The Right to Be Forgotten Has Nothing To Do With Privacy

A side effect of  Fuchmanns vs Germany is  the (hopefully final) clarification that Right to Be Forgotten has nothing to do with Privacy protection.

Fuchmanns vs Germany, indeed, is an European Court of Human Rights Article 8 (privacy) case, while Right to Be Forgotten is an EU Fundamental Chart Article 7 (personal data protection) right.

Trying to use privacy as a legal basis for the Right to be forgotten is just plain wrong.

GDPR: from the Right to Be Forgotten to the Duty of Not Being Remembered

Leo Matiz – “Magda and the Dwarf”

Leo Matiz took this picture in 1957, in Caracas, Venezuela. The photo was a “candid”, i.e. shot unbeknownst to the people portrayed, in the classic, Cartier-Bresson-like street-photography style, and acquired by the New York MoMA. Continue reading “GDPR: from the Right to Be Forgotten to the Duty of Not Being Remembered”

The ECHR to bash the online right to be forgotten

On Oct. 19 the European Court of Human Rights issued the decision of the case 71233/13 – Fuchsmann vs Germany where the Court held that:

No violation of Article 8 (right to respect for private and family life) of the European Convention on Human Rights.

The case concerned the German courts’ rejection of the request by an internationally active entrepreneur for an injunction against  certain statements about him in an article published in the online edition of the New York Times.

The Court found that the German courts had struck a reasonable balance between the applicant’s right to respect for his private life under Article 8 and the newspaper’s right to freedom of expression guaranteed by Article 10 of the Convention. They had taken into consideration, in particular: that there had been a public interest in the alleged involvement of the applicant, a German businessman, in embezzlement and organised crime; that there had been a sufficient factual basis for the statements at issue; and that the article – which concerned mainly his professional life – was free from polemic statements and insinuations.

Continue reading “The ECHR to bash the online right to be forgotten”

GDPR is a danger for (non)intellectual property

There is no such thing as  “right to access algorithms” under the GDPR .

Section 15 first paragraph letter h) GDPR only gives the right to obtain

meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

but this definition can hardly be considered as a synonym for algorithm, thus is just plain wrong to say that GDPR deals with mathematical methods.

As it should be well known even outside the circle of the Intellectual Property cognoscenti, within the EU algorithms have no legal protection (and this is rightly so, because you can neither copyright nor patent mathematics) so the only way an industry can take advantage of a specific mathematical method (i.e. an algorithm) is through secrecy.

Pushing the GDPR reach more far from what is written into the law means to force a company to withdraw from the only way to protect a company’s valuable assets.

Like it or not, GDPR is not going to enter full force on May 25, 2018

With the scorn of those who are trying to milk money from prospect clients by threatening the “4% of the world turnover” fine, GDPR is not going to enter full force on May 25, 2018.

Sections 85 to 90 of the GDPR settle an option for the national members to pass specific local legislations on a wide range of topics, from free-speech to employment, from scientific research to personal identification numbers.

These are critical pieces of the GDPR-related legislations’ puzzle and full compliance can’t be accomplished if . on May 25 – the whole legal framework will still be incomplete.

In Italy, for instance, the draft bill that empowers the Government to pass the amendments to the Data Protection Act and to the rest of the Data-Protection-related legislations is still quietly sleeping between Montecitorio and Palazzo Madama. And since we’re entering into election time, nobody will actually care to move ahead about Data Protection at least until the end of 2018.

The consequence is that relevant part of the GDPR can be enforcend only if a State decided whether or not to pass these specific laws, but if a State doesn’t tell whether these laws will be passed or not, GDPR will hardly be fully enforced.

Enforcing the GDPR is becoming very alike a Catch 22.