The "right to be forgotten" is a hot topic of
discussion in the context of imminent EU Data Protection Reform.
Article 17 of the new EU General Data Protection Regulation will
give data subjects the "right of erasure" to request that
data controllers delete any personal data relating to them, and
ensure there is no further dissemination of such data. Such
requests will extend to third-party hosts where that data may have
been sent, obliging deletion of any links, or copy or replication
of that data. This is likely to be particularly onerous on Internet
companies like Google, Facebook or YouTube, given the amount of
personal data processed on these platforms.
Case-in-point was highlighted in a recent court case, McKeogh v John Doe 1 & Ors . In
November 2011, a student evaded a taxi fare in Dublin. At the time
the taxi driver took a video of the culprit and posted it on
YouTube, asking help to identify the boy. This led to Mr McKeogh
being mistakenly identified as the perpetrator. The creation of a
Facebook page resulted in the video becoming viral and a campaign
of abuse began. In the words of Mr Justice Michael Pert, this
social media storm led Mr McKeogh to suffer a "miscellany of
the most vile, crude obscene and obnoxious comments"
wrongfully condemning him as the culprit.
In court, Mr McKeogh was proven innocent beyond all reasonable
doubt on the grounds that he wasn't even in the country at the
time of the crime, having been studying in Japan. However, Mr
McKeogh was refused an order prohibiting the press from publishing
the defamatory material. Furthermore, YouTube, Google and Facebook
failed to respond to requests to remove the video and related
links. Therefore, despite clearing his name in court, the
allegations and adverse comments remained online and in the media,
tarnishing his reputation and future career prospects. In a
judgment given in the High Court in Ireland on 16 May 2013, Mr
Justice Michael Pert commented damages could not sufficiently
compensate the defendant for the distress suffered, which would
continue for so long as the material remained online. As a result,
a mandatory injunction was granted ordering YouTube, Google and
Facebook to take down the offending material within 14 days.
This judgment has the potential to open the floodgates and set a
precedent to justify further requests by others objecting to videos
posted about them on social media.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
In this article Filippo Noseda examines the impact of the Common Reporting Standards (CRS), based on practical examples of data transfer and data breaches and analysed in the light of general tax law principles.
Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (GDPR) was approved in Spring 2016 and the new rules will come into effect on 25 May 2018.
This update is dedicated to covering the latest legislative developments affecting the way data is managed and protected, as well as reporting on the most recent news governing data breaches and industry developments.
This week TalkTalk was fined Ł400,000 by the Information Commissioner's Office (ICO) for breaching the Data Protection Act. This is the largest fine, to date, that the ICO has imposed – which emphasises the seriousness of the breach.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).