GDPR...aargh! Right to be Forgotten #3
The General Data Protection Regulation is being covered a lot in the media. Much of it from a marketing, security perspective. Little of it considers the empowered opportunities for consumer endings. Which is what I want to share with you here.
GDPR is good for consumer endings. It pushes the consumer and the provider to acknowledge that things should end - even your data. And if you get that far. Designing and developing how people delete their data is not far behind.
This article looks at the context of GDPR and creating consumer off-boarding experiences. In previous articles I have considered other areas of the off-boarding experience - Data mobility and Consent removal. This time its the Right to be Forgotten. Which “entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.” If you operate a business with European citizens data, they have a right to have their data deleted.
Delete denial
By design the internet doesn't delete. It has a nuclear bomb proof memory, via its origins as the ‘Internetting project’ from the US Army, in 1973. Which aimed to avoid data loss in the event of a nuclear attack. The result is a memory that is absolute, infinite and sharable.
Blockchain has similar security ambitions, though alternative purposes. The ledger security system, keeps track of changes of cryptocurrency bitcoin. New transactions create a 'block' which are then added to a 'chain' of blocks, then shared across users in the decentralised system. Any transactions is immediately seen. Blockchain's, often lauded, capabilities recognise changes but can't delete knowledge. This challenges the Right to be Forgotten aspect of GDPR.
Beyond the issues of physical robustness and security is the prejudice in operating a digital interface. Most funnel the consumer to create and share content. Options to remove items often requires specific action outside of the same interface experience. A clear bias between on-boarding of data and balance to off-board.
This is not to suggest that a conspiracy exists within this bias. Many companies are aware of the internets permanence. Knowing only to well how difficult it is to delete anything that has been placed online. Consumers blindly acknowledge this through the impenetrable spectre of Terms and Conditions.
Many of us are being pushed with a tidal wave of email, to revisit these T&Cs as providers fumble to deal with GDPR. A situation that reflects the lack in humanising these legal agreements earlier. Consumers exhausted of spam are now overlooking emails about GDPR that if not dealt with will kill the service dead. A dark irony in the bias consumer lifecycle we have created.
Together these cultural, operational and physical forces conspire against accessible endings and deletion of data. GDPR and Right to be Forgotten challenges these forces, but also complement a surprising human need.
Humans need to forget is of evolutionary benefit. Viktor Mayer-Schonberger, in his book Delete, outlines the risk of permanent of memory. “By letting our memory of past events fade over time we already have in place a perfectly functioning mechanism that puts these in the temple perspective because biological forgetting is built into a human psychology through the millennium of human evolution. We never had to develop an alternative cognitive ability to correctly evaluate events in our past.”
Definition of delete
Although legal expectation to delete is in place with GDPR, consumer perception of deletion may be harder to deliver. Members and x-members of AshleyMadison.com know only to well, that what goes online, stays online.
The 'affairs and discreet married dating site', allowed customers to fully delete their profile. And asked 19$ for the privilege. But after the site was hacked, it was clear that these profiles were far from deleted. The group that hacked the site, known as The Impact Team, described, to kerbsonsecuirty.com, the data that remained. "Users almost always pay with credit card; their purchase details are not removed as promised, and include a real name and address, which is of course the most important information the users want removed."
To a regular consumer the semantics of endings are disorientating. Deactivating might seem a good level of permeant ending. Freezing the account in time. Deletion would seem pretty permanent to most consumers, but a data security expert might have a different point of view. Purging rarely enters the language of the consumer, yet is probably the only method of permanent deletion. Writing over the data. For a network administrator, managing databases, deletion might be an accurate description of the AshleyMadison accounts. Yet, it probably falls well short of expectations for adulators exposed in the hack.
Perception of ending
Deletion will now become a burden of proof issue for data businesses to make deletions believable. Presenting a tangible end to the data relationship, yet by the nature of it being deleted, having no evidence to show a worried consumer is going to be a difficult issue. Providers can present an interface for a request to delete data. Present a process and confirmation of data being deleted. They cannot provide evidence of a deleted item.
Again, the consumer may well loose out in the experience of a satisfying ending.