Much rejoicing was had this week amongst fans of Data Privacy and Data Protection, as the European Court of Justice (ECJ – though officially now just the Court of Justice) in its capacity as one wing of the Court of Justice of the European Union (CJEU; I know, the distinction is a bit confusing, and varies depending on who reports it) implied a “right to be forgotten” into European Data Protection Law. For example, the EU justice commissioner, Viviane Reding, welcomed the decision, saying it was a victory for the protection of personal data in the EU; “The ruling confirms the need to bring today’s data protection rules from the ‘digital stone age’ into today’s modern computing world”. Whilst the idea of giving citizens more rights to control the processing and dissemination of their personal information is a commendable one, this already exists in the form of the Data Protection Directive which was found to be applicable in this case.
What really happened here is that the court extended, in my opinion rather widely unclearly, who can be designated as controllers or processors of personal data and what sorts of information should be considered objectionable personal information and remain completely within the control of the citizen. Continue reading Europe and The Right to Be Forgotten: A Memorable Victory for Privacy or Defeat for Free Speech?