The right to oblivion is a kind of guarantee which provides for the non spreadability, without special reasons, the precedents that undermine the honor of a person. It is the right not to be remembered for more facts that in the past were the subject of the news, unless where these current come back and give rise to a new public interest information.
This means that anyone can apply to network operators (Google, Wikipedia, newspapers, etc) to remove search results damaging to its reputation, although in the fields and in ways well-defined application. Both the European Court and the Supreme Court have established a number of judgments that the right to information must prevail over the right to oblivion. A legal principle which is also now has its own rules in GDPR (General Data Protection Regulation), the new European regulations on privacy which will become fully effective from next May 25.
“The EU Regulation 2016/679, also known as GDPR, is a real revolution for the privacy practices, and reforms are necessary with regard to personal data protection – says the lawyer Giovanni Briola, among the speakers at a recent meeting on the topic – the intervention of the European legislator has the main objective of a more uniform a subject that for years has been characterized by fragmented asymmetries and regulations of individual Member States. ‘
One of the main changes introduced by GDPR regards the provision of a personal data protection system since its design, through the respect of the principle of Privacy by design.
The legislation provides that the data controller is to take all appropriate technical and organizational measures from the beginning of its activity, ensuring the protection and respect of rights and freedoms.
“And just the owner and the possible charge of the treatment – says the lawyer Briola – become key figures in the new rules on privacy, being identified as the main subject referenced the concept of accountability or responsibility. This principle is now provided that the holder of the treatment accrue a number of decisions for the guarantee and protection of the person concerned to the processing, including decisions on appropriate security measures and not just minimum, for the protection of personal data ‘.
The GDPR also introduces a new subject in the organization privacy: the DPO.
The task of the Data Protection Officer (DPO) is to assist the owner and manager of the treatment and advise them in their choices in terms of protection of personal data.
The DPO, however, is also the connection point between the company and the outside world, interfacing with the Privacy and stakeholders to the processing of personal data, as it can ensure the correct application of the legislation.
Finally, they deserve a special place as the rights, which the European legislator has devoted a special section in GDPR.
“Of all point out precisely the right to be forgotten – said the lawyer – that after a first recognition of the nature of case law in 2014, receives a legislative formalization through a separate article of GDPR and the portability that allows the person concerned to get their personal information in a structured format and arranging for them to freely choose those who provide it. “
The legislation, although full compliance to be achieved, is presented as an opportunity to lay the foundations for the development and growth of the digital market, turning its eyes for the first time ever not only in the legal world, but also to reality economic and social.