Privacy and Security TidBits

Video is “Personal Data” under EU Data Protection Laws- Cross Border Ediscovery Implications of The Google Three Case

This week, an Italian magistrate convicted three Google employees for an Internet video that none of them had produced, uploaded, or even seen. The case arose from an Italian video that was uploaded in 2006 to Google Video, which showed a disabled child being bullied by other schoolchildren. An advocacy organization and the boy’s father in Milan pushed for a criminal prosecution; a local prosecutor decided to pursue a case against four individual Google employees. In the decision, a defamation charge was dropped, but three of the named executives were found guilty of a charge related to Italy’s privacy laws, and each sentenced to a six month suspended sentences.

We may not see the Italian decision stand for long, and cannot imagine a similar case happening in most Western countries. But it represents a growing temptation of courts and lawmakers worldwide: to find excuses to strip away the protection the law grants to Internet intermediaries. It’s also an intimation of the very serious consequences to the Net and free speech if those safe harbors are weakened.

Europe has, in theory at least, at the EU level, strong protections for Internet intermediaries in itsE-Commerce Directive: Article 14 of that directive provides that hosting providers are not responsible for the content they host, as long as they are not informed of its illegal character, and they act promptly when informed of it. Article 15 clarifies that hosts do not need to monitor hosted content for potentially illegal content.

This judgement guts both these principles. The court dismissed the allegation of criminal defamation but upheld a charge of illegally handling personal data on the basis that a video is personal data, and that under EU data protection law, Google needed prior authority before distributing that personal data.

Article by Danny O’Brien

To read more, click here:

« Previous post