• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer

Gateway Journalism Review

Published continuously since 1970

  • Email
  • Facebook
  • Phone
  • Twitter
  • Home
  • About GJR
  • News
    • Police Accountability Project
    • Midwest
    • Opinion
    • Media
  • Print issue
  • First Amendment Celebration
    • Watch: 11th Annual First Amendment Celebration

European privacy notions wash ashore in U.S.

May 4, 2016 by Eric P. Robinson Leave a Comment

image_pdfimage_print

European countries have long had different notions of privacy than we do in the United States, where privacy has weaker protection than free speech.  But several recent developments are leading European privacy norms to have impact in the United States.

Article 8 of European Convention on Human Rights (ECHR) provides that “everyone has the right to respect for his private and family life, his home and his correspondence.”  Pursuant to this right, in 1995 the European Union adopted its Data Protection Directive, which generally gives individuals the right to control use of information about themselves.  In the United States, while a “right of privacy” has been recognized as an outgrowth of various constitutional provisions, it exists only because of several legislative acts and judicial decisions.

E.U. residents may now enforce privacy in U.S.

In late February, President Obama signed the Judicial Redress Act, Public Law No. 114-126, which allows E.U. residents to enforce their privacy rights in the United States.  The new law was required under the provisions of the “EU-U.S. Privacy Shield” negotiated after the European Court of Human Rights held last year that the prior “safe harbor” scheme for protecting personal data was inadequate under E.U. law.

The European court held that the prior scheme was not compatible with the ECHR, including its failure to provide any remedy when the American government accessed data of Europeans, using techniques such as those revealed by former defense contractor Edward Snowden.  That ruling threatened the European operations of American technology companies whose operations include transfer of data about European residents to servers in the United States. A coalition of technology companies and industry groups called enactment of the bill “a critical step in rebuilding the trust of citizens worldwide in both the U.S. government and our industry.”

The new law will allow the resumption of data exchanges between the United States and Europe.  It requires American companies to commit to “robust” protection of Europeans’ personal data, and requires the companies to respond to complaints of misuse of personal data. The new law also allows residents of E.U. countries and other nations designated by the U.S. Department of Justice to take complaints about private companies’ misuse and insecurity of their private data to the Federal Trade Commission.

Before passing the bill, Senate Republicans added conditions on the Justice Department’s designations of countries that will be covered by the new provisions, such as a requirement that the countries reach data exchange agreements with the United States that do not “materially impede the national security interests of the United States.”  The new law also requires that designated countries provide reciprocal privacy rights to American citizens.

The statute also establishes an ombudsman to field complaints over government access to personal data.  FTC and ombudsman decisions may be appealed to federal court.

Americans may already file such suits over misuse of personal data under the federal Privacy Act.  But most of the lawsuits filed over Snowden’s revelations on behalf of United States citizens have not been successful.

When signing the bill, President Obama said that the new law “makes sure that everybody’s data is protected in the strongest possible way with our privacy laws — not only American citizens, but also foreign citizens.”

Google gives in, somewhat, on the right to be forgotten

One way that Europe has expressed its notions of privacy is with the “right to be forgotten,” the idea that individuals should be able to control what historical information can be found about them online.  The European Court of Human Rights established the right in a decision involving a Spanish lawyer who sought to repress a legal notice about the tax foreclosure sale of an apartment he owned with his ex-wife.

The court held in 2014 that while the information could remain in the online archive of the newspaper that published the notice, Google could be forced to remove links from its search results.  The ruling led Google, Bing and other search web sites to establish methods for E.U. residents to request removal of links to personal information that is “inadequate, irrelevant or no longer relevant, or excessive.”

But search companies have insisted that the removal from search results should be limited to their European domains, such as google.es or bing.co.uk, with the links remaining in search results on non-European domains, including the main .com domains.

While these domains are directed at non-European nations, the sites can be accessed from within Europe.  This led France privacy regulators to demand that the links be removed from non-European sites as well.  The sites resisted this demand, but in early March Google announced that it would extend de-listings to its non-European domains when the sites are accessed from the individual European country of the individual who requested the listing, using geolocation techniques.  The links will remain in the results for users outside that country accessing the non-European domains.

In a blog post announcing the change, Google global privacy counsel Peter Fleischer wrote, “We believe that this additional layer of delisting enables us to provide the enhanced protections that European regulators ask us for, while also upholding the rights of people in other countries to access lawfully published information.”

Privacy regulators of France and other E.U. nations told Bloomberg BNA that they were evaluating Google’s new plan.  But some observers indicated that the regulators were likely to accept the geolocation method only as an interim step towards total removal of the material from all search sites, accessed from anywhere around the world.

This prediction was reinforced in late March when the French agency that oversees data privacy issued a €100,000 ($112,000) fine against Google for failing to apply the “right to be forgotten” link removal requests globally.  Google announced that it would appeal.

Author

  • Eric P. Robinson

    View all posts

Share our journalism
           

Filed Under: Media

Archive of St. Louis Journalism Review

The St. Louis Public Library maintains an archive of our collection when Gateway Journalism Review was the St. Louis Journalism Review.

Primary Sidebar

Sign up for our weekly newsletter!

Don't miss original stories about local journalism happening between the coasts. We deliver media news from the Midwest to your inbox every Thursday afternoon.


By submitting this form, you are consenting to receive marketing emails from: Gateway Journalism Review, SIU Carbondale School of Journalism, Carbondale, IL, 62901, http://www.gatewayjr.org. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact
No audio track to show. (Invalid input URL)

Life After Journalism


IRE Radio


Illinois News Broadcasters


Footer

11th Annual First Amendment Celebration featuring Evan Osnos

https://vimeo.com/704150392?loop=0

10th Annual First Amendment Celebration featuring Claire McCaskill

https://www.youtube.com/watch?v=vwtrmyauuBA

Listen to GJR’s Founder

Become a sustaining member or associate of GJR with a recurring or one-time donation that supports our journalism.

Copyright © 2023 · Magazine Pro on Genesis Framework · WordPress · Log in