Maxwell on “The Notion of ‘Fair Processing’ in Data Privacy Law”

Winston J. Maxwell, partner, Hogan Lovells (Paris) has published an article on “The Notion of ‘Fair Processing’ in Data Privacy Law” (Forthcoming, in “Quelle protection des données personnelles en Europe?”, Céline Castets-Renard (ed.), University of Toulouse, 2015)

Abstract

This paper examines how the concept of “fair processing” is evaluated under US and European data protection law. The paper first examines the FTC’s “fairness” test, which involves an explicit cost-benefit analysis, before focusing on Article 6 of the European Data Protection Directive and related case law on “fair processing.” The paper then examines “fair processing” from the law and economics perspective, and from the perspective of whether general standards are superior to detailed rules. The paper links the debate on generality versus specificity of norms to the question of whether the proposed EU General Data Protection Regulation may be too detailed and prescriptive.

Download the paper from the SSRN here

European Court of Human Rights decision (yesterday) on totalitarian symbols

Yesterday the ECHR published its decision on a case concerning the criminalisation of the use of totalitarian symbols, as prescribed by Hungarian law. It declared that article 269/B was in breach of Article 10 of the Convention. Article 269/B contains the following criminal offence:

“(1) Any person who:

a) distributes;

b) uses before great publicity;

c) exhibits in public;

a swastika, the SS sign, an arrow-cross, sickle and hammer, a five-pointed red star or any symbol depicting the above is guilty of a misdemeanor punishable with a fine, if such act does not result in a criminal act of greater gravity.

(2) The person who engages in the act defined in Subsection (1) for academic purposes or the purposes of education, science, or art, or with the purpose of enlightenment about the events of history or the present time, shall not be liable for prosecution.”

The case is related to VAJNAI v. HUNGARY (2008), in which the ECHR declared that:

The Court is of course aware that the systematic terror applied to consolidate communist rule in several countries, including Hungary, remains a serious scar in the mind and heart of Europe. It accepts that the display of a symbol which was ubiquitous during the reign of those regimes may create uneasiness among past victims and their relatives, who may rightly find such displays disrespectful. It nevertheless considers that such sentiments, however understandable, cannot alone set the limits of freedom of expression. Given the well-known assurances which the Republic of Hungary provided legally, morally and materially to the victims of communism, such emotions cannot be regarded as rational fears. In the Court’s view, a legal system which applies restrictions on human rights in order to satisfy the dictates of public feeling – real or imaginary – cannot be regarded as meeting the pressing social needs recognised in a democratic society, since that society must remain reasonable in its judgement. To hold otherwise would mean that freedom of speech and opinion is subjected to the heckler’s veto.

The circumstances of the case:

7. On 21 December 2008 the applicants organised an event in front of a shopping mall in Budapest, entitled “Anti-Capitalist Santa Claus”, with the intention to demonstrate against consumerism, draw attention to poverty, point out the shortcomings of market economy, and demand free internet access for all.

8. To express their affiliation with Communism, four persons, including the applicants, displayed a sheet and a flag with a five-pointed red star and distributed leaflets with their political message, depicting red stars.

9. In application of section 269/B(1) of the Criminal Code, a police patrol which was present called on the applicants to terminate the demonstration, checked their identity and committed them to Budapest VI District Police Department for interrogation.

10. On 23 December 2008 the applicants lodged a complaint with the Independent Police Complaints Board against the police measures. They relied on the judgment of the European Court of Human Rights adopted in the case of Vajnai v. Hungary (no. 33629/06, ECHR 2008). They referred to the Court’s finding that the prosecution for having worn a red star had amounted to a violation of Mr Vajnai’s freedom of expression enshrined in Article 10 of the Convention.

11. The applicants’ complaints were dismissed by the Complaints Board on 4 March 2009.

12. The applicants’ further complaints against the measures were dismissed by the District Police Department on 22 May 2009. This decision was upheld by the Budapest Chief Police Commander, acting as a second-instance authority, on 17 November 2009.

13. On 29 June 2010 the Budapest Regional Court dismissed the applicants’ requests for judicial review. The court held that the display of the red star contravened section 269/B of the Criminal Code, despite the Vajnai judgment, whose application in the circumstances had been no task of the police officers present on the premises. Consequently, the applicants’ identity check and committal to the Police Department was justified under sections 29 (1) and 33 (1) of Act no. XXXIV of 1994 on the Police.

14. In review proceedings, the Supreme Court upheld the Regional Court’s decision on 22 June 2011 (in the case of Mr Bakó), 27 June 2011 (in the case of Ms Noé), and 5 September 2011 (in the case of Mr Vajnai), endorsing in essence the first-instance decisions’ reasoning.

