Posted on 17. October 2014
by Fiona Fritz
“I know what you did last summer”. This statement marks the beginning of a series of horrible events in the 1997 horror movie of the same name. Although these events are (luckily) purely fictional, a lot of the things we do in our real lives (and not only from last summer) end up on social media, in web forums and online newspapers. Search engines make it ever so easy to find everything. In recent years, web search results became like a second CV. In the age of revenge porn – sexually explicit media that is publicly shared online without the consent of the pictured individual –, the unasked distribution of pictures on social media and the digitisation of newspaper articles from way back, it is necessary to update the legal framework in order to protect the right to privacy and the personal data of European citizens.
The “Right to be forgotten”
The Commissioner-designate for Digital Economy and Society Günther Oettinger showed his lack of understanding of the internet and the importance of privacy in the online world when he described those celebrities currently suffering from the unwanted distribution of private images and information as “stupid” (after min. 41:29 of the hearing’s official recording). This insult is not only uncalled for, but also shows that the victims of online privacy breaches are still bearing the brunt of the blame and that their personal data is not yet protected well enough. Fortunately, the Court of Justice of the European Union seems to have a different stand on this.
Deleting links: killing the messenger?
In May 2014, the EU Court of Justice ruled in the case of the Spanish national Data Protection Agency vs. Google Spain and Google Inc. on a ‘right to be forgotten’: the court declared that European citizens can request the deletion of links from search results that refer to a specific piece of information which is considered to be no longer relevant by the person concerned.
The deletion of links to a particular piece of information is only a very small advancement for the protection of privacy. The EU Court’s right to be forgotten is merely a ‘speed-bump’ for making it a little bit harder and less accidental to find information, as Viktor Mayer-Schönberger, professor of Internet Governance and Regulation at Oxford University, put it in an interview with The New Yorker. However, it does not target the websites where the original information is stored. The right to be forgotten thus aims to ‘kill the messenger’ and does not tackle the problem at its source.
Right to Privacy and Personal Data are Fundamental Rights too
Another critical point of the right to be forgotten ruling is that the deletion of links for privacy reasons can be viewed as encroaching on the fundamental right of freedom of information; it would enable individuals, especially public figures or criminals, to clear their names of past and present allegations. However, the “right to be forgotten” ruling advocates a case by case assessment. This would include judging whether or not the public’s interest is at stake. Thus, while upholding the freedom of information, the fundamental right to privacy and personal data outlined in article 12 of the UN Declaration of Human Rights is supposed to be protected too:
“No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.”
The right to privacy and the right to freedom of information will now have to be weighed in each case so that the privacy of the individual is protected as well as the public’s interest.
Privacy now in the “Pantheon” among Copyright and Trademark
It is a big step forward for our society that the right to be forgotten now protects the privacy of every citizen and elevates the right to privacy to the pantheon of copyright and trademark. The infringement of copyright and trademark – alongside illegal activities, of course – are listed as reasons for previous deletion requests with the search engine Google.
In October, Google published a transparency report about their first case assessment: 41,6% of the 504 713 removal requests following the right to be forgotten ruling in May have been deleted from search results of the individual’s in question as they were considered to be an infringement on the individual’s privacy. The other 58.4% were deemed to be of public interest and will thus remain in Google’s search results.
The following months and years will show how the right to be forgotten will improve the protection of our privacy. Now I am curious to learn about your opinion on this topic: what role should the protection of privacy play in future legislations? Is the right to be forgotten a good tool to protect our personal data?
Read the opinion of another FutureLaber on the right to be forgotten here.