By Emma Peters
The right to be forgotten has been widely criticized – not only as too far reaching but also as technically impossible to implement. These issues, many of which we touched on in class, are addressed in the articles described below:
In the Stanford Law Review, Jeffrey Rosen, Professor of Law at The George Washington University, states that the proposed European legislation will not only seriously alter the structure of the Internet, damage companies like Google, Yahoo and Facebook, but much more important “represents the biggest threat to free speech on the Internet in the coming decade.”
Rosen starts by acknowledging that the right to be forgotten addresses an urgent problem in the digital age: it is very hard to escape your past on the Internet as every photo, status update and tweet lives forever in the cloud. Nevertheless, Rosen points out that in its present form the right could cause a dramatic clash between European and American conceptions of the proper balance between privacy and free speech. He argues that the right is too vague and broad.
Rosen notes that the right to be forgotten as it applies to “any information relating to a data subject”. Thus, it covers not only to information posted (only) by the data subject herself, (which he finds unobjectionable) but also information that has been put up by the data subject but copied or reposted by someone else (II), or that has initially been posted by a third person (III). He thinks that categories II and III pose great threats to free speech: Can Facebook be forced to delete a photo of the data subject, that has been shared by a friend – without the friends’ consent? Can media be forced to take down legally acquired, truthful but embarrassing information – such as a rape victim’s name (alluding to the Supreme Court decision in Florida Star v. B.J.F.)?
Furthermore, Rosen thinks that the exceptions to protect the right of freedom of expression are not adequate. The regulation puts the burden to assess the difficult balance of privacy rights and free speech and to prove an exemption on the data processor. The envisaged hefty fines could lead data controllers to err on the side of deletion or blocking of all sites referring to the data subject, producing serious chilling effects to free speech.
http://www.stanfordlawreview.org/online/privacy-paradox/right-to-be-forgotten
The European Network and Information Security Agency (ENISA) asks how the government will implement an individual “right to be forgotten” when data are so often plural – concerned with more than one person and freely exchanged with many more. ENISA notes that the right to be forgotten is virtually impossible to enforce in an open, global system such as the Internet. How would a government force the forgetting of a couple’s photograph when one person wants the photo forgotten and the other does not? Furthermore, nothing prevents users from freely copying, storing, and redistributing digital content, including photos. Unauthorized copying of information by human observers is ultimately impossible to prevent by technical means. How can data be tracked down and “forgotten” when we don’t even know who has seen or stored it? Subsequently trying to find and erase the distributed copies is impossible.
ENISA report: http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/the-right-to-be-forgotten)
http://www.volokh.com/2012/11/21/the-right-to-be-oh-forget-it/