12 September 2019

Obscurity

'The ‘Right to be Forgottenʼ Online within G20 Statutory Data Protection Frameworks' by David Erdos and Krzysztof Garstka comments
Although it is the EU’s General Data Protection Regulation and the Google Spain judgment which has brought the concept of the ʻright to be forgottenʼ online to the fore, this paper argues that its basic underpinnings are present in the great majority of G20 statutory frameworks. Whilst China, India, Saudi Arabia and the United States remain exceptional cases, fifteen out of nineteen (almost 80%) of G20 countries now have fully-fledged statutory data protection laws. By default, almost all of these laws empower individuals to challenge the continued dissemination of personal data not only when such data may be inaccurate but also on wider legitimacy grounds. Moreover, eleven of these countries have adopted statutory ʻintermediaryʼ shields which could help justify why certain online platforms may be required to respond to well-founded ex post challenges even if they lack most ex ante duties here. Nevertheless, the precise scope of many data protection laws online remains opaque and the relationship between such laws and freedom of expression is often unsatisfactory. Despite this, it is argued that G20 countries and G20 Data Protection Authorities should strive to achieve proportionate and effective reconciliation between online freedom of expression and ex post data protection claims, both through careful application of existing law and ultimately through and under new legislative initiatives.