RIGHT TO BE FORGOTTEN

Right to be forgotten – good or bad?

Have you ever Binged or Googled for your own name, address or phone number? It’s good to do it now and then, and the result may be shocking. You don’t have to be a celebrity to be mentioned on the net. Most of us occur on the net in quite many places, often a lot more than we imagine.

You can decide how much you reveal to the public in the profiles of your own accounts. But that’s not the full picture. Every time you participate in something under your own name, it may be published on the net, with or without your consent. This kind of publicity is hard to track, and next to impossible to control.

This is what the European court of justice (ECJ) tried to control in a ruling in May 2014. In short, a man from Spain found previously published data to be embarrassing and outdated. The site refused to take down the data and Spanish authorities ruled that there was no legal ground to demand deletion of the lawfully published content. The European court did however rule in favor of him and demanded Google to hide these pages in search results. According to the court, Google has to delete “inadequate, irrelevant or no longer relevant” data from search results.

I’m an advocate of digital privacy and our rights to control our digital footprint. And this is sort of a win for privacy-fighters. But I have mixed feelings about this decision and will not open any sparkling bottles. I think the track that ECJ has entered will turn out to be a dead end.

First of all, trying to create ways to control net content is good. We are dealing with a delicate balance between freedom of speech and peoples’ right to privacy. But most of us probably agree that a net totally without content control isn’t desirable.

But trying to solve this problem with the search engine companies is like creating a giant reality distortion field. The data does not go anywhere even if it’s hidden in Google searches. As a matter of fact, all you have to do is to use a non-European version of Google. And that’s not all. Google is even planning to inform users that items have been hidden from the search result they are viewing. Convenient with a reminder that you should search again with the US version, isn’t it?

Search engines are of great importance for what pages we find and read. But many are probably overestimating this importance now when social media is getting more popular. Nowadays we do not only find our stuff by searching, a significant part is virally spreading links. These links also bypass the reality distortion field totally.

The right to be forgotten is a great principle. But I think it should be restricted to the actual content and not services that help you find it. What we need is a globally working system for content take-down requests. These requests need to be approved by some kind of authority and the system must have built-in safeguards against misuse for censorship. Yes, keep in mind the delicate balance between freedom of speech and privacy. The neutrality of search engines should at the same time be controlled and guaranteed. If something is wrong, let’s fix reality instead of creating a reality distortion field.

Congratulations anyway to Mario Costeja González who won the case against Google. That’s an achievement even if the outcome is questionable. And the funny thing is naturally that you would have no clue who Mario Costeja González is, and that his house had to be sold to pay debts, without this thing called right to be forgotten.

BTW, if your search turned up something you don’t like and you are a European citizen, then you can continue to Googles removal process. We don’t know yet how this will work when the masses start to request removals. The process will probably be an uphill battle, so don’t hold your breath. It will be interesting to see how this develops.

 

Micke

 