The applicants asked for compensation.

The decision

2. Holds that there has been a violation of Article 10 of the Convention;

3. Holds

(a) that the respondent State is to pay the applicants, within three months, the following amounts, to be converted into the currency of the respondent State at the rate applicable at the date of settlement:

(i) to the applicants jointly, EUR 2,760 (two thousand seven hundred and sixty euros), plus any tax that may be chargeable, in respect of pecuniary damage;

(ii) to each applicant, EUR 2,000 (two thousand euros), plus any tax that may be chargeable, in respect of non-pecuniary damage;

(ii) to the applicants jointly, EUR 2,000 (two thousand euros), plus any tax that may be chargeable to the applicants, in respect of costs and expenses;

(b) that from the expiry of the above-mentioned three months until settlement simple interest shall be payable on the above amounts at a rate equal to the marginal lending rate of the European Central Bank during the default period plus three percentage points;

4. Dismisses the remainder of the applicants’ claim for just satisfaction.

 

See the full decision here

 

See the VAJNAI v. HUNGARY (2008) here

Daly on Net Neutrality in Australia: An Emerging Debate

Angela Daly (Swinburne University of Technology; European University Institute – Department of Law) has published an article about Net Neutrality in Australia: An Emerging Debate (2nd Report of the UN IGF Dynamic Coalition on Network Neutrality (2014), edited by Luca Belli and Primavera De Filippi, pp. 43-58).

Abstract

Australia has been somewhat late to the debate on net neutrality: it is only just emerging now as a major issue in public discourse, and there are no plans to introduce any kind of further legislation or regulation beyond the existing regimes. This contribution will analyse the status of net neutrality in Australia, looking at this incipient debate, the current law and regulation which may affect ISPs’ conduct, and directions for reform if the status quo does not go far enough to advance Internet users’ interests.

Download the paper from the SSRN here

Mokrosinska on Privacy and the Integrity of Liberal Politics: The Case of Governmental Internet Searches

Dorota Mokrosinska (Goethe University in Frankfurt am Main, Germany) published an interesting article about the role of privacy in political life (Privacy and the Integrity of Liberal Politics: The Case of Governmental Internet Searches, Journal of Social Philosophy. Special Issue: Technology and New Challenges for Privacy. Edited by Leslie Francis. Volume 45, Issue 3, pages 369–389, Fall 2014)

Abstract

Governments make extensive use of information and communication technologies to monitor, collect, store, and process personal information about individuals on the Internet. Indeed, as Daniel Solove remarked, the Internet is becoming one of “the government’s greatest information gathering tools.” Governments mine the Internet either by direct online searches or by collecting data from the records of third parties such as Internet service providers, search engines, web-based services (for example, MSN network or Hotmail), online retailers such as Amazon.com or eBay, credit card companies, video rentals, or libraries.2 Governmental actors justify such practices by citing the public benefit that is derived from the improved capacity to detect fraud, drug trafficking, computer crime, child pornography, and, in the aftermath of September 11, 2001, (potential) acts of terrorism. As Helen Nissenbaum observes, a detailed image of individuals’ Internet activities—knowing what individuals are searching for, what links they have clicked from query results, and what they are buying, reading or watching—is believed to be a valuable indicator that enables the authorities to identify and eliminate threats to society.

Whereas governmental surveillance raises privacy concerns, such concerns do not always lead to better privacy protection measures. When individual privacy conflicts with broader political interests such as those listed above, protecting individuals’ privacy seems to be a luxury that society can ill afford. As Solove remarks, “[t]he interests aligned against privacy—for example, efficient consumer transaction, free speech, or security—are often defined in terms of their larger social value. In this way, protecting the privacy of the individual seems extravagant when weighed against interests of society as a whole.” It takes startling privacy invasions such as those involved in the National Security Administration (NSA) surveillance programs to mobilize a political response.

The fact that privacy protection often has lower political priority than other social interests corresponds to the view of privacy that dominates public and academic discussion. The exercise of privacy, as pictured in public and academic discussion, involves a retreat from social life. This view is of liberal pedigree: Liberals construe privacy as a right asserted by individuals against the demands of a society. We find this view in Alan Westin’s now classic liberal definition of privacy: “Viewed in terms of the relation of the individual to social participation, privacy is the voluntary and temporary withdrawal of a person from the general society.” When social participation is narrowed down to its political subset, this claim implies that the exercise of privacy disengages an individual from political society. The idea that exercising privacy removes an individual from political society fuels skepticism about the political relevance of privacy. If privacy disengages individuals from their political condition (because it removes them from political society), then the benefits it confers on them appear to be politically irrelevant. Privacy may even have a political disvalue as when it makes it possible for individuals to withhold information relevant to the pursuit of those benefits we traditionally associate with political life, such as law enforcement, public security and the implementation of social justice. If privacy has no political value or undermines the benefits of political life, extensive governmental monitoring of individuals’ Internet activities for political purposes seems unproblematic and perhaps even desirable.

