Ethical And Legal Responsibilities In The Mass Media
Razan Abou Chakra & Raneem Al Qadi
Introduction:
With the spread of technology and “The Internet”, everyone was initially optimistic about a world full of opportunities that technology will open up. However, unsurprisingly the lack of awareness and in-depth understanding of these technologies we hold in our hands made us unaware of their consequences, as well as, more importantly the conditions that come with such a luxury.
Today, in the twenty-first century, one phrase summaries a long story of protesting against what affects the social stability of our world. Today, we urgently demand the “Freedom of speech and governing our personal data”, and these demands come as a consequence of our late understanding of the world of technology. In this paper, we will discuss the inefficiency of the movement done by the European Union, known as “The Right to be forgotten”.
What is the Right to be forgotten?
The General Data Protection Regulation (GDPR) is the rule that allows an individual to govern how his/her personal data must be “collected, processed, and erased.” (“Everything you need to know about the “Right to be forgotten”, 2019) According to Article 15, the subject will have the right to check whether his personal data are being processed and if so, where they are being processed of course with the “controllers confirmation”. (“Art. 15 GDPR - Right of access by the data subject”, 2015) This article supported and “dovetailed” the right to be forgotten as people will have the right to access their published personal information. As a result, the right to control will start meaning to those who no longer consent to have their information processed if they believe that there are “significant errors within the data” or “information is being stored unnecessarily”. (“Everything you need to know about the “Right to be forgotten”, 2019) The GDPR came into effect on May 25, 2018 (“What is GDPR, the EU's new data protection law?”, 2019) and the law affects people or organizations in the European Union or any offered services to a person in the EU. (Clowes, 2018)
“The Right to be Forgotten” appeared in Recitals 65 as “Right of Rectification and Erasure”:
“In particular, a data subject should have the right to have his or her personal data erased and no longer processed where the personal data are no longer necessary in relation to the purposes for which they are collected or otherwise processed, where a data subject has withdrawn his or her consent or objects to the processing of personal data concerning him or her, or where the processing of his or her personal data does not otherwise comply with this Regulation.” (“Recital 65 - Right of Rectification and Erasure”, n.d.)
In elaboration to recital 65, it also states that a person will have the right to pull away their consent given when they were not fully aware of the situation’s imposed risks. For instance, any consent taken from children or the elderly through the internet. This recital will allow citizens of countries in the European Union, to decide if they want to pull away their personal data or any harmless content “ for exercising the right of freedom of expression and information.” (“Recital 65 - Right of Rectification and Erasure”, n.d.)
Moreover, the recital preserves the personal data for lawful purposes to retain only when a person publishes content that breaks legal obligation and puts the public interest at risk.
“The Right to be Forgotten” also appeared in Recitals 66 as “Right to be Forgotten”:
“To strengthen the right to be forgotten in the online environment, the right to erasure should also be extended in such a way that a controller who has made the personal data public should be obliged to inform the controllers which are processing such personal data to erase any links to or copies or replications of those personal data.” (“Recital 66 - Right to be Forgotten”, n.d.)
To achieve and implement Recital 66, the controller should be aware of all the “available technology and the means” (“Recital 66 - Right to be Forgotten”, n.d.) that would deter the ability of the controller to pull away the requested personal data. As, if a certain controller pulled away data, he should make sure that this act is transmitted and saved on the different controllers - servers. (“Recital 66 - Right to be Forgotten”, n.d.) This way a controller can assure that a certain technology such as VPNs would be able to allow access to what has been pulled after the subject’s request.
When does Article 17, of the GDPR, outline the specific circumstances which apply “The Right to be Forgotten”.
An individual will have the right to request the erasure of his/her personal data if the individual information is not fundamental for the reason an organization initially collected or “processed it”, an organization is depending on an individual’s assent as the legal premise or as a justification handled in defense for processing an individual’s information, or when an organization has to erase any personal data for “legal ruling or obligation.” (“Art. 17 GDPR – Right to erasure”, n.d.) Furthermore, any person can retain personal information if an organization is processing personal data for direct marketing purposes, or unlawfully, or a child’s individual data for the purpose of offering information to “information society services”.
