The appearance of the digital right to be forgotten is noted in all texts governing the collection and storage of personal data.
The antecedents for this already exist in the French law of 1978, which aims to protect an individual's private life against untimely reminders of his painful past.
This right, if made public, may require the data controller to delete the information and any copies and links pointing to such accessible information from any search engine.
This means that the personal data of the data subject is not distributed. Implicit protection of virtual reputation is currently the subject of several conferences and discussions.
In addition, the right to portability of personal data means that the person can have their data in a form that allows its reuse without the controller's objection.
This provision implicitly gives ownership of personal data to the user.
The proposed regulation also provides for measures in favor of the economic actors of the Web and the commercialization of data:
- Administrative procedures need to be simplified.
- Companies need to establish a stopping point that will be subordinate only to the privacy protection authority of the country where their European headquarters are located.
- It is essential to simplify the rules on international data transfers.
- Where the transfer is guaranteed by binding rules or the Commission's standard contractual provisions, the prior authorization of the competent national authority will be revoked.
In this regard, the objectives are clear. First, it is necessary to prevent Internet giants from collecting personal data in the EU and then evading EU legislation by storing them abroad.
Then adapt regulations to technical developments by providing rules conducive to the activities of economic players on the Web while protecting the privacy of citizens.
The fight against the first problem (data collection without recourse to European legislation) is why the scope of rights and obligations goes beyond European borders.
But paradoxically, the resulting protection is characterized by limited effectiveness in the context of the communication society. Thus, it seems to indicate the victory of communication over the law.
APPLICATION SEQUENCE
Despite the draft European directives and regulations presented at the beginning of the year, it has several criticisms.
The limits of the success of such protection are already shown. Various aspects of the offer do not meet a uniform and high level of data protection requirement.
The first is the fact that the enforcement powers are centered in the country where the company is headquartered in Europe, which does not respect the protection of personal data.
This is the case, for example, with most of the Web giants that have set up their European headquarters there because of the advantageous taxation of the Irish government.
It means that it will process its files, namely the lack of tax harmonization in the area of direct taxation.
The rule of thumb is clear:
In case personal data is processed abroad by companies established in the European market and providing services to the citizens of the Union, the draft directive and regulation text should be applied.
But what if the company offers its services in the European Union without being established in the European Union?
At that time, the desire to expand the scope of texts beyond the borders of Europe has already shown its limitations and ineffectiveness.
In reality, it is not this innovation that involves removing the concept of geographical boundaries when it comes to international data flows to allow the application of the European legal standard.
The European Union has established a similar system still in effect for VAT on international downloads, which has proven to be completely ineffective.
In case of dispute, certain social networks, search engines, dating sites, etc. Service providers located outside the European Union, such as the European Union, will seek refuge in their national jurisdictions due to the regulation of weak or non-existent data.
How to control the activities of companies that have established a personal data haven on European territory without any representation?
Finally, the draft regulation also acknowledges:
- There is a digital right to be forgotten, which forces social networks to delete personal data, photos or others of users who request it.
- They are allowed to manage their own data by allowing them to transfer their data from one system to another.
- The right to portability of personal data remains the owner of the personal data and, as a result, they already retain control of the data.
Dr.Yaşam Ayavefe
Yorum Yazın