Skip to main content

Verifiying you've been forgotten – only the blockchain can do that

(Image credit: Image Credit: Zapp2Photo / Shutterstock)

When the dot-com bubble first started inflating, it was impossible to imagine how ubiquitous constant connectivity could become. Today, of course, nearly everyone has multiple internet connected devices that they access almost constantly throughout the day.   

In many ways, the online world had become a more convenient and, at times, more effective version of the real world. It must be because we are spending a lot of time there, and why not? We seemingly have everything we need. Social media provides social interaction, Amazon and other online stores comprise the modern bazaar, and Reddit is the new daily paper. 

Even our professional lives look different. New economic models like the sharing economy, the gig economy, and the work-from-home generation are all a reflection of the communicative capabilities afforded by modern technology. You don’t even have to be somewhere prominent to be doing something important.

Most people have spent the better part of the last decade participating in these and other services and, as a result, contributing vast amounts of data to the ecosystem. Public posts on Facebook, personalised shopping on Amazon, and an online subscription to the coolest new food delivery service are simple ways that we contribute data to the digital economy. Of course, we have also created meaningful data footprints in a professional capacity as well. As personnel records and computer data are digitised and stored in the cloud, companies also have a sizable digital record of us.  

The nuance of this data creation is hard to fathom. Every click, like, view, share, post, email, and many other actions that we don’t even consider all comprise our digital footprint.

In the last few years, all this data production has significantly increased. Some studies, including those done by tech juggernaut IBM, found that up to 90% of all digital data was produced in the last two years. Unfortunately, protecting that data has proven to be a precarious assignment for too many businesses and organisations. 

When Yahoo Inc completed its sale to Comcast last year, it was revealed that all three billion user accounts had been compromised by a data breach. This was more than they announced, and the totality of the transgression is startling. 

This feeling of inevitability is rightfully leading many people to try and take control of their data. While hasty actions like the #DeleteFacebook are unlikely to improve personal security, there are things that people can do to regain control of their information.

One of the most obvious and most frequently overlooked options is requesting to be forgotten.   

Request to be Forgotten   

A request to be forgotten is frequently invoked when an individual has an unfortunate or ill-advised episode from their past available for reference on the internet. This is certainly a noble issue, but a person’s right to be forgotten can extend far beyond just erasing an embarrassing story.

Most people can probably think of many online services that they no longer use or want. Although the user hasn’t accessed an account for months or years, it remains active, and its data is as vulnerable as someone who uses the service every day.

Since 2014, Google has received well over 500,000 requests to be have information removed from its search results, but they shouldn’t be the only company responsible for this. Others can delete our data too. Submitting a request to be forgotten provides obvious security benefits for users as it can take considerable amounts of personal data out of circulation. With the General Data Protection Regulation, the EU law that enables a person’s right to be forgotten, going into effect next month, many more people should turn to this as a method for containing their data. 

The right to be forgotten also applies to professional relationships as well. Most businesses are required to maintain personnel files with information from background checks, drug testing screens, and other compliance measures. When an employee leaves the industry, they can request that this information is deleted since it is no longer relevant to the company for compliance purpose. 

Similarly, businesses that exchange data could consider a right to be forgotten approach to eradicating irrelevant data transferred during their professional tenure.

It may feel like tying up loose ends, but by requesting to be forgotten individuals, employees, and companies can ensure that they mitigate their exposure to an expansive and inevitable data breach.   

The Difficulty: Certifying Compliance and Maintaining Confidence 

If recent data scandals have taught us anything – and they have  likely taught us too many things – it’s that companies don’t always do what they say they would do. With that in mind, how can people ensure that their requests to be forgotten are honoured, and how can companies ensure that they maintain appropriate records still honouring their customer’s desires? 

The answer is in the blockchain. This disruptive but highly capable technology was first introduced as an accounting mechanism for cryptocurrencies, but it has gone on to establish a strong reputation as an immaculate record keeper of all types of data.       More specifically, it does an incredible job of creating perfect records that are verifiable but also secure. 

Although changing information on the blockchain nearly impossible, the blockchain can serve as a third-party regulator for data deletion, and it can provide those records in a protected but transparent way. The blockchain can serve as the official in this wild game of data collection and deletion that we are all playing. 

For businesses, by proof chaining employee information on the blockchain, companies can allow their employees to control their own identity permissioning while also having a detailed record of compliance should they need to demonstrate an employee’s credentials somewhere down the road. This puts the responsibility and the opportunity in the employee’s hands, and it creates an auditable record for the company. It’s a win-win that protects individuals and secures companies. 

The Blockchain Now   

Discussions over personal data protection are at a fever pitch right now. As new scandals continue to mount, consumers can enhance their awareness of the opportunities available to them to retake control of their data. By exercising their right to be forgotten, individuals can minimise their exposure, and the blockchain can help companies and individuals feel confident in data’s deletion.

It’s just one of many tools in the chest, but it’s a pretty important one right now.

Adrian Clarke, Founder of Evident Proof (opens in new tab)  

Image Credit: Zapp2Photo / Shutterstock

Adrian Clarke is a former Microsoft CTO/Innovation director and currently CEO of Berkshire Cloud and founder of tech start-up Evident Proof which uses blockchain technology to bring ‘trusted, distributed consensus’ to supply chain management.