Image by stockimages @ freedigitalphotos.net

More posts from this topic

iot

The big things at CES? Drones, privacy and The Internet of Things

F-Secure is back from CES -- where the tech world comes together in Las Vegas to preview some of the latest innovations – some which might change our lives in the coming years, others never to be seen or heard again. Inside the over 200,000 square meter exhibit space, Drones flew, and made a fashion statement; hearing aids got smartphone apps; and 3-D printers printed chocolate. We made a stir of our own with Freedome. Our David Perry reminded the industry professionals that the mobile devices nearly all of them were carrying can do more than connect us. "I want you to stop and think about this," he told RCR Wireless News as he held his smartphone up on the event floor. "This has two cameras on it. It has two microphones. It has GPS. It has my email. It has near-field detectors that can tell not only where I am but who I'm sitting close to. This is a tremendous amount of data. Every place I browse on the internet. What apps I'm running. What credit cards I have. And this phone doesn't take any steps to hide my privacy." In this post-Snowden world, where professionals are suddenly aware of how much their "meta-data" can reveal about them. Privacy also played a big role in the discussion of one the hottest topics of 2015 -- the Internet of Things (IoT). The world where nearly everything that can be plugged in -- from washing machines to light bulbs to toasters -- will be connected to the internet is coming faster than most predicted. Samsung promised every device they make will connect to the net by the end of the decade. If you think your smartphone holds a lot of private data, how about your smarthome? "If people are worried about Facebook and Google storing your data today, wait until you see what is coming with #IoT in next 2-5 years," our Ed Montgomery tweeted during the event's keynote speeches, which included a talk from US Federal Trade Commission Chairwoman Edith Ramirez that tackled privacy issues on the IoT. Newly detected attacks on home routers suggest that the data being collected in our connected appliances could end up as vulnerable to snoops and hackers as our PCs. Some fear that these privacy risks may prevent people from adopting technologies that could eventually save us time, effort and energy. At F-Secure we recognize the promise that IoT and smart homes hold and we’re excited about the coming years. But we also understand the potential threats, risks, and dangers. We feel that our job is to enable our customers to fully enjoy the benefits of IoT and that is why we’re working on new innovations that will help customers to adopt IoT and smart home solutions in a safe and controlled way. It will be an exciting journey and we invite you to learn more about our future IoT solutions in the coming months. We at F-Secure’s IoT team would like to hear from you! Are you ready to jump on the IoT? What would your dream connected home look like? Or have you perhaps already set up your smart home? What are you worried about? How could your smart home turn into a nightmare? Read the rules and post your thoughts below for your chance to win one of our favorite things -- an iPad Air 2 16 GB Wi-Fi. [Image by One Tech News | via Flickr]

Jan 21, 2015
dune_tracks

You’re Being Tracked Wherever You Go – Here’s How to Fight Back From Your PC!

You're searching online for a baby gift for a friend's newborn, and then for a while you're followed by diaper ads on practically every site you visit. Ever notice something like that happening to you? Yes, the web can be an eerie place. Intelligence agencies and criminals aren’t the only people who may be tracking your online behavior - there’s a lot more to your browsing session than meets the eye. Take, for example, this F-Secure Labs study that found that of the 100 most popular URLs in the world, only 15 percent are actually accessed by real people. The other 85 percent are third-party sites that are accessed behind the scenes of your browsing session, by the sites you visit. And over half of these third-party sites are tracking-related. They are helping build up an online profile of you and your browsing habits. Why? So marketers can better target you with ads that meet your interests and preferences - or at least try to, in the case of the diaper ads. How does it work? When you visit a site with ads, you'll be tracked by the marketing company behind the ads on that site. And one marketing company may be working with a huge network of other websites. So whenever you visit another site that also has a relationship with that marketer, the marketer captures more and more data about you and your online behavior. All this data goes into an extensive profile that is being built up about you. If that sounds a little creepy, rest assured that you can regain control of your digital privacy. There’s an easy way to block advertisers from tracking you everywhere you go. Last year we launched F-Secure Freedome to stop tracking on your mobile device (to date, Freedome has already blocked over 900 million tracking attempts globally). And now there's good news - today we're unveiling Freedome for your Windows PC! Freedome for Windows has the same privacy features as the mobile versions, protecting you from trackers and hackers. It's got the same VPN technology to protect your browsing session from snoops while using public Wi-Fi. In addition, it also includes a new Private Search feature that offers tools so you can get your search engine results without the tracking. Since the Snowden revelations, we as consumers have become more and more aware that we may be revealing the most intimate details of our lives through our connected devices. According to a recent study by the Pew Research Center Internet Project, 91% of adults in the survey agree that consumers have lost control over how personal information is collected and used by companies. If you're concerned too, download a free 14-day trial of Freedome for your Windows PC. And let us know what you think!   Banner image courtesy of Filip Goc, flickr.com  

