ebook img

The Right To Erasure In EU Data Protection Law: From Individual Rights To Effective Protection PDF

549 Pages·2020·5.479 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview The Right To Erasure In EU Data Protection Law: From Individual Rights To Effective Protection

The Right to Erasure in EU Data Protection Law OXFORD DATA PROTECTION AND PRIVACY LAW Series Editors CHRISTOPHER KUNER Professor of Law, VUB Brussel, GRAHAM GREENLEAF Professor of Law and Information Systems, University of New South Wales The aim of this series is to publish important and original books on legal issues of data protection and privacy. This includes many different areas of law, including comparative law, EU law, human rights law, international law, privacy on the Internet, and others. Prospective authors are welcome to submit proposals for the series, as outlined on the series website: global.oup.com/academic/content/series/o/ oxford-data-protection-and-privacy-law-odppl/ The Right to Erasure in EU Data Protection Law From Individual Rights to Effective Protection JEF AUSLOOS 1 3 Great Clarendon Street, Oxford, OX2 6DP, United Kingdom Oxford University Press is a department of the University of Oxford. It furthers the University’s objective of excellence in research, scholarship, and education by publishing worldwide. Oxford is a registered trade mark of Oxford University Press in the UK and in certain other countries © Jef Ausloos 2020 The moral rights of the author have been asserted First Edition published in 2020 Impression: 1 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without the prior permission in writing of Oxford University Press, or as expressly permitted by law, by licence or under terms agreed with the appropriate reprographics rights organization. Enquiries concerning reproduction outside the scope of the above should be sent to the Rights Department, Oxford University Press, at the address above You must not circulate this work in any other form and you must impose this same condition on any acquirer Crown copyright material is reproduced under Class Licence Number C01P0000148 with the permission of OPSI and the Queen’s Printer for Scotland Published in the United States of America by Oxford University Press 198 Madison Avenue, New York, NY 10016, United States of America British Library Cataloguing in Publication Data Data available Library of Congress Control Number:  2019954550 ISBN 978– 0– 19– 884797– 7 Printed and bound by CPI Group (UK) Ltd, Croydon, CR0 4YY Links to third party websites are provided by Oxford in good faith and for information only. Oxford disclaims any responsibility for the materials contained in any third party website referenced in this work. Foreword The technological and economic forces characterising modern society have thor- oughly disrupted the constitutional status quo in the west which grew from the lessons of the Second World War, fascism and communism. Today again, human autonomy and democracy are in peril. Not a day goes by without us having to con- front how technology developers and users, big and small, are challenging not just our privacy, but also core European principles such as equality, information free- doms, liberty and democracy itself. The key catalyst in these developments is the hunger to generate profits with personal data and the readiness to put profits over individual autonomy and freedom. Al Gore called this business model the “stalker economy”. Jef Ausloos explores ways to safeguard individual autonomy in this brave new world. He investigates this through the lens of EU data protection law and the legal tools it contains to empower individuals in their efforts to exercise control over their personal data. The right to erasure (‘right to be forgotten’) constitutes the centrepiece of the GDPR in this endeavour. Readers should not be misled by the title of the study, which is more than an analysis of Article 17 GDPR. Jef Ausloos rather positions this provision as a central junction in the GDPR and skilfully uses it as a starting point to go deeper into EU data protection law in its entirety. The book could not be more timely. It is based on the author’s PhD research, defended in 2018, the year that data protection went mainstream. The GDPR en- tered into force, Convention 108+ of the Council of Europe was adopted, and perhaps most importantly the Facebook / Cambridge Analytica scandal signi- fied the tipping point in public opinion on the issues of democracy and individual freedom emerging from data- driven power asymmetries. These modern- day cau- tionary tales— from psychological manipulation in the gig economy and polit- ical microtargeting on social media, to arbitrary visibility on search engines and the problematic practices of so- called ‘virtual assistants’— feature throughout the book, offering valuable illustrations of practical operation of data protection law. Article 17 GDPR is not such a complex provision. Its purpose is clear. But as so often in texts of law which are the result of a democratic compromise, a closer reading raises a number of issues. Jef Ausloos structures all of these issues in clear terms, under three questions: Does the right to erasure apply in the first place? If it applies, how should we go about balancing the different rights, freedoms and interests at stake? If the right applies, and if a balance can be found, how should this right be made effective in practice? vi Foreword To answer these questions, the book sets out a case- law analysis of fundamental rights balancing, focusing specifically on Articles 7 (right to private life), 8 (data protection), 11 (information freedoms), and 16 (freedom to conduct a business) of the EU Charter of Fundamental Rights. The author does not shy away from taking a swing at some of the broader soci- etal issues of increasingly datafied—a nd thus controllable—a ctions, relationships and environments. He dissects complex data processing operations and thus suc- cessfully seeds doubts against the dominant tech sector arguments in defending their practices which put in question individual autonomy. His key theme throughout the book is the power asymmetries as catalysed by technological and economic forces and how to address them through law which em- powers individuals. For Ausloos, empowerment and autonomy play two roles: They are a goal in themselves, as a manifestations of freedom and dignity of men, which we need to fight to preserve in the age of AI. Secondly, they are tools to achieve in- formational self-d etermination through legal institutions, namely GDPR. Paul Nemitz Principal Adviser at the European Commission and Visiting Professor of Law at the College of Europe Series Editors’ Preface The Internet raises numerous challenges for the protection of personal data, such as the simultaneous desire of individuals to