Purpose
This paper, through examining the judgment on Case C-131/12 and the European Union (EU)’s Proposal for a General Data Protection Regulation, aims to demonstrate to the records management (RM) profession, the importance of being proactively involved in records creation identification and the challenges of performing sound retention analyses for newly emerging activities. It also serves as a call to the RM profession that more active participation in law-making processes is needed.
Design/methodology/approach
The research selects the current right to be forgotten phenomenon as an illuminating case and examines it with fundamental RM concepts and principles, in particular those relating to records creation and retention. The research process consists of three major parts: one, the establishment of an analytical framework based on RM theories; two, description of the selected case that is relevant to the analysis; and three, the application of the analytical framework to the described case.
Findings
Records retentions are much needed for the activities of data controllers that are now established by the most recent Judgment of the European Court of Justice pertinent to the right to be forgotten and the proposed General Data Protection Regulation. The determination of retention periods for such activities requires an RM framework that synthesizes the identification of digital records and the various types of value associated with the different usages of records. It is also observed that the data protection legal framework does not address RM considerations, or at least, not in any explicit, easily recognizable manners.
Research limitations/implications
Records retentions are much needed for the activities of data controllers and/or processors that are now required by the Judgment of the European Court of Justice and the proposed EU General Data Protection Regulation, yet the legal framework does not offer any assistance in establishing retentions. It is also observed that the data protection legal framework fully acknowledges the importance of records but fails to address RM considerations – at least, not in any explicit, easily recognizable manners.
Practical implications
The findings are expected to be instructive to data controllers and/or processors, in particular with respect to records creation identification and records retention establishment in their organizations. It is also expected that the observations generated during the analysis process could shed light on the development of the RM profession.
Social implications
The right to be forgotten in the digital world has newly acquired complications, and it has the potential to affect not just the privacy right but also the rights considered conflicting to it, such as the rights of freedom of press and freedom of expression/speech. Efficient and effective RM programs should be able to assist their parent organizations in dealing with this complicated situation through creating and managing records that support the compliance of regulatory requirements on the one hand and the balancing of competing rights on the other hand.
Originality/value
The research appears to be the first of its kind according to the literature search conducted within the accessibility scope of the researcher.
The Right to Be Forgotten: A Controversial Topic Under the General Data Protection Regulation