Sometimes an organization might acquire the right to process an individual’s data over a person’s right to retain their information.
The information is being utilized to work out the “freedom of expression and information” (“Everything you need to know about the “Right to be forgotten”, 2019) to perform a carried movement that is for the sake of the public interest or is necessary for public wellbeing purposes. Moreover, any organization will have the right to obtain the requested personal data when the information being handled is vital to perform preventative or word related pharmaceutical medicine by a certified health professional. Finally, the information is being utilized for the establishment of any lawful defense. Those previous reasons by the GDPR trump the right to erasure. (“Everything you need to know about the “Right to be forgotten”, 2019)
Right to be forgotten regarding the Media Field
With the “Right to be forgotten” regulation by the European Union, questions about information on media platforms came along, are unnecessary or irrelevant information still listed on there?
Search engines like google and several more came out and said they are now removing links to web pages in which are “inadequate, irrelevant or no longer relevant, or excessive” to an individual.
An example for further understanding is the case of the Spanish lawyer, Mario Costeja González, in 2009 when he requested to remove an article from Google on an online newspaper called La Vanguardia on a sale of his property in order to fulfill his social security debts when in reality the debts had been concluded years before the sale of his property, and he felt like this is bad for his image. Google denied his request back then but then he sued them. In 2014, the European Union Court of Justice ordered Google to “delist the pertinent links from Google’s search results when querying Costeja’s name”. (Xue, Minhui & Magno, Gabriel & Cunha, Evandro & Almeida, Virgilio & Ross, Keith, 2016)
Additionally, according to a Data-Driven study stating “The Right to be Forgotten in the Media”, “Google launched an online request process on May 29, 2014 and has since received more than 1.5million link-removal requests from individuals (“re-questers”) in the European Union.” (Xue, Minhui & Magno, Gabriel & Cunha, Evandro & Almeida, Virgilio & Ross, Keith, 2016)
The case of Costeja shows us how important the right to be forgotten is and how not having that right leaves a negative impact on an individual in the long run and that phenomenon is called the “Streisand Effect”, and Costeja suffers from that today, despite the fact that he won that case he will not be forgotten due to the fact that his name appears on a large number of websites. (Xue, Minhui & Magno, Gabriel & Cunha, Evandro & Almeida, Virgilio & Ross, Keith, 2016)
Do you think people should have the right to shape their digital narratives?
According to the policy brief of “The Right To Be Forgotten; Remembering Freedom of Expression”, “most personal information available online has no public interest value” (“The Right to Be Forgotten and Implications”, 2016) So why should it be up for the public? and Why can’t one decide what is their narrative online?
Digital narratives in today’s world are vital, it's how anyone that is remotely interested in who you are, views you, it’s when someone is looking to hire you will look you up and your digital narrative will decide your image and who you are. Does that mean you should have the right to shape your digital narrative?
Anyone and everyone would like to have control with what the world sees of them, and the right to have that is a must, apart the “Right To Be Forgotten” is to help shape an individual's digital narrative, what they want the people to see and what they don't want them to see, in other words, create their own image and story for the world to see, which in this paper and according to our understanding should be seen as a basic right. The graph below shows the statistics over several websites that people have been requesting delistings from, which emphasizes the idea of the right to have control over your own digital narrative. (Schwartz, n.d.)
Are you for or against adopting “The Right to be forgotten” in the Arab world?
We are for adopting “The Right to be forgotten” - GDPR in the Arab World and that is because of all the benefits that this regulation brings to the businesses and the communities. The GDPR is applicable to the Arab world as much as it is applicable in the European Union. For instance, the following image is according to a study that tackles: “The General Data Protection Regulation Implications for Organizations in the Middle East”.
(“The General Data Protection Regulation”, n.d.).
Having this in mind, we can not oversee the importance of “The Right to be Forgotten” that was not available in 2016 during the publication of “The Emirates Strike Back - UAE Cybercrime and Data Protection Law”. Through reading the Emirates Law document, we can see that a lot of issues discussed can find its solution in implementing this regulation. (Werné, Andrews, Wilkinson, Beheshti, Hambly, 2016)
Why would this be important to a world that has a lot of things under the list shameful? People in the Arab world always have this fear of crossing the cultural boundaries and carrying on a shameful stain all throughout their lives, this regulation can help reduce this fear as people will be able to take away anything that might expose their name when it is unnecessary.
