Let’s start with proof that the information has been deleted. Has it been deleted from the main site plus any failover/backup sites? How about from backup and archive tapes? It’s hard to prove a negative, but if it turns out they haven’t deleted all instances of the data, will damages be liable?
Moving on to search engines, web crawlers and caching, let’s suppose you decide to delete an account from a particular website and they do indeed delete all the copies of the data they have. What about the search engines which have scraped the information and put it into their databases and caches?
How many times have you used a search engine and found a broken link, but the cache still has the contents. And what if a friend has a copy of the information on his or her web page?
Once the information is freely available on the web, someone somewhere will have a copy and that won’t be under your control, not least because you won’t know where to look.
Finally, what are the checks that the person requesting to have the information removed is really you or someone acting on your behalf? What would happen if it wasn’t you that had requested the removal?
Identity and control over ‘your’ personal information is one of the biggest challenges the Internet faces and the issues continue to grow. Watch this space for some upcoming work from The Jericho Forum which will help both individuals and organisations with this in the future.
All in all, the good old advice of ‘the internet never forgets so don’t post ANYTHING you don’t want to remain out there FOREVER’ remains true.
Guy Bunker, Jericho Forum board member