The Right to be Forgotten
Robert Kirk Walker
University of California Hastings College of the Law
November 20, 2012
64 Hastings Law Journal 257, December 2012
Information posted to the Internet is never truly forgotten. While permanently available data offers significant social benefits, it also carries substantial risks to a data subject if personal information is used out of context or in ways that are harmful to the subject’s reputation. The potential for harm is especially dire when personal information is disclosed without a subject’s consent. In response to these risks, European policymakers have proposed legislation recognizing a “right to be forgotten.” This right would provide persons in European Union countries with a legal mechanism to compel the removal of their personal data from online databases.
However, only a limited form of the right to be forgotten — a right to delete data that a user has personally submitted — would be compatible with U.S. constitutional law. By itself, this limited right is insufficient to address the myriad privacy issues raised by networked technologies, but it is nevertheless an essential component of a properly balanced regulatory portfolio, as existing privacy tort law is inadequate in this context. As such, this Note argues that Congress should recognize this limited right through adoption of a default contract rule where an implied covenant to delete user-submitted data upon request is read into website terms of service contracts.
Number of Pages in PDF File: 30
Keywords: free speech, privacy, First Amendment, constitution, right to be forgotten, European Union, European Commission, Facebook, social networking, Internet, social media, web browsing, website, computer, security, torts, intellectual property
JEL Classification: K11, K12, K13, O33, O34
Date posted: March 19, 2012 ; Last revised: May 27, 2014