

Martin, YS., del Alamo, J.M. (2016). Forget About Being Forgotten. In: Gutwirth, S., Leenes, R., De Hert, P. (eds) Data Protection on the Move. Law, Governance and Technology Series(), vol 24. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-7376-8_10

Download citation

Publish with us

Policies and ethics

Search

Navigation