The University of Law's Birmingham campus held a Regional Competition last term which gave students from a variety of institutions across the Midlands a fantastic opportunity to win work experience with national firm Gateley Plc. Students were asked to submit 500 words or less on the most important Law to them and why.
The team in Birmingham received many submissions but there was one clear winner, Eloise Ryan. Eloise is currently studying at the University of Nottingham and impressed with her submission 'The Right to be Forgotten' covering the complex subject of GDPR and her thoughts on the new data regulations that came in to force in May 2018.
Sarah Ramsey, Dean of the Birmingham Campus, said: "The team at ULaw and were greatly impressed by the large number of excellent entries which covered a wide range of subjects. Eloise really stood out for me for her good understanding of a very relevant and current issue. I wish her all the best for her placement at Gateley Plc and her future career in Law".
The University of Law is delighted that we have been able to partner with such a prestigious firm and offer work experience. We hope Eloise is 'Set for Success' after this great opportunity and we hope many of you will read the full submission below.
The Right to be Forgotten - Eloise Ryan, ULaw Competition Submission
In May 2018, the European General Data Protection Regulation 2016/679 (GDPR) came into force, which accelerated the European Union into a new era of having the world's strongest data protection laws. The European Data Protection legislation was the basis of the famous Google v Costeja González (C-131/12 (2014)) case, in which it was ruled that Google is a "data controller" who is therefore required to remove data that is "inadequate, irrelevant, or no longer relevant". I take a strong interest in the impact of technology on law, and I became particularly interested in the impact of the GDPR when observing its commercial impact on the retail industry within my employment at Next plc in the changes in our handling of customers contact details.
The GDPR is highly important because it embodies the controversial and topical debates surrounding the tension between the right to privacy, security and freedom of expression. Europe's data protection legislation are intended to secure potentially damaging, private information about individuals. Googles process for removal involves a case by case weighing of "the individual's right to privacy against the public's right to know", and in 2018 it was announced that almost 1.1 million links have been removed.
It is arguable that the GDPR decreases the value of the internet through censorship and interferes with the historical record. Previously, I had believed that the disclosure of personal data on search engines was simply part of the price that we paid for living in the modern world. Spending a year studying in North America means I was interested to read the US case of Sidis v. FR Publishing Corp (113 F.2d 806 (1940)), where it was said that there is social value in published facts, and that a person cannot ignore their celebrity status merely because they want to.
Despite this argument, further research revealed to me that only 5% of requests for removal have been made by criminals, politicians, and public figures, demonstrating that most requests are coming from members of the public who are simply attempting to assert their right to erase their past. I now believe that Europe's data protection legislation, and specifically the GDPR, is very important and valuable because it allows individuals to determine the development of their life in an autonomous way, without being perpetually stigmatised as a consequence of an action performed in the past.
This legislation heavily impacts my generation, because we are the first to experience the integration of technology and social media into our lives so deeply, but have little guidance on the consequences of sharing information online. The right to be forgotten is therefore right to have an imperfect past. The GDPR allows us to refuse to give ownership of our own identity to giant corporations such as Facebook and Google. It has been argued that it attempts to answer the question: who owns personal data? Indeed, our privacy has been compromised and the GDPR allows us to reassert individual autonomy.