In this article, I revisit the role of privacy in political life. Contrary to the common view of privacy inspired by Westin, I argue that privacy does have a value for political life and that the exercise of privacy does not disengage individuals from political association or threaten its aims, but instead actually facilitates it. I focus on decisional and informational privacy. Decisional privacy removes personal commitments and choices from interference by others. Informational privacy restricts access to an individual’s personal data. My argument unfolds as follows. Drawing on analyses of privacy conducted in the social sciences, I argue that decisional and informational privacy is constitutive of social relations. Given that political relations are a subset of social relations, privacy is one of the factors that is constitutive of political relations. I discuss the political function of privacy in the context of the liberal model of political relations, with political liberalism as my major reference point. Political liberalism emphasizes the significance of disagreement as regards conceptions of the good life in determining which moral principles are appropriate to governing the political domain. The concept of public justification that liberals place at the core of legitimate political order refers to principles that are neutral between the different moral views about the good life that divide citizens. My argument links the concept of privacy to the concept of public justification as understood in this way. I conclude that privacy is necessarily implicated in the liberal model of political relations. I then use this argument to assess the extensive practices of governmental Internet monitoring and data collection.

Download the paper from the Journal of Social Philosophy here

White on The Evolution of First Amendment Protection for Compelled Commercial Speech

G. Edward White (University of Virginia School of Law) has published an article about “The Evolution of First Amendment Protection for Compelled Commercial Speech” (Journal of Law and Politics, Vol. XXIX, No. 4, Summer 2014 ; Virginia Public Law and Legal Theory Research Paper No. 2014-50)

Abstract

This essay in an exercise in responding to the question “how did we get here” with respect to a contest contemporary issue in First Amendment jurisprudence. As late as the early 1970s no one would have thought that compelling speakers in the marketplace to propose a commercial transaction would have raised any First Amendment issues, because no one considered commercial speech to merit any protection under the First Amendment. In the New Deal period regulation of economic markets became relatively common, and was challenged on a number of constitutional grounds, the challenges typically invoking commerce power, federalism, or delegation arguments. No one suggested that efforts on the part of states to affect the content of advertisements for commercial products raised free speech concerns. Moreover, advertising itself was regarded as a suspect activity, inclined to create false or misleading expectations among consumers, and was thought eminently suitable for regulation.

Thus in order to imagine cases such as United States v. United Foods, where in 2001 a majority of the Court struck down, on First Amendment grounds, a federal program assessing handlers of fresh mushrooms with fees to promote generic mushroom sales, one has to reckon with a sea change in attitudes toward speech, commercial speech, and commercial advertising between the early 1940s and the present. This essay, emphasizing developments in First Amendment cases and commentary, as well as changing cultural attitudes, attempts to trace that sea change.

Download the paper from the SSRN here

Kulk and Borgesius on Google Spain v. González: Did the Court Forget About Freedom of Expression?

Stefan Kulk (Utrecht University – Centre for Intellectual Property Law ; Utrecht University School of Law) and Frederik J. Zuiderveen Borgesius (University of Amsterdam – Institute for Information Law) published a paper about Google Spain v. González: Did the Court Forget About Freedom of Expression? (European Journal of Risk Regulation, 2014).

Abstract:

In this note we discuss the controversial judgment in Google Spain v. González of the Court of Justice of the European Union (CJEU). Our focus is on the judgment’s implications for freedom of expression. First, the facts of the case and the CJEU’s judgment are summarised. We then argue that the CJEU did not give enough attention to the right to freedom of expression. By seeing a search engine operator as a controller regarding the processing of personal data on third party web pages, the CJEU assigns the operator the delicate task of balancing the fundamental rights at stake. However, such an operator may not be the most appropriate party to balance the rights of all involved parties, in particular in cases where such a balance is hard to strike. Furthermore, it is a departure from human rights doctrine that according to the CJEU privacy and data protection rights override, “as a rule”, the public’s right to receive information. In addition, after the judgement it has become unclear whether search engine operators have a legal basis for indexing websites that contain special categories of data. We also discuss steps taken by Google to comply with the judgment.

