Right to be Forgotten
The Right to be Forgotten Allows Individuals to Delete Personal Data
The Right to be Forgotten (RTBF), aka the right to deletion or erasure, provides individuals the rights for the removal/deletion of their personal and sensitive data from an organization’s systems. Both GDPR and CCPA provide individuals the right for data erasure/deletion. However, these regulations differ in their requirements. Both have exemptions to RTBF primarily if the information is still needed to fulfil a transaction or other critical business and/or operation function.
How Does GDPR Address RTBF?
Article 17 of the GDPR (Right to Erasure, aka Right to be Forgotten) provides specific causes that enable an individual to request information deletion. In summary, if an individual withdraws consent, or if the information no longer has a business purpose, or if the information has been used illegally, then individuals have the right for the company to erase the information.
How Does CCPA Address RTBF?
CCPA also provides the right to delete personal data and in addition, data related to a specific household. And CCPA provides more flexibility for individuals as they can request deletion for any reason.
Here are additional resources to learn more about the RTBF:
- European Commission,”Can I ask a company to delete my personal information?’
- UK Information Commissioner’s Office, Right to Erasure
- Hogan and Lovell, “California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA”
You just learned about the Right to Be Forgotten, now explore related terms like GDPR, CCPA, Consent, Data Subject Rights, Data Subject and Consumer Rights, Data Subject Access Requests, Consent Management, Data Subject Access Request, Personal Data and Privacy Automation.