Forgetting, Non-Forgetting and Quasi-Forgetting in Social Networking: Canadian Policy and Corporate Practice
Colin Bennett
University of Victoria
Adam Molnar
University of Victoria, Department of Political Science
Christopher A. Parsons
University of Victoria – Political Science
January 28, 2013
Abstract:
In this paper we analyze some of the practical realities around deleting personal data on social networks with respect to the Canadian regime of privacy protection. We first discuss the extent to which Canadian privacy law imposes access, deletion, and retention requirements on data brokers. After this discussion we turn to corporate organizational practices. Our analyses of social networking sites’ privacy policies reveal how poorly companies recognize the right to have one’s personal information deleted in their existing privacy commitments and practices. Next, we turn to Law Enforcement Authorities (LEAs) and how their practices challenge the deletion requirements because of LEAs’ own capture, processing, and retention of social networking information. We conclude by identifying lessons from the Canadian experience and raising them against the intense transatlantic struggle over the scope of the deletion of data stored in cloud-based computing infrastructures.
You can download the full article from SSRN.