Graham Greenleaf (Faculty of Law, University of New South Wales) published recently a research paper titled “Global Data Privacy Laws: 89 Countries, and Accelerating”, in which he analyzes the fast pace of legislating data protection around the world.
Here’s the abstract:
“It is almost forty years since Sweden’s Data Act 1973 was the first comprehensive national data privacy law, and was the first to implement what we can now recognize as a basic set of data protection principles. How many countries now have data protection laws? This article surveys the forty years since then of global development of data privacy laws to the start of 2012. It expands and updates ‘Global data privacy laws: Accelerating after 40 years’ ((2011) Privacy Laws & Business International Report, Issue 112, 11‐17) which showed that at least 76 countries had enacted data privacy laws by mid‐2011. Six months later, further investigation shows that there are at least 89 countries with such laws. The picture that emerges is that data privacy laws are spreading globally, and their number and geographical diversity accelerating since 2000.
There are some surprising inclusions, and some illuminating trends in the expansion of these laws. The total number of new data privacy laws globally, viewed by decade, shows that their growth is accelerating, not merely expanding linearly: 8 (1970s), 13 (1980s), 21 (1990s), 35 (2000s) and 12 (2 years of the 2010s), giving the total of 89. In the first two years of this decade 11 new laws have been enacted (Faroe Islands, Malaysia, Mexico, India, Peru, Ukraine, Angola, Trinidad & Tobago, Vietnam, Costa Rica, Gabon and St Lucia) and the Russian law came into force, making this the most intensive period of data protection developments in the last 40 years.”
You can find the whole paper on the Social Science Research Network, HERE.
The EU right to be forgotten, already criticized by US academics. Does it really threaten freedom of speech?
Professor Jeffrey Rosen published in the Stanford Law Review some very serious criticism against the soon to be enforced in the EU right to be forgotten, stating mainly that it is a threat to freedom of speech. You can find the article HERE.
I don’t really see how obliging a person to erase an embarrassing photo of yourself infringes that person’s right to free speech. At least, one should balance the right to dignity against freedom of speech in a particular situation and afterwards make a decision in this respect.
Then again, the European system for the protection of human rights is very elaborated and exhaustive, a particular system, with concrete mechanisms of protection and precise principles to be effectively applied (such as the balance I was talking about).
Where is the freedom of speech breached here? “Any person should have the right to have personal data concerning them rectified and a ‘right to be forgotten’ where the retention of such data is not in compliance with this Regulation. In particular, data subjects should have the right that their personal data are erased and no longer processed, where the data are no longer necessary in relation to the purposes for which the data are collected or otherwise processed, where data subjects have withdrawn their consent for processing or where they object to the processing of personal data concerning them or where the processing of their personal data otherwise does not comply with this Regulation. This right is particularly relevant, when the data subject has given their consent as a child, when not being fully aware of the risks involved by the processing, and later wants to remove such personal data especially on the Internet. However, the further retention of the data should be allowed where it is necessary for historical, statistical and scientific research purposes, for reasons of public interest in the area of public health, for exercising the right of freedom of expression, when required by law or where there is a reason to restrict the processing of the data instead of erasing them.” This is recital 53 of the Preamble of the proposed regulation for data protection, which means Art. 17 of the regulation should be interpreted according to the principles stated in this recital.
I think the provision is very clear and when reading it I feel my privacy protected and not my freedom of speech threatened.
Leave a comment
Posted in Academic Resource, Comments
Tagged balance, data protection, freedom of expression, freedom of speech, Jeffrey Rosen, new data protection regulation, personal data, principles, privacy, protection of human rights, public health, research purposes, right to be forgotten, Stanford Law Review, the right to privacy