UK calls for opt-out of online right to be forgotten

The UK wants to opt out of the right to be forgotten, enshrined in proposed data privacy regulations for the European Union

The UK wants to opt out of the right to be forgotten, enshrined in proposed data privacy regulations for the European Union.

If enforced, new European privacy legislation would force web companies like Facebook, Google and Twitter to delete users' personal details upon request.

The initiative stems from increased concern by European citizens that their online reputation is being harmed by inaccurate information held by websites that cannot be removed.

EU Justice Commissioner, Viviane Reding has championed the right to be forgotten as a modest expansion of existing data privacy rights.

Critics, however, have said that it could in fact represent the biggest threat to free speech on the internet in the coming decade.

Specifically, the UK government believes it will create unrealistic expectations as the controls proposed have a relatively modest impact on the way data is used across websites, according to the Telegraph.

For this reason, the Ministry of Justice said the UK does not support the right to be forgotten as proposed by the European Commission (EC).

The new regulation is aimed at harmonising rules across the EU’s 27 member states and Reding has argued that having a separate rule for the UK will mean separate layers of complication, the paper said.

“Britain is meant to oppose red tape; here Britain wants a supplementary layer of red tape. It's crazy. The UK wants 27 rules – one for each country," she told The Guardian.

The paper said that in a letter to UK justice secretary Chris Grayling dated 8 March, Reding wrote: "You raise the possibility of specific rules for SMEs [small and medium-sized enterprises] which operate nationally rather than cross-border.

"I am surprised to learn that it would be the intention of the UK to introduce a new layer of complexity, cost and risk of non-compliance by having one set of obligations for domestic operations and one for cross-border operations."

The UK is lobbying for the changes to be part of a directive, which would give the government more flexibility about how it is adopted.

Reding, however, maintains that the right to be forgotten would "not be absolute" and would be assessed in relation to other rights, such as freedom of expression, retention of medical records or data for tax purposes.

The right will also not apply to journalistic archives, comments on articles or posts by bloggers, who will be exempted on the grounds of freedom of expression. Material posted by private individuals would also remain unaffected.

According to Reding, there is no opt-out. “This is an internal market regulation. It's a decision that will be taken by majority rule,” she said.

The regulation is yet to be finalised, but proposes punitive fines of up to 2% of global turnover for companies that fail to comply with the new rules.

In March, it emerged that a group of EU member states could force the European Commission (EC) to soften proposals for tough new data protection regulations.

At least nine member states, including the UK, are opposed to several proposed measures that could place heavy burdens on data-related companies, including the right to be forgotten.

Some commentators believe the EC will have to compromise because there are enough member states to block the entire data protection reform process if it does not.

In addition to the right to be forgotten, the disaffected member states are unhappy about proposals to require explicit consent from individuals to process their data and require businesses to notify of personal data breaches within 24 hours.

Other concerns include provisions that require all companies to appoint a data protection officer and the difficulties caused by the tough rules for public institutions such as tax authorities.

The proposed EU Data Protection Regulation, which is currently being debated by the European Parliament, is set to be voted on by June.

Read more on Privacy and data protection