Blockchain has become pervasive in all segments and its impact is being felt across the industries. The effective date of the EU’s General Data Protection Regulation (GDPR) is fast approaching (May 25 th, 2018) and efforts are being made globally to comply with it.
The right to be forgotten (Right to Erasure) is a concept where individuals can choose to remove personal data about him or her, from the website or database, if it is irrelevant, redundant or excessive. It has evolved from the case of Google Spain. v Mario Costeja Gonzalez wherein Costeja Gonzalez filed a complaint against a daily newspaper, La Vanguardia and Google Spain to remove the article about his real-estate auction in recovery of social security debts. The court identifying the fundamental right of subjects held that the information in question no longer be made available to the general public on account of its inclusion in such a list of results, those rights override, as a rule, not only the economic interest of the operator of the search engine but also the interest of the general public in having access to that information upon a search relating to the data subject’s name.
Article 17 of the GDPR states that data subjects have the right to have their personal data removed from the systems of controllers and processors under a number of circumstances. Its compliance is a daunting task, and to add to the complexity, there are many cases where conflicting regulations will prevent the processor from complying with the request. GDPR also requires “data portability” whereby companies must give the customers a copy of their personal data to take with them upon request.