30 Pages Posted: 19 Mar 2012 Last revised: 27 May 2014
Date Written: November 20, 2012
Information posted to the Internet is never truly forgotten. While permanently available data offers significant social benefits, it also carries substantial risks to a data subject if personal information is used out of context or in ways that are harmful to the subject’s reputation. The potential for harm is especially dire when personal information is disclosed without a subject’s consent. In response to these risks, European policymakers have proposed legislation recognizing a “right to be forgotten.” This right would provide persons in European Union countries with a legal mechanism to compel the removal of their personal data from online databases.
However, only a limited form of the right to be forgotten — a right to delete data that a user has personally submitted — would be compatible with U.S. constitutional law. By itself, this limited right is insufficient to address the myriad privacy issues raised by networked technologies, but it is nevertheless an essential component of a properly balanced regulatory portfolio, as existing privacy tort law is inadequate in this context. As such, this Note argues that Congress should recognize this limited right through adoption of a default contract rule where an implied covenant to delete user-submitted data upon request is read into website terms of service contracts.
Keywords: free speech, privacy, First Amendment, constitution, right to be forgotten, European Union, European Commission, Facebook, social networking, Internet, social media, web browsing, website, computer, security, torts, intellectual property
JEL Classification: K11, K12, K13, O33, O34
Suggested Citation: Suggested Citation
Walker, Robert Kirk, The Right to be Forgotten (November 20, 2012). 64 Hastings Law Journal 257, December 2012. Available at SSRN: https://ssrn.com/abstract=2017967 or http://dx.doi.org/10.2139/ssrn.2017967
By Franz Werro
By Jef Ausloos
By Laura Lagone