To support this, according to the article “Reconsidering the Right to be Forgotten”, “more than 500,000 people filed requests with Google to be ‘de-listed’ from its search”. (“Reconsidering The Right to Be Forgotten”, 2016)
Those filled requests are only since the 2014 establishment by the Court of Justice of the European Union (CJEU). With this high number, we can see that many people feel their personal data are exposed without use to the people or violating their right to construct their own narratives that will help them to evolve in work and life. Even though people might see that the “Right to be Forgotten” will erase a lot of important documents but on the other hand, the main hand, by implying this rule we are assuring that any cybercrime or any other thing like a slogan that follows any person’s name or an interview that is of no need or a published research that exposes people personal data that has nothing to do with any medication for the public, will not affect any person’s life on the contrary such regulation will open up a wide range of opportunities to many who think that their digital narrative is ruined. (“Reconsidering The Right to Be Forgotten”, 2016)
However, one main point that should be considered is to follow exactly who is authorized to request the “Right to be Forgotten” because in this essay we provoke governments to implement this regulation but not on the basis of forgetting what some criminals have done. The one who has the right should get it but the one who violates any civil or criminal law should be punished.
Conclusion
To finalize how important “The Right to be Forgotten” is, no-one should have the power to create an image for another person based off a series of data posted online at random times without context, each individual should be subjected to their right to control what the public can learn about them or not, especially when it’s not a matter of the public good in general.
Works Cited
Art. 15 GDPR - Right of access by the data subject. (2018, November 14). Retrieved from https://gdpr.eu/article-15-right-of-access/
Art. 17 GDPR – Right to erasure ('right to be forgotten'). (n.d.). Retrieved from https://gdpr-info.eu/art-17-gdpr/
Clowes, E. (2018, November 7). GDPR: What do you need to know? Retrieved from https://gulfnews.com/technology/gdpr-what-do-you-need-to-know-1.2225993
Everything you need to know about the "Right to be forgotten". (2019, February 13). Retrieved from https://gdpr.eu/right-to-be-forgotten/?cn-reloaded=1
Recital 65 - Right of Rectification and Erasure. (n.d.). Retrieved from https://gdpr-info.eu/recitals/no-65/
Recital 66 - Right to be Forgotten. (n.d.). Retrieved from
Reconsidering the Right to be Forgotten - memory rights ... (2016, February). Retrieved from https://www.researchgate.net/publication/309441829_Reconsidering_the_Right_to_be_Forgotten_-_memory_rights_and_the_right_to_memory_in_the_new_media_era
Schwartz, M. J., & Ross, R. (n.d.). 'Right to Be Forgotten' Should Be EU-Only, Adviser Says. Retrieved from https://www.bankinfosecurity.com/right-to-be-forgotten-should-be-eu-only-advisor-says-a-1193
The General Data Protection Regulations Implications for Organizations in the Middle East. (n.d.). Retrieved from https://www.aig.ae/content/dam/aig/emea/uae/documents/aig-nrf-gdpr-infographic-final-31oct.pdf
Xue, Minhui & Magno, Gabriel & Cunha, Evandro & Almeida, Virgilio & Ross, Keith. (2016). The Right to be Forgotten in the Media: A Data-Driven Study. Proceedings on Privacy Enhancing Technologies. 2016. 10.1515/popets-2016-0046. Retrieved from
Werné , P., Andrews, P., Wilkinson, D., Beheshti , P., & Hambly, V. (2016, January 1). Emirates Law Business & Practice. THE EMIRATES STRIKE BACK - UAE Cybercrime and Data Protection Law, 1. Retrieved from http://www.dji.gov.ae/Lists/DJIBooks/Attachments/98/Magazine_complet_07janv_bassedef.p
What is GDPR, the EU's new data protection law? (2019, February 13). Retrieved from https://gdpr.eu/what-is-gdpr/
Comments