Until you have the right to purge the data--all of it--that companies collect on you with or without your permission, this "Bill of Rights" is woefully incomplete.
Why do you say that? Last I checked, I don't have the right to expunge any/all data a corporate entity has collected about me that I deal with in the brick & mortar realm.
I can sue for it, but I can't just walk in and say: Where's your form for me to have all my records shredded?
The only big difference here is that our vehicle for traveling through the various sites of businesses in the electronic realm leaks data about us like a sieve: I'm a Comcast customer, I live in state XYZ, I'm using a Mac, I've been to another site from your .com and here's my cookie, etc.
Tor, UserAgent modifiers, strict cookie settings and many other tools can help hide this information - but the average consumer doesn't know about them or how to use them.
This attempt at a rights bill is purely to put some "common sense"-style consumer expectations in place and give them standard tools/methods to learn more about what a particular company is doing.
Where the real failure comes into play is that, unlike in the brick & mortar world, it's quite easy to stroll down an electronic avenue and enter a shop that's actually housed in China - where suddenly this bill becomes a moot point.
Likewise in Ireland, under certain conditions[1]. Interestingly there are ongoing proposals to unify all EU data laws to make business easier/less expensive between EU countries and the "right to be forgotten" is one key feature that is being championed.
Who ever heard of data that was really deleted or purged? IT folks work really hard to ensure that data can't easily be deleted in such a way that it will disappear irrecoverably.
Legislation will not fix the fundamental problem that some data is actually really hard to selectively delete. Take the very common scenario of some small company that made backups of its databases to tape for years and years. If you were to exercise your right to purge your data, how can this be reasonably done? If they just delete it from their online, live database you'll have folks cry foul because they didn't really delete it. What a mess!
Well, you aren't guaranteed that people can't collect information on you. You'd never see a news paper story mentioning anyone ever again. I mean that's information about me - it needs to be purged!
