Tag: GDPR

Right to be forgotten

A convicted German murderer won the right to have all mention of his crime scrubbed from internet search results under 'right to be forgotten' laws (Business Insider)

A convicted murdered in Germany has the right to get all mention of his crime deleted from internet search results under the EU's "right to be forgotten" provision, Germany's highest court has ruled.

The man was sentenced to life in jail in 1982 for murdering two people in 1981, and has tried to get three Der Spiegel news articles naming him as a murderer to be removed from search results since 2009.

A constitutional court in Karlsruhe ruled on November 6 that he has that right, overruling the German federal court which threw out his case in 2012.

LMAO.

Read Full Post

Sunday Paper - Facebook, GDPR and Ireland, Racism, Brazilian Coffee, Mommy Blogging, Public Transportation and Princeton and the New York City Gateway Tunnel Project, New York City Commuter Tax

CC0 by Kevin Mueller on Unsplash
Unexceptional Racism by Drew Downs

At the root of American identity is an impossible paradox. A truth we wish could coexist so much, we would take up arms to defend it.

We want to be exceptional and equal at the same time. But we can’t. It’s impossible.

Sunday Paper is my personal collage of long-form articles, between 1,000 and 20,000 words, that I have saved during the weekend, that I found interesting and which I think require deep slow thinking. I think they are best read on a Sunday morning as a sort of personal Sunday newspaper. The pastor's writing is a…

Read Full Post

Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions

Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions by Eugenia Politou, Efthimios Alepis, Constantinos Patsakis (Oxford Academic, Journal of Cybersecurity, Volume 4, Issue 1, 1 January 2018)

The notion of consent revocation, or withdrawal, has also been brought into light recently, with many to argue for a right to revoke consent and for a more user friendly and personalized consent mechanism [71–72]. Indeed, when individuals’ are given the opportunity to grant consent to the use of their personal information as a primary mean for exercising their autonomy and to protect their privacy, it should be logical to exist a corresponding option to withdraw or revoke that consent, or to make subsequent changes to that consent [73, 18]. The principle of consent withdrawal within the Human Computer Interaction (HCI) context has been studied in many ethical research projects, with Benford et al. in [74] to underline that in many cases it may be difficult to fully withdraw in practice because the issue of balancing consent, withdrawal and privacy is a very demanding managed task. Whitley in [18] argues further that, since the revocation of consent can mean a variety of different things depending on the circumstances and constitutive purposes that the data are being held for, it is helpful to differentiate between revoking “the right to hold” personal data and revoking “the right to use” personal data for particular purposes. Revoking the right to hold might be implemented by marking a particular record as no longer “being live” or may require the deletion of records and, in extreme cases, it might require deleting data from backups and physically grinding the hard disks. In addition, providing auditable, privacy friendly proof of compliance when and how the revocation has been achieved is a challenge both technologically and legally [18]. For instance, the advancements towards privacy-enabled networks and infrastructures puzzles some academics [75] who afraid that the same mechanisms have been put in place to protect the privacy of data (like de-identification) may actually make it very difficult to trace and remove individual derived data in order to allow participants to withdraw completely their consent and be forgotten. In such situations, as Kaye [75] underscores, it may be only possible to prohibit the entry of new information and samples into the system. Apart from these practical difficulties, there are also economic and public-good arguments for disallowing absolute withdrawal. For instance, in the bio-banking field complete withdrawal could lead to the wastage of resources invested in bio-repositories [75–76] whereas the practice of archiving qualitative research data for substantive secondary analysis can be significantly challenged under the revocation mechanism for withdrawing consent [77]. Due to these immense consequences, many academics and legal experts questioning the concept of consent withdrawal.

Read Full Post