Download the paper from the SSRN here

Berman on The Commercial Speech Doctrine in the United States: False Promise and Promising Approaches for Protecting Public Health

Micah L. Berman (Ohio State University) has published a book chapter in a book on international approaches to the regulation of commercial speech.

Abstract

This article reviews the U.S. Supreme Court’s approach to the regulation of commercial speech, with a focus on the doctrine’s application to the regulation of tobacco products. Although the Supreme Court has at various times signaled a willingness to restrict speech that threatens public health, its decisions have more often been motivated by an overriding concern that restrictions on commercial speech constitute unwarranted governmental paternalism. This anti-paternalism concern has become the dominant feature of the Court’s commercial speech jurisprudence, and as a result, the United States is now falling further and further behind other counties in the regulation of tobacco marketing and the prevention of other public health threats. Nonetheless, there are promising alternative doctrinal approaches that tobacco control advocates have not yet pursued. Instead of pursuing broad-based limits on tobacco advertising, advocates could more narrowly target tobacco industry marketing practices that are misleading, manipulative, or appealing to minors. A strong case can be made that restrictions on these types of tobacco marketing are fully consistent with the Supreme Court’s First Amendment doctrine, even after the Sorrell decision.

Download the paper from the SSRN here

West on The Stealth Press Clause

Sonja R. West (University of Georgia School of Law) has published an article on “The Stealth Press Clause” (48 Ga. L. Rev., 729 (2014). UGA Legal Studies Research Paper No. 2014-24)

Abstract

When it comes to the cases that most affect the press, the Supreme Court seems to be taking a one-for-all-and-all-for-one stance. The reasons for this approach are varied. One suggestion is that the Court is adopting a reading of the Press Clause that protects the technology of mass communication and not particular speakers. Another sees it as in keeping with a view of the Press Clause that simply protects an individual right for everyone — not just a select group — to publish his or her speech. A third view is that it is a practical necessity to lump all speakers together in order to avoid a messy definitional problem of who does and who does not receive certain rights or protections.

In this piece, however, I pause to push back on the conventional wisdom that the Court actually has refused to view the press as constitutionally special. Contrary to what we have been told, I contend the Supreme Court has indeed recognized the press as constitutionally unique from nonpress speakers. The justices have done so implicitly and often in dicta, but nonetheless they have continually and repeatedly treated the press differently. While rarely acknowledged explicitly, this “Stealth Press Clause” has been hard at work carving out special protections for the press, guiding the Court’s analysis and offering valuable insights into how we should view the contributions of the press.

Download the paper from the SSRN here

Sklansky on Two More Ways Not to Think About Privacy and the Fourth Amendment

David Alan Sklansky (Stanford Law School) published a paper on Privacy and the Fourth Amendment: “Two More Ways Not to Think About Privacy and the Fourth Amendment, University of Chicago Law Review, Forthcoming”.

Abstract

This brief essay challenges two increasingly common ideas about privacy and the Fourth Amendment. The first is that any protections needed against government infringements of privacy in the Information Age are best developed outside of the courts and outside of constitutional law. The second is that the various puzzles encountered when thinking about privacy and the Fourth Amendment can be solved or circumvented through some kind of invocation of the past: either a focus on the text of the Fourth Amendment, or the study of its history, or an effort to preserve the amount privacy that used to exist, either when the Fourth Amendment was adopted or at some later point.

Download the paper from the SSRN here

Aldhouse on Anonymisation of personal data – A missed opportunity for the European Commission

Francis Aldhouse (Institute for Law and the Web, University of Southampton, UK) published an interesting article about anonymisation of personal data (Anonymisation of personal data – A missed opportunity for the European Commission, Computer Law & Security Review, Volume 30, Issue 4, August 2014, Pages 403–418).

Abstract

As early as the 1970’s, privacy studies recognised that ‘anonymisation’ needed to be approached with caution. This caution has since been vindicated by the increasing sophistication of techniques for reidentification. Yet the courts in the UK have so far only hesitatingly grappled with the issues involved, while European courts have produced no guidance.

Reviewing the limited case law, the author finds the concepts of both ‘personal data’ (which must be protected) and ‘anonymisation’ (which removes this requirement) misleadingly simplistic. A more practical approach would recognise that identifiability sits on a continuum so that regulation needs to be risk-based and proportional. He proposes some consequential changes to the proposed EU Regulation, albeit with modest hopes for success.

This paper is a shortened and slightly revised version of a dissertation submitted in April 2013 to Staffordshire University for the award of the degree of LLM.

 

Download the paper from the Computer Law & Security Review here