Hi Jason, I agree with you. Even after all the GDPR chips land, the “right to be forgotten and personal data management is something that each one of us will likely need to manage ourselves.” I had this acute uncertainty when I ‘deleted’ all of my content from Facebook: is it actually gone? How can I ever know for sure? Even with mountains of legislation and regulations in effect, who could possibly audit Facebook’s global server network to verify that my directives were executed?
It’s not that leaving one’s data strewn around other people’s computers (i.e. the cloud) means that it will exist there permanently. But it does mean you can never really be sure it is gone if and when you want it to disappear. Like yourself, it is seems naive to me to outsource my trust of these mega corporations with global reach to a stack of legislation. It’s not (only) because bureaucracies and corporations of scale have a historical track record of riding roughshod over regulation and exploiting loopholes, but also because in this scenario it’s altogether likely that we would never even know it is happening.