CBR talked with Chris Mathews, CTO at SysMech about the European Commission’s proposal to give consumers the right to be forgotten online and how it will affect any company that deals with data.
The European Commission’s proposal to allow internet users to have the ‘right to be forgotten’ has caused a stir in the data community with companies like Google and Facebook aggresively lobbying the European Parliament about the Commission’s proposal.
Internet users would have the choice to become "invisible" online and erase their digital footprint. However, the use of personal data is used across numerous industries and could shake up the way businesses in Europe operate.
How would the legislation affect industries that operate in data?
By data I assume it means ‘personally identifiable’ data, since some of the data is already anonymous – Some possibly initially, but in the long run no, since it is such a major part of everyday life when people agree to use the likes of reward schemes (Tesco, Avios, etc). Why do you think they do it? There is no such thing as a free lunch. In addition, even if such anonymisation of the individual occurs there is still a lot of valuable information that can be ascertained that the industry wont plummet. Finally, there are some areas where the individual may benefit if they agree to release personal information, such as fraud and security, location based services etc. One example is the UK flood prevention scheme whereby flood alerts are generated automatically to home owners and businesses alike should they wish to opt in.
Do you think the proposal is feasible?
There are already ‘data protection’ laws in place, so what we are really talking about here is social media data which if anyone who has used them will know (if they spend the time to read the T’s & C’s before agreeing to them – which very few do!) anything you make public can become public eventually. This is coupled with the analysis techniques that now allow companies and organisations to mine and correlate information from many different data sources to give a comprehensive view on an individual, their lifestyle, habits etc, in near real time.
Technically yes it would be feasible in the long run, but existing data stores would be a problem and policing it all would be a huge issue – cost and resources wise. There will need to be buy in from the organisations concerned and as a consequence the proposals must be well thought out so there is an operational framework that is viable and enforceable.
If the law comes into effect what would businesses need to do?
Update their existing T’s and C’s to confirm the agreement of customers to allow them to use their data in the way they want to, and for those who refuse there would have to be an agreement not to use their data. Plenty of test cases will come up in law I am sure, but basically they will say, ‘we just have to trust them’, but they will still need to demonstrate that they can truly anonymise their use of data so an individual cannot be identified.
So would making consumers feel more comfortable sharing their data be the key to dealing with the law?
For some yes, but the cynical masses amongst us will never believe it is actually happening the way it is intended, and a great deal of money and effort will be spent on trying to prove its worth – Now there’s an idea for a product! As part of this there is an "education" consideration, so customers can see the potential benefits of releasing personal information.
Also, I’d like to add that as far as I am aware this is a B2C option and shouldn’t impact B2B businesses as much. Although B2B organisations are affected by the cookie law, which allows individuals to partially opt out by disabling cookies or by not using the web – there are a number of inactive Facebook accounts these days. Where there is real value in big data, it can help both the buyer and seller.