Just days after U.S. voters threw overboard one of their top privacy advocates in Congress, the European Commission announced Thursday that it will push for creation of a Web users' "right to be forgotten."
The commission, which is the executive body of the European Union, plans to update 15-year-old laws governing collection and use of consumer information to reflect the age of Google and Facebook. Changes could come early next year.
"Strengthening individuals' rights so that the collection and use of personal data is limited to the minimum necessary," the commission said in a statement. "Individuals should also be clearly informed in a transparent way on how, why, by whom, and for how long their data is collected and used. People should be able to give their informed consent to the processing of their personal data, for example when surfing online, and should have the 'right to be forgotten' when their data is no longer needed or they want their data to be deleted."
Word comes as U.S. privacy advocates digest news that Rep. Rick Boucher, D-Va., who last year introduced sweeping federal privacy legislation, lost his campaign for re-election on Tuesday night.
"I think that the demise of Boucher really is a setback to national privacy legislation," said U.S. privacy expert Larry Ponemon, head of The Ponemon Institute, which conducts privacy audits for U.S. firms. "I don't see anyone else pursuing this agenda in the next few years."
Privacy laws in Europe have always been stronger than U.S. protections, as the right to personal information safety is explicitly recognized as a fundamental human right by the EU. Each EU member has a privacy commissioner or similar cabinet-level official who represents consumers' privacy rights. But the EU is in the process of revamping its rules, pledging to unveil an update to its 1995 Data Protection Directive by early next year. Thursday's statement invited comments from consumers and industry.
"The protection of personal data is a fundamental right," said Vice President Viviane Reding, EU Commissioner for Justice, Fundamental Rights and Citizenship. "To guarantee this right, we need clear and consistent data protection rules. We also need to bring our laws up to date with the challenges raised by new technologies and globalization."
A similar movement is afoot in the U.S., as privacy advocates have finally settled on a simple notion that makes sense: a "Do-Not-Track" list, that borrows its notion from the wildly popular "Do Not Call" list. Federal Trade Commission Chairman Jon Leibowitz recently made public comments saying the agency is "thinking about" the idea. Meanwhile, Rep. Bobby Rush, D-Ill., plans to hold hearings soon about his privacy related "Best Practices Act," and has said he would consider adding a "Do Not Track" provision.
Of course, in both the EU and US efforts, the devil will be in the details. But it's important that fuzzy notions about privacy are coalescing around easy-to-understand concepts like a right to be forgotten and a right to not be tracked.