Risk
1/30/2012
04:43 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

EU Data Rules Worse Than SOPA?

European Union's proposed "right to be forgotten" data privacy rule threatens free speech and online business, critics argue.

"I am disappointed, but not surprised, to see the EU continue a misguided attack on the information economy," Yakowitz wrote. "The right to be forgotten unequivocally favors the interests of the data subject, no matter how selfishly motivated, over the interests of data controllers and other consumers. Moreover, by making the right of erasure inalienable, the EU prevents its own citizens from participating in a business model that allows consumers to trade their information for stuff they want--convenience, discounts, or content."

In an email, Yakowitz explained that her objection to the rules is that they do not attempt to evaluate and balance competing interests.

Google's global privacy counsel, Peter Fleischer, through his personal blog, also expressed concern about the "right to be forgotten."

"While I strongly believe that people should have the right to complain to third-party websites about information that is published there about them, I am deeply skeptical that the laws should obligate such third parties to delete information on request of data subjects," he wrote. "This raises troubling questions of freedom of expression."

How much control should people have over the data shadows they cast online? And how much control should companies have? Or governments?

Fleischer says there should be more public debate about what the "right to be forgotten" means and about how it applies to search engines that index public information. Giving people too much power to control information about them online would make privacy rights trump the right to free expression, he argues, and would turn third-party Web services like Google into de facto censors.

Yakowitz suggests that tech companies form a protest movement similar to that which derailed SOPA and PIPA, to make sure the draft data rules get changed prior to a final vote. She proposes that Google block every search result involving anyone with first name "John," that Internet retailers stop accepting cookies (which would prevent any e-commerce), and that publishers double the number of ads on their Web pages to compensate for revenue lost to data starvation.

Find out how to create and implement a security program that will defend against malicious and inadvertent internal incidents and satisfy government and industry mandates in our Compliance From The Inside Out report. (Free registration required.)

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Tony A
50%
50%
Tony A,
User Rank: Apprentice
1/31/2012 | 9:01:50 PM
re: EU Data Rules Worse Than SOPA?
Nowhere in this article do I see any hint of an argument for why the "right to be forgotten" would conflict with freedom of expression. It conflicts with the self-interest of ISP's, search and social networking sites to utilize your content for their profit. These companies have lots of ways of making money without mining my posts for monetary gain. They also benefit from the general carelessness with which people offer and leave personal information online, which wouldn't change even if the EC law is enacted. They benefit from people's laziness in utilizing opt-out privileges. They benefit from court rulings that give them access to data that does no more than briefly pass through a server on the way to another desitnation. They have no inalienable right to any of this. If they want to provide a service and reap some ancillary benefit from it, fine, but their ability to do this does not give then any valid claim to the use of a post. Online content posted by users of a service should be protected by international copyright like every other original creation. That means that basically the only uses of it that can be made without my explicit permission are under the "fair use" convention, e.g., to quote it or use it for educational purposes. The right to profit from it does not exist. Go, EU!
Bprince
50%
50%
Bprince,
User Rank: Ninja
1/31/2012 | 5:36:07 PM
re: EU Data Rules Worse Than SOPA?
There is a chance this proposal will be altered somewhat as it goes through the legislative process. More comparing the rules to SOPA from Time:
http://techland.time.com/2012/...
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.