make their personal data public while retaining control over their processing; the global nature of data transfers, which brings challenges for effective enforcement of data protection rights; and the lack of transparency and accountability that surround much data processing. These issues have gained particular attention in light of recent developments con- cerning application of the right to erasure (also known as the ‘right to be forgotten’) to global online networks. The right first gained notoriety when the EU General Data Protection Regulation (GDPR) was proposed in 2012, and then became even more famous following the 2014 judgment of the Court of Justice of the European Union in the case Google Spain SL, in which the Court affirmed the application of the right in the context of online search engines. Since then, questions surrounding the right to erasure have provoked international controversy about the proper balance between data protection rights and other rights and freedoms, the extraterritorial scope of EU law, and the threats to individual rights posed by data processing on the Internet. These issues are all dealt with in detail in the present volume by Dr. Jef Ausloos. The author, who has examined the legal and technical implications of the right to erasure since it first gained attention, has produced a monograph which is a superb work of scholarship. It focuses on the right to erasure under the EU data protection framework, particularly the GDPR, but also recognizes that the right to erasure has become an international phenomenon that has received legal responses in non- European countries as disparate as Argentina, Japan, Qatar, Russia, Madagascar, Turkey, and Brazil. A particular strength of this book is that, while the author provides a meticulous examination of the legal issues surrounding the right to erasure under the GDPR, he also puts the legal issues into a wider context. Thus, he considers the tensions between the right and other important values (such as freedom of expression), and examines the important question of how the right works in practice. Perhaps most significantly, he recognizes that the issues surrounding the right to erasure serve as a paradigm for a broader discussion about informational self-d etermination in online data processing. We are thus pleased to include this important book in our series. We believe that it makes a significant contribution to data protection scholarship, both in EU law and with regard to questions of online data processing more generally. Christopher Kuner and Graham Greenleaf Acknowledgements Of the many metaphors that exist to describe the process of writing a PhD, I prefer the one linking it to climbing a mountain. You start in the valley, looking at the summit full of wonder and eager anticipation. But as you move your eyes down- wards and downwards, following a meandering path over icy rocks, steep cliffs, and through dark forests, you quickly realize the ascent will be no walk in the park. I am therefore incredibly grateful to have been surrounded by such great people all along the way to the top. First of all, there is my wonderful advisory committee, without whom I would never have embarked on this journey in the first place. Prof Dr Peggy Valcke de- fines, and exceeds, the term ‘promotor’. Her unwavering enthusiasm and support were not just vital in reaching the summit, but also enabled many fascinating ex- cursions along the way. I am also incredibly grateful to my co- promotors: Prof Dr Eleni Kosta for being the lighthouse I often needed when losing sight of the summit, and Dr Seda Gürses reminding me to take a step back, breath, and look at the broader picture. This trinity of (co-) promoters was complemented by three people whose insights and encouragement have made this dissertation worth- while. Thank you Prof Dr Serge Gutwirth, Prof Dr Jo Pierson, and Prof Dr Nico van Eijk. Thank you also to jury members Prof Dr Geert van Calster, Prof Dr Elise Muir, and chair Em Prof Dr Jacques Herbots for meeting me at the top. Climbing a mountain never happens in a straight line. You encounter many chal- lenges and distractions along the way, resulting in numerous detours. I was lucky enough to have (had) wonderful colleagues with whom I shared parts of the path to the summit. In particular, Brendan Van Alsenoy who not only helped me achieve new heights, but also taught me the importance of academic integrity and humility. Aleksandra Kuczerawy, for being a great writing-b uddy and the best roomie one could wish for. Damian Clifford for always- inspiring conversations and being a partner- in- crime for many PhD discussion days. Pieter- Jan, Amandine, and Valerie for putting a huge smile on my face throughout most of the journey. And of course so many other CiTiP colleagues that have made ‘going to the office’ a true joy throughout the years! My journey would never have been successful without two major detours along the way. I am very grateful to the wonderful people at the Institute for Information Law at the University of Amsterdam—a nd in particular Nico van Eijk, Natali Helberger, Kristina Irion, and Frederik Zuiderveen Borgesius—f or a productive research stay in the fall of 2015. Thank you also to everyone at the Center for Intellectual Property and Information Law at Cambridge University for a very x Acknowledgements inspiring four months in the winter of 2017. Especially David Erdos for being such a great host and never shy for some intellectual sparring. Julia Powles and Christina Angelopoulos, thank you as well for all the stimulating discussions. At the risk of forgetting many names, I would also like to thank the following truly amazing people for the inspiring conversations and/o r collaborations without which I would not be where I am today: Günes Acar, Paul Bernal, Reuben Binns, Ian Brown, Lorenzo Dalla Corte, Paul-O livier Dehaye, Lilian Edwards, Gloria González Fuster, Kirsten Gollatz, Edina Harbinja, Rob Heyman, Paulan Korenhof, Ronald Leenes, Meg Leta Jones, Orla Lynskey, Nora Ní Loideain, Marcelo Thompson, Joris van Hoboken, Michael Veale, and Nicolo Zingales. Thank You. Reaching the top of Mount PhD would not have been possible without the warm support and understanding of family and friends. I am particularly grateful to my mother for instilling me with that sense of awe and wonder that makes life so fas- cinating. Thank you to both of my grandmothers who I admire for being the rebels and artists they are. And of course, thank you Laura, without whom I would have been long lost in the woods. You walked by me all along, enduring yet encour- aging me while I was spiralling around the top for years and actively supporting me during the last stretch straight to the top. You make everything possible. Jef Ausloos September 2018

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.