The right to deletion: Identity, memory, and surveillance capitalism

• Citation: (2022) 33 Stell LR 460
• Date: 27 October 2022
• Published date: 27 October 2022
• DOI: https://doi.org/10.47348/SLR/2022/i3a6
• Pages: 460-483

460

https://doi.org/10.47348/SLR/2022/i3a6

THE RIGHT TO DELETION: IDENTITY, MEMORY,

AND SURVEILLANCE CAPITALISM

Yvonne Jooste

LLB LLM LLD

Research Associate, Department of Jurisprudence, University of Pretoria

Abstract

This article considers “the right to deletion” enacted under the Protection

of Personal Information Act 4 of 2013 and uses the right as a lens through

which to contemplate (1) memory, identity, and forgetting in the digital age;

(2) the erosion of the privacies of life and the notion of “home” in the context

of ubiquitous technologies; and (3) a new form of instrumentarian power

created by surveillance capitalist regimes that aims to make individuals into

known and knowable entities for economic ends as well as the implications

of this form of power for the values of dignity, democracy and privacy. It is

suggested that the reclaiming of forgetting is necessary for human growth and

agency and that the reclaiming of “home” is required as a shelter for the

privacies of life, intimacy, and freedom. The argument is also made that the

right to deletion should be understood within the context of the increasing loss

of privacy within societies under techno-capitalist control.

Keywords: Privacy; “forgetting”; surveillance capitalism; the right to

deletion; protection of personal information; “home”

1 Introduction

The Protection of Personal Information Act 4 of 2013 (“POPIA”) aims

to protect the processing of individuals’ personal information and to give

effect to section 14 of the Constitution of the Republic of South Africa, 1996

(the “Constitution”) that guarantees the right to privacy. The Act introduced

certain conditions in establishing minimum requirements for the processing

of personal information, including accountability and openness, and it also

aligned the South African legal framework with international standards on the

rights of data subjects.1

In this article, my interest lies in sections 5(c) and 24 of the POPIA that

provide for the right to request that personal information that is deemed to

be “inaccurate, irrelevant, excessive, out of date, incomplete, misleading or

obtained unlawfully” should be destroyed, deleted, or corrected under certain

1 See the Pream ble to the Protection of Pe rsonal Informa tion Act 4 of 2013 (“POPIA”)

(2022) 33 Stell LR 460

© Juta and Company (Pty) Ltd

https://doi.org/10.47348/SLR/2022/i3a6

circumstances, and as part of the “lawful” processing of information as

described in the Act.2

Broadly, the right to request that personal information should be deleted

(as is provided for in sections 5(c) and 24 of the POPIA) exists in different

jurisdictions and is more commonly referred to as “the right to erasure”,

“the right to be delisted” and “the right to be forgotten” – alluding to legal

instruments that ensure the capacity of individuals to request the delinking,

correction, erasure or constraining of personal information on the internet,

whether misleading, embarrassing, irrelevant or anachronistic.3 The idea of

the right to be forgotten, in particular, came under the spotlight in the case

of Google Spain SL & Google Inc v Agencia Española de Protección de

Datos (AEPD) & Mario Costeja González4 (“Google Spain”). The right to

be forgotten has a long history but my focus here will be on the deletion of

personal information on the internet and more recent legal developments to

protect the rights of data subjects.5

2 S 5(c) and s 24 under Conditio n 8 (Participatio n of Data Subjects) of the POPIA:

“5 A data subje ct has the right t o have his, her or its p ersonal infor mation proc essed in accor dance with

the condition s for the lawful proc essing of personal i nformation as refer red to in Chapter 3, i ncluding

the right—

(c) to req uest, where nec essary, the co rrection , destru ction or deletion of h is, her or its per sonal

informat ion as provided for in ter ms of section 24 …

24(1) A data subject may, in the p rescribed man ner, request a respo nsible party to —

(a) correct or delete pers onal informat ion about the data subje ct in its possession or u nder its control

that is inac cur ate, i rrele vant , excessive , out of dat e, inc omplete , mislea di ng or obta ine d unl awf ully; o r

(b) destroy or delete a rec ord of personal in formation about t he data subject t hat the responsi ble party

is no longer author ised to retain i n terms of section 14

(2) On receipt of a reques t in terms of subsectio n (1) a responsible pa rty must, as soon a s reasonably

practicable—

(a) correct the infor mation;

(b) destroy or delete the infor mation;

(c) provide the data subje ct, to his or her s atisfactio n, with cred ible evidence in s upport of the

information; or

(d) where agreement can not be reached bet ween the responsi ble party and th e data subject, an d if the

data subject s o requests, take such st eps as are reasonable i n the circumstanc es, to attach to the

informat ion in such a manner t hat it will always be re ad with the infor mation, an ind ication that a

correctio n of the informatio n has been requeste d but has not been made

(3) If the responsible pa rty has t aken steps un der subsect ion (2) that result in a cha nge to the infor mation

and the change d informatio n has an impact on d ecisions that have b een or will be ta ken in respec t of the

data subject i n question, the respo nsible party must, i f reasonably practica ble, inform each pers on or

body or respon sible party to whom t he personal infor mation has been d isclosed of those step s

(4) The responsible pa rty must noti fy a data subject , who has made a reque st in terms of sub section (1),

of the action ta ken as a result of the requ est ”

3 See MJ Kelly & D Satola “ The Right to be Forgot ten” (2017) 1 U Ill LR 1; MediaDefence “Expla ining the

Issues: The Rig ht to be Forgotten” (15-12-2020) MediaDefence

explaining- the-issues -the-rig ht-to-be-for gotten/ > (accessed 10-09 -2022); AS Basson The Rig ht to be

Forgotten: A Sout h African Perspect ive LLM research pa per University of Pret oria (2015)

4 (Case C - 131/12) ECJ Grand Chamber (13 May 2014) EUR Lex para 20(3)

legal-content/EN/TXT/?uri=CELEX%3A62012CJ0131> (accessed 10-09-2022)

5 Kelly & Satola (2017) U Ill LR 22 explain t hat the right to be forgot ten is a modern inca rnation of older

privacy theo ries in Wester n legal trad itions In Continental Eu rope, it is derive d from the idea s of

personal in tegrity and privacy wh ich are deeply rooted in the t radition of personal honou r (23) Kelly

and Satola recal l the famous case of Alex andre Dumas whi ch demonstrates t he preference in Europ e for

privacy rig hts over competing rig hts (23) T he origins of the rig ht have also been trace d to France (droit

á l’oubli) and Italy (diri too al’oblio) originati ng from the right to obl ivion – “defined as a r ight to silence

THE RIGHT TO DELETION: IDENTITY, MEMORY

AND SURVEILLANCE CAPITALISM 461

© Juta and Company (Pty) Ltd