Jan 21, 2015
BY 
David Cameron

Why David Cameron’s comms promise is foolish

British Prime Minister David Cameron has announced that, should the Conservatives win the general election in May, they will ban forms of communications which can’t be accessed by law enforcement if they have a warrant. It appears that messaging apps which use encryption will be banned in the UK. There are a number of reasons why this idea is a flawed knee-jerk reaction to the tragedies which happened in Paris. Here, F-Secure looks into them… Il n’est pas Charlie Each terror attack and paedophile ring which is busted gives the Government an opportunity to introduce laws which curtail the British people’s freedom and privacy. This is not the sentiment which has been shared across the world in the past two weeks, as people stood together against the massacre at Charlie Hebdo’s offices in Paris. Without civil liberties, Charlie Hebdo would not be allowed to exist. Self-censorship would ensue Knowing that your communications could be read by the Government would lead to self-censorship, possibly unconsciously. This could gravely affect activist groups and NGOs whose purpose it is to hold the Government to account. The Universal Declaration of Human Rights Article 12 states: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. If that wasn’t enough, mass surveillance also contravenes Article 8 (the right to respect for private and family life) and Article 10 (the right to freedom of expression) of the European Convention on Human Rights. The European Court of Human Rights has repeatedly stated that surveillance, if conducted without adequate judicial oversight and with no effective safeguards against abuse, will never be compatible with the European Convention. Ultimately, international law does not support Cameron’s intentions. Who will regulate open source encryption services? It is one thing to demand a large company, such as Facebook, abides by the law, but who will they approach for open source standards which have no single owner, such as OpenPGP? How do you regulate peer-to-peer communications app such as FireChat? What about mesh networks? This technology has not been widely adopted yet, but it has been available for some time and is bound to gain users if Cameron’s plans go ahead. Already used in Barcelona, Greece and Baghdad, mesh networks wirelessly connect computers and mobile devices to each other without the need for a service provider (such as an ISP). With this direct form of communication, there is no one to serve a warrant to. It can’t be monitored It is still unclear how Cameron expects to implement a ban. How will he stop people downloading software from outside Britain? Will resources (which could be spent on, say, targeted surveillance of people on the Government’s watch lists) then be spent on policing innocent people using encrypted communications? The British economy would suffer Start-ups wanting or needing to use end-to-end encryption are likely to avoid Britain as a base, taking their taxes and jobs with them. The Government would suffer The Government uses encryption for communications too. Will it be one rule for them and a different one for businesses and the public? It would wipe Britain off the technology map Take any number of services which could be affected by this law – WhatsApp and iMessage probably being the most widely used. These are not British companies bound by British laws. As such, are they likely to re-write their privacy source code or will they simply pull out of the market? When a new technology is launched, Britain is usually one of the test-beds before global roll-outs. Making Britain unviable for such programmes would see it fall behind its western competitors, bringing all the economic woes attached to it. So much for Cameron’s ‘Digital Britain’. It puts Britain in bad company Cameron is not the first to try this. He would be following Russia, Syria and Iran. All of whom have struggled to implement it. A warrant from the Home Secretary won’t help with end-to-end encryption It appears that Cameron is unaware that, with end-to-end encryption, the users hold the encryption keys, not the service provider. Turning up at, for example, the WhatsApp offices with a warrant for access to a specific user’s communications would be pointless. WhatsApp don’t hold the encryption keys, so wouldn’t be able to provide the unencrypted data. Did Cameron really mean what he said? The Prime Minister is not a technology expert, neither is his speech writer. Did this cause confusion? It is possible that Cameron’s intent is to make anonymity-enabling encryption abnormal, so that those using it are suspicious? It gives the authorities a tip on who to be watching. If we all use encrypted communications, they don’t have this advantage, so they would prefer it remained in fringe technology. Will it even happen? The plan has been called everything from ‘crazy’ to ‘cloud cuckoo land’ by security experts who understand the complexity of what Cameron intends. There is every chance that a ban on encrypted communications will not happen. However, the Government has shown its intentions. Not content with the mass surveillance being conducted by GCHQ (with no judicial oversight), they have also introduced the Regulation of Investigatory Powers Act (RIPA) and the Communications Data Bill. The message is clear, the British Government wants to unilaterally invade the British people’s privacy. Britain as a surveillance state is becoming a reality.

Jan 20, 2015