By Praveen Kannan and Anna Strokolyst The Hotspot Shield team believes the internet should be open and secure …
There is a specter haunting the European Union (EU): the specter of forgetfulness. A set of regulatory laws passed by the Union in recent years guarantees citizens the Right to be Forgotten, promising the ability to clean the online record of bad decisions. The right was recently upheld in the highest EU courts, signaling that it may be here to stay. On the surface, the law seems like a privacy advocate’s dream; however, once the surface is scratched, deeper concerns become apparent.
What Is It?
The Right to be Forgotten (or RtbF) is a legal construct of the European Union. In 1995, the EU wrote its digital privacy standards, the European Data Protection Directive, outlining the rights of European citizens as they pertain to the growing body of digital information being collected about them.
This act, enshrining the role of the EU governing authority in regulating privacy concerns in record-keeping, formed the basis for the growth of RtbF as a guiding principle. So what has placed this 19-year-old set of regulations suddenly so at the forefront of the privacy movement?
Google, González, and Good Intentions
The case of Google v González, involving a Spanish national seeking the removal of references to legal proceedings against him from the search engine, went before the EU Court of Justice in May 2014. The justices found in favor of a broad interpretation of RtbF law. Moreover, they placed the onus for removing the information not with the host site, but with the search engine indexing it; Google would be required to block access upon legitimate request.
In the wake of the ruling, RtbF advocates are crowing, the opposition is scrambling, and Google is busily sorting its new backlog of takedown requests.
Is This a Free Speech Issue?
Opponents of the European scheme claim that it violates the right to free speech on the part of the search engines and content providers affected. But does it? Getting to the core of that question involves asking difficult questions about the right to privacy given to corporate entities: its extent and its limitations.
In general, courts internationally (and particularly in the United States) have consistently found that a corporate entity has rights under the law similar to those of a human citizen. Cases have found that companies have a right to privacy, speech, and even, in some cases, the unimpeded practice of religion.
Rights as a general concept are a thing that it is easy to get behind. However, the problem with the messy real world is that those rights often come into conflict with one another. Thus, laws are required to sort which rights have priority in any given situation. That being said, the British House of Lords has said that the law is “wrong in principle and unworkable in practice.”
You Are Being Sold
This becomes especially important when we consider a common role of information companies. Services such as Google and Facebook provide “free” functionality to users in exchange for the ability to compile sellable, useful information—a valuable commodity in an age of targeted marketing. Search results, while not directly a component of this business model, drive the user base to the provider; without its ability to index the web, Google is nothing but a set of clever logos.
Put simply, Google offers access to content generated by others, and in return, builds detailed information about its user base. While RtbF laws would do nothing to stop Google’s data storage, they would return some measure of control over searches to the subjects of those inquiries, cutting the reach of search engines into our lives. This is a remedy much-sought-after by those affected by certain malicious Internet practices, such as the victims of so-called “revenge porn” sites, who have often lacked legal recourse. It’s also something of a remedy to the common complaint that the Internet is effectively the beginning of the end when it comes to privacy. Moreover, it fits entirely within existing legal structures, which have long regulated the products produced by business interests on the basis of social good.
Freedom From Criticism?
So far, we’ve discussed the Right to be Forgotten and free speech in reference to the right of a corporation to present information, and the clash between the rights of the individual and the rights of a business. Let’s move now to another potential issue: the use of Right to be Forgotten principles to scour the Internet of unflattering press.
Consider the case of Robert Peston, who wrote a blog post on Merrill Lynch during the sub-prime fiasco of the late 2000s. Seven years later, Google notified Peston that the accessibility of his article was to be reduced per a RtbF request. Initially, Peston assumed that the culprit was former Lynch honcho Stan O’Neal, the subject of the article. In response, Peston questioned the survivability of the freedom of the press in the wake of this new legal construct. Peston’s initial assumptions proved untrue, however; it appears that the article was actually flagged due to a commenter wanting to hide himself or herself.
Mistake or Prophecy?
It would be easy to dismiss Peston’s concerns with the knowledge that he was incorrect about the source of the complaint. However, this dismissal misses an important point: The conflict between speech and privacy can have unintended casualties. The framers of the RtbF legislation never intended their law to be used to prevent the record from reflecting the actions of newsworthy public actors or to damage the freedom of the press to inform the populace of vital issues. However, despite careful language intended to protect speech, it is easy to imagine the law being used in just such a way, and critics of the law suggest that the safeguards in the laws are inadequate.
The delicate balance between the availability of information and the right to privacy is a strange one in the age of information technology. As Jorge Ramos stated, “Our lives are increasingly defined by what we do on our cell phones and computers.” It can be hard to know exactly where to draw the lines between these impulses. While the Right to be Forgotten reflects an admirable concern for allowing individuals the right to manage their digital lives, it also opens up a whole new frontier in spin control, sacrificing on the altar of privacy the public’s right to be informed. Any implementation of such a law needs careful watching, to make sure that the extensive rights that it grants avoid abuse.