[Read more session reports and live updates from the 11th Internet Governance Forum]
Ms Daphne Keller, Director of Intermediary Liability, Stanford Law School Center for Internet and Society, started the session by providing a background to the European concept of the right to be forgotten or the right to be ‘de-listed’, mentioning that ever since the first case – Microsoft and Google disclosed that 50% of requests they get are valid while the other half is not. Keller stated that the panel would not only focus on the removal of search results but also the removal of content and different interpretations from different countries, especially South American countries. She also mentioned the question of the freedom expression versus the right to privacy would not be delved into too deeply, but the measures, steps and practices by platforms and intermediaries would be considered in depth from a law perspective. Keller underlined that the laws regarding content removal are there to protect user laws.
Mr Kyung-Sin Park, Co-founder of Open Net Korea, took the floor by stating how the right to be forgotten is not very welcome in Asia due to the history in the region, with former colonies and dictatorships. Therefore, there is a strong demand for truth and not partial truth while another question is deciding whether the person in question is a public figure or not, since the right to be forgotten cannot be applied to public figures. He stated the fact that most Asian countries had laws that allow suppression of truthful information was another reason why the right to be forgotten was frowned upon, while Korea already had laws which citizens can apply to have content removed against them. He stated that he does not agree that the right to be forgotten is a fundamental right. Park mentioned the danger of censorship that can lead to the removal of lawful information describing the action as 'good old fashioned censorship'. He stated that the subject should be looked at from the angle of administrative censorship, and called for private companies to resist these requests to the maximum extent to keep lawful, truthful information available to the public.
Ms Lina Ornelas, Head of Public Policy and Government Affairs for Mexico, Central America and The Caribbean, Google, underlined how private companies now hold the responsibility of deciding whether information can be defined as lawful, truthful or relevant instead of qualified judges. She stated the guidelines issued by Google were helpful, however, the questions and definitions addressed were still much along the grey area. She mentioned the Advocate General stated that search engines are like murals that collect available information and not the authority who can decide what people can or cannot access. The right to be forgotten also attracted negative attention from the media when the court's decision declared that sources would not be notified when information is de-listed. Stressing the unintended consequences that come from right to be forgotten, she underlined the need for more definitive criteria. Ornelas also brought up jurisdictional issues that arise when regional and global removals happen. Different laws among different countries complicate issues further, such as the child sex offender obligation to notify neighbours in the US. She talked about the removal company Eliminia in Spain, which go to small sites and blogs and notify them that unless they remove certain information about certain individuals, fines would occur and use this as a scare tactic to strong-arm smaller outlets. Ornelas warned against the dangers of restricting access to knowledge and information stating that we should not let restrictive countries define the rights of the rest.
Mr Christian Borggreen, Director of International Policy, CCIA, started by underlining the need to look at the law from the individual perspectives of countries and that applying European or French rulings to the rest of the globe is highly problematic. He brought up the new law of Right to Erasure which is not an absolute right and in the text, it is stated that it should be balanced between the right to information and freedom of expression. He said it is very challenging for companies and that there should be a careful balance of rights while each country should decide what kind of data their citizens should be able to reach and it would be wrong for one country to decide for others.
Mr Cedric Laurent, global data privacy attorney and public policy expert, started by mentioning two prominent cases in Mexico where Google was defined as a data protection authority at the federal level. While the second case involved an individual requesting the removal of linked information of his name and address, his request was granted by the website however when the request was taken to Google Mexico, it was denied on the grounds that Google Mexico did not have jurisdiction and they could not be considered as the data controllers. He also stressed the importance of human rights groups in the region such as R3D, which help raise awareness in public and assist people with legal matters regarding data protection, right to be forgotten and similar fields.
Mr Luiz Fernando Marrey Moncau, Intermediary Liability Fellow, The Center for Internet and Society at Stanford Law School, talked about how there is confusion about the right to be forgotten in Brazil. Prominent cases in the country were not directly related to search engines but used as an example, the right of a person to remove online information about a crime they were prosecuted for but not convicted of. In one of the cases mentioned, the request for removal was not made for a certain URL but for search query results which are much more difficult to process. He addressed the concerns about due process; aside from private entities deciding on what should be online or not, there is the problem of no safe guards existing to watch and record what is being removed. The Brazilian court decided freedom of expression is vital therefore a court should be involved when deciding whether content should be removed or not. Another concern Moncau had was the question of the information being truthful or not since it is not always possible to clearly assert if something is true or not. Finally, he concluded by citing the preliminary decision to issue an injunction to the ISPs to block websites entirely while urging everyone to differentiate between user uploaded content and content published by third parties.
Mr Jeremy Malcolm, Senior Global Policy Analyst, EFF, took the floor to mention how Internet intermediaries may be considered to be data controllers, as seen in the Costeja case, which was an unexpected result since a search engine's control of data it indexes is minimal. He also noted that general data protection regulations seem to extend to some other Internet intermediaries too especially ones that process rather than just host data. Malcolm talked about the Manila Principles which were relevant to the discussion such as, how intermediaries should not be held liable for failing to restrict lawful content, content should not be required to be restricted without an order by a judicial authority and any liability imposed on intermediaries should be proportionate since current fines can add up to 4% of a company’s global income.
by Su Sonia Herring, Internet Society Turkey