(by Kristine Roach, Colorado Law 2L)
The right to erasure, colloquially known as the right be forgotten, has been adopted by the EU General Data Protection Regulation (GDPR). It gives individuals the right to have their personal data erased:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
- The personal data has to be erased in order to comply with a legal obligation.
- The personal data is processed in relation to the offer of information society services to a child.
However, the right is not absolute and the requestee can refuse to erase data of the requestor for the following reasons:
- to exercise the right of freedom of expression and information;
- to comply with a legal obligation for the performance of a public interest task or exercise of official authority.
- for public health purposes in the public interest;
- archiving purposes in the public interest, scientific research historical research or statistical purposes; or
- the exercise or defense of legal claims.
Continue reading “Last Week in Tech Policy #68A: Who Needs the Right to be Forgotten?”
(By Gabrielle Daley, Colorado Law 2L)
NASA scientist and U.S citizen Sidd Bikkannavar flew back into the United States on January 30th, 2017 and was detained by U.S customs and border patrol agents. Mr. Bikkannavar was detained upon his arrival at the Houston airport by agents who stated the reason for the detention was to ensure that he was not bringing anything dangerous into the country. However the agents never searched Mr. Bikkannavar’s luggage. Instead he was handed a document entitled “Inspection of Electronic Devices” and asked for his cell phone and cell phone password.
Mr. Bikkannavar was reluctant to hand over the phone because as it belonged to his employer, the NASA Jet Propulsion Laboratories. However, agents insisted on access to the phone and password, and eventually Mr. Bikkannavar gave an agent both. The agent then left the room with the device. Mr. Bikkannavar has no idea what the agent did with the phone outside of his presence, but in a Tweet last week confirmed that JPL is running digital forensics on the phone to try and determine what may have been taken—or left—on the phone.
Continue reading “Last Week in Tech Policy: #45 Inspection of Electronic Devices and Passwords”