You may have heard of the term ‘Right to Be Forgotten’ or you’ve probably never heard about it before. Either way, this article will help you unravel all the mysteries that lie beyond the phrase as it meaning, importance, how it works, how it does affect the blockchain system, and how Algorand proposes a long-lasting approach to it.
The phrase ‘right to be forgotten’ also means right to erasure which simply means that it is the right that an individual has to ask an organization, a company, a firm, an internet site or any entity at all that has to with the collection of personal data of different individuals i.e. in layman terms the right to delete my data from your database.
This is the type of right that empowers you to go to google and say, I want all my records in your database to be removed completely. You get the picture now.
People can ask for their data to be deleted if they feel that their data are being taken advantage of by the holder or if they feel like it isn’t necessary anymore. Also, people ask for data erasure if there are significant errors about them. There are so many reasons why data erasure rights can be exercised. Ever heard a phrase; for every free service, the users are the products. The reality is that a lot of tech companies exploit the data of their users in exchange for commercializing the data for potential ad publishers. However, that is not the focus of this article.
In Europe and some other countries around the world, different policies around the world that guide data privacy and protection. The General Data Protection Regulation acts as a guide in which data collection and privacy work in Europe; the GDPR dictates the collection, processing, and erasing of data. Although, it wasn’t until 2014 that the ‘Right to Be Forgotten’ gained a lot of attention and a European Union Court of Justice set the precedents for the right to be forgotten that’s presently contained in the General Data Protection Regulation in article 17.
The meaning and primary essence of the Right to erasure of course doesn’t necessarily mean that individuals can just ask for their private records to be erased anytime and the companies would be automatically compelled to do so. In the Data Protection Regulation, there are some terms and conditions that make sure that this right isn’t been taken advantage of. Otherwise, humans will always want to re-write their history.
The 65th and 66th recitals in the article 17 of the General Data Protection Regulation clearly state that ‘’The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay”. The concise truth in this is that a person can request for his or her data to be deleted by the person controlling such data with undue delay. Although undue delay usually takes about 1 month for the data holder to delete such data, in short, there is one month of grace. It is also very important that such a person asking for such data or records to be deleted must be the real owner; necessary verifications must be done to ensure that identity is true and not false represented.
This right can only be exercised if the data is no longer necessary or if an organization legally needs the permission of the data owner before the data can be processed. It can also be exercised if the organization is using such data for marketing purposes and the data owner has contrary opinions as regards or if such data is processed unlawfully. The reasons are clearly stated in Article 17 of the General Data Protection Regulation.
Although there are so many bases for the right of erasure to be pursued, it is also important to note that the General Data Protection Regulation (article 17) also points out the conditions that void this right. The right to erasure can be overridden if the data is being used to express freedom right, has legal backing, or is being used for public interest or public health purposes. The right of erasure can further be overridden if the data is being used for legal, historical, statistical, or research purposes.
It is pertinent to note that the right to be forgotten doesn’t apply to non-personal data, for instance, prices and costs of commodities cannot be asked to erase. If you buy a car for $5000 and it was recorded by such a company, of course, you cannot ask for that to be deleted. Some other scenarios that show that the right cannot be exercised, in cases of mortgage and insurance.
The purpose of blockchain is to enable the recording and dissemination of digital information, but not editing. Blocks store transaction details such as the date, time; blocks also store information about people that engage in the transactions, however, instead of real names users’ details are more like keys (actually random numbers that you can’t even imagine). Blockchains are open public ledger that is visible to everyone although such information cannot be altered.
Unlike other information tech systems such as Google, Facebook, Twitter, etc. that have a database of people’s data and information and handle requests (either approve or disapprove them) quite easily, Blockchains protocols do not work like that. The truth is that trying to remove a piece of the blockchain data can render the whole system useless and who in the world is in charge of deleting data as blockchain is made of different variety of users.
Meanwhile, a trusted party can be empowered with the responsibility of carrying out such data such as editing data if blockchain can be centralized; it is however unfortunate that transparency and decentralization are the core foundations of blockchain security and trust.
Of course, there are different generations and set of blockchain protocols. Each with its pros and cons, it is the only amazing to notice that there is a Balance Based Blockchain that seems to solve this problem of complying with European Union General Data Protection Regulation and at the same time, ensuring a decentralized blockchain system characterized with a balance of transparency and security.
One of the most beautiful features of the Algorand protocol is that there are two categories of participants. The consensus users that generate and validate new blocks and transactions respectively, and the information service providers that make sure that new users can access already generated blocks. The technique applied in Algorand is the separation of erasable and non-erasable data and guarantees the post-erasure of any block by separately storing, although never erasing the hash of any erasable data. In layman terms, the traditional structure of blocks and transactions are being modified.
This is a whole new game changer to both finance and the crypto world-at-large. European regulations are met and the integrity of the blockchain is preserved. Algorand continues to bring up innovative ways to solve real-life problems.