Britain is attempting to opt out of a European initiative enabling anyone to delete their personal details from online service providers – a power known as the “right to be forgotten”.
The clash between Brussels and the Ministry of Justice has erupted in the final stages of negotiations over the EU’s General Data Protection Regulation, which aims to rebalance the relationship between the individual and the internet.
The debate reflects growing tensions between freedom of expression and privacy as increasing numbers of people complain that their online reputation is being corroded by outdated, inaccurate or malicious information that cannot be removed. In France, the number of complaints concerning the right to be forgotten rose 42% last year. A Guardian project has unearthed hundreds of cases of people alarmed at the mishandling of their data or personal information.
The UK’s chief objection to the EU move is that unrealistic expectations will be created by the right’s expansive title because the controls proposed will be relatively modest in their impact on the way data spreads, or is traded, across websites.
The right to be forgotten, article 17 of the Data Protection Regulation, has been developed by the EU justice commissioner’s office primarily in response to complaints about the way social media, such as Facebook, retain and handle information. Although the terms of the regulation have not yet been finalised, its current form provides for punitive fines – up to 2% of global turnover – for companies that refuse to comply with requests to erase customers’ personal details.
Viviane Reding, the EU justice commissioner, said: “At present a citizen can request deletion only if [data is] incomplete or incorrect. We want to extend this right to make it stronger in this internet world. The burden of proof shall be on the companies. They will have to show that data is needed.