GDPR: what is the right to be forgotten
Since when the GDPR has been issued, it is increasingly common to hear about the right to be forgotten or to erasure. What is it specifically about?
The right to be forgotten consists in ensuring the non-dissemination of records or data that may be harmful to the honour of an individual, especially when there is not any particular reason behind such dissemination (e.g. news).
In other words, it is a right that protects people against the publication of news including information in relation to past events or elements that may create detriment to the reputation and dignity of a person. It may be considered as an extension of the right to confidentiality.
The right to be forgotten contrasts with the public interest of information. Therefore, a fundamental prerequisite for the application of the protection is that is that the information has lost its usefulness for the public interest.
Another requirement to evoke the protection is that the events must be dated back in time.
The right to be forgotten is ruled by Articles 17, 21 and 22 of the General Data Protection Regulation.
In particular, it establishes the right of individuals to obtain, from the data controller, the deletion of their personal data, upon request. For example, it may be requested the removal of personal data resulting from the Google search engine.
However, Article 17 states that the request must be justified, and it may be rejected if it is not. Furthermore, it should always be borne in mind that the data controller may resume data collection in the event that the general public interest returns to prevail.
In Italy, the right to be forgotten is enforced by the Guarantor for the protection of personal data, which has to assess the nature of the data to be removed and the existence of public interest.
Our Data Protection specialists will be more than happy to assist you. For further information please contact us or leave your contact details in the Contact Form and you will be contacted within 24 hours.