Last month the European Commission proposed adding a new “right to be forgotten” to privacy law. This deceptively simple idea is a ticking time-bomb in the booming internet economy. It is also essential – both for Europeans and Americans – to protect personal privacy in the age of pervasive social media and cloud computing.
The stakes are huge. Two weeks ago Facebook announced an initial public offering that could value the company at up to $100bn. Facebook is worth so much because of the data it holds on its 845m users. Yet it succeeds only to the extent it can monetise the data. If a sizeable fraction of users could easily compel Facebook to delete all their personal data, the company’s value would be lower.
Google’s new privacy policy, released last month, points even more firmly to the need for a right to be forgotten. The new policy is clear: it explains Google’s practices of maintaining digital files on its users indefinitely; of identifying its users across all its services; and of integrating this data across all Google’s digital services – search, Gmail, Picasa, YouTube, Earth, Voice, Android, Chrome, Wallet, etc.