Co-authored by Evan Selinger.
Google’s recent decision to delist “revenge porn” from its search results is a big deal, and not just for victims. Beyond opposing harmful conduct thatdisproportionately targets women, Google has essentially demonstrated how something akin to the European Union’s right to be forgotten can, and should, work in the US.
Some Americans have panicked over Europe’s woefully misnamed right to be forgotten, anxious at the thought of the “biggest threat to free speech online” “erasing history” and “breaking the internet”. But such a right doesn’t have to exact an exorbitant price tag, and it can come about in many different ways.
In the case of the right to be forgotten, Google has shown that the world won’t be knocked off its axis if the company goes beyond protecting financially relevant information (copyrighted works, social security numbers, and bank information), and takes aggressive steps to remove links to socially relevant information that can harm autonomy, reputation, and emotional well-being.
As the debate over online privacy in the US advances, there are three important things to keep in mind.
1) Both government and industry must invest in data protection rights
The First Amendment restricts the ways the US government can oblige companies to provide citizens with data protection rights. The corporate free speech interests of Google and others will likely ensure that the US cannot mimic data correction and erasure rights in the EU. What this means is that the public must demand that Google – along with other online intermediaries – exerts leadership and avoids adopting a mentality that’s concerned more with legal compliancethan social good.
Even cynics must admit that Google made a voluntary choice to take actionagainst revenge porn at a global level. This is the case even if the policy deflects some attention away from the tougher questions raised by delisting requests from EU citizens, and even if it follows moves by Reddit, Twitter, and other prominent companies in responding to online harassment. Evidence now suggests that if the public keeps applying pressure, industry and government can be partners in ensuring that it is hard for undesirable parties to obtain some of the information we have privacy interests in.
Seen from this perspective, good can come from the fact that Google is not legally required to make free speech exceptions for links to information some would deem newsworthy. Even countries with broader privacy rights like those in the EU could benefit from an invested industry.
2) Personal data rights will evolve through information-specific categories
The entire regulatory framework for protecting privacy in the US is fragmented and largely focused on safeguarding specific kinds of sensitive information, like health, financial, andeducation records. The right to be forgotten in the US will not be any different.
To be sure, a category-based approach to privacy has its drawbacks. It fuels an incremental orientation towards privacy protection, and every victory puts us at risk of being too complacent to go further and take up far-reaching and robust reforms.
But a category-based approach also has numerous advantages. Different solutions, ranging from expunging a minor’s criminal record to deleting stalecredit history and delisting non-consensual pornography, can be worked out independently of one another. Clear justifications can be given for why special types of information are so problematic they should be obfuscated or removed from different systems. At the end of the day, categories of information that clearly do not belong in the wrong hands, such as non-consensual pornography, can be handled with comparative ease. Meanwhile, grey areas, like what to do about privacy-invasive public records, can be addressed later on as the discourse surrounding them matures.
Read the full piece at The Guardian.