Who owns the right to be forgotten?In the era of big data and rapid development of cloud service, a right to be forgotten has long been a controversial issue. It focuses primarily on the strengthening of individuals’ rights through the extension of self-control over their personal information, and it was first passed by the European Union’s General Data Protection Regulation in 2014. Whether to legalize the right to be forgotten or not has also been discussed for a long time in Korea.
Naver, one of Korea’s search portals, has decided to adopt the “right to be forgotten” for its Q&A search service, called “Knowledge Search,” allowing users to remove their online questions. Google has also decided to follow the guidance on “the right to be forgotten” after the official announcement by Naver.
The first guidance on the right to be forgotten in Korea is only limited to control over data that the individual personally created. However, the thing that needs to be discussed further is control over information collected or retrieved by third parties, because most posts or affairs regarding invasion of privacy are made by third parties, including constant private information leaks and voice phishing.
But just because the right to be forgotten in Korea needs to be extended to control over information addressed by third parties does not mean all of those cases might be able to have reasonable authority to exercise the legal right in order to protect themselves.
For instance, in Japan, a man filed a case against Google demanding the removal of three-year-old news reports on his arrest in connection with child prostitution and pornography. And as a result, arrest records of the man no longer appear in Google search results.
Even though the Japanese high court acknowledged his right to be forgotten, lots of people argue against the decision, insisting that the public’s right to know is overlooked. Then, to what extent is the “right to be forgotten” guaranteed for privacy protection?
It is important to balance the right to be forgotten and the public’s right to know, which means that privacy protection needs to be exercised on the appropriate level of securing the public’s right to know. If there is no clear set of reasonable criteria, conflict between privacy protection and the public’s right to know may arise over time, especially in a case like Japan’s.
Control over information regarding the intervention of third parties is a significant issue that needs to be carefully discussed and legislated.
But it is far more important to make it aligned with valid criteria that help prevent possible abuse of the legal right. Only a clear set of criteria that is reasonable and acceptable can lead to desirable implementation.
*A 4th-year student majoring in English Linguistics