Internet Freedom And The Right To Private Life

WEST UNIVERSITY OF TIMIȘOARA

FACULTY OF LAW

WORK OF DISSERTATION

INTERNET FREEDOM AND THE RIGHT TO PRIVATE LIFE

Scientific coordinator

Lect. dr. Andreea Verteș-Olteanu

Master student

[anonimizat]

2016

TABLE OF CONTENTS

Introduction

Chapter 1 – The origins of the internet

1.1 Internet principles

Chapter 2 – Rights in the information age

2.1 Civil rights in the information age

2.2 Constitutional rights in the information age

Chapter 3 – Rumor and reputation in the digital world

3.1 Gossip and the virtues of knowing less

3.2 The right to be forgotten

Chapter 4 – Privacy on social networks

4.1 Data protection

Conclusion

Bibliography

INTRODUCTION

What is the Internet?

The Internet is a worldwide system of interconnected networks that serves as a global data communication system that links millions of private, public, academic and business networks via an international telecommunications backbone that consists of various electronic and optical networking technologies.

We often hear the words Internet and World Wide Web and we use them thinking they mean the same thing; however, they have different meanings. While the Internet is a vast software and hardware infrastructure that enables interconnectivity between compters, the web is a massive hypermedia database, a collection of documents and other resources interconnected by hyperlinks.

It is safe to say that nowadays, we could not imagine our lives without the Internet. We ask ourselves, how did people live before the Internet? How did they communicate? It must have been pretty hard not to know what your friends are doing and where they are at all times.

While we cannot argue with the fact that the internet is providing us with all kinds of information, wanted or not wanted, we must ask ourselves, is this abundance of information safe for us?

Are you married? What is your religion? Where did you go for dinner last night? These are just an example of details that would once be known only by our family or close friends; now, many of us willingly display everything we do and everywhere we go on social media, for the world to see.

The boundaries between private and public domain are shifting dramatically; and that is only our doing. People are beginning to depend on technology, as if it is a segment to their lifestyle and they can now adapt or personalize it to fit their needs.

My paper will concentrate on how private life nowadays is affected by the advance of technology.

Chapter 1 – THE ORIGINS OF THE INTERNET

The Internet first saw the light of day in the early 1960s, when a group of visionary people thought that it would bring great potential value to the world if they could allow computers to share information on research and development in military and scientific fields. The first to propose a global network of computers was J.C.R Licklider of the Massachusetts Institute of Technology (MIT) in 1962 which later moved over to the Defense Advanced Research Projects Agency (DARPA) to develop it. MIT and University of California, Los Angeles (UCLA) later developed the theory of packet switching, which helped form the basis of Internet connections. Lawrence Roberts of MIT connected a Massachusetts computer to a California computer in 1965 using a dial-up telephone line.

The outcome of this experiment was the understanding that the time-shared computers could function well together, running programs and recovering data as necessary on the remote machine, but that the circuit switched telephone system was totally incompetent for the job. Kleinrock's belief of the need for packet switching was confirmed.

In 1966 Roberts went to DARPA to develop the computer network concept and put together his plan for the "ARPANET", published in 1967. In 1968, after Roberts and the DARPA funded community had “polished” the overall structure and specifications for the ARPANET, an RFQ was released by DARPA for the development of one of the key components.

Because of Kleinrock's early development of packet switching theory and his target on analysis, design and measurement, his Network Measurement Center at UCLA was selected to be the first node on the ARPANET. Later that month, when SRI was connected to the ARPANET, the first message was sent from Kleinrock's laboratory to SRI.

Computers were added quickly to the ARPANET during the following period, and work proceeded on completing a functionally complete Host-to-Host protocol and other network software. In 1970, the Network Working Group working under S. Crocker finished the initial ARPANET Host-to-Host protocol, called the Network Control Protocol. As the ARPANET sites completed implementing NCP during 1971-1972, the network users finally could begin to develop applications.

In 1972, Kahn organized a large, successful demonstration of the ARPANET at the International Computer Communication Conference. This was the first public demonstration of this kind to the public. It was also in 1972 that the initial communication application, electronic mail, was introduced. In March, Ray Tomlinson at BBN wrote the basic email message, motivated by the need of the ARPANET developers for an easy coordination mechanism. In July, Roberts expanded its service by writing the first email utility program to list, selectively read, file, forward, and respond to messages. From there email took off as the largest network application for over a decade. This was a precursor of the kind of activity we see on the Internet today, as the enormous growth of all kinds of "people-to-people" communications.

The ARPANET became the Internet. The Internet was based on the idea that there would be multiple independent networks of rather random designs, beginning with the ARPANET as the pioneering packet switching network, but soon to include packet satellite networks, ground-based packet radio networks and several other networks. The Internet as it exists now incorporates a main underlying technical idea, namely that of open architecture networking. In this way, the choice of any individual network technology was not commanded by a particular network architecture but rather could be selected freely by a provider and made to interwork with the other networks through an "Internetworking Architecture".

At the same time that the Internet technology was being experimentally ascertained and widely used among a subset of computer science researchers, other networks and networking technologies were being followed. The value of computer networking – especially electronic mail – demonstrated by DARPA and Department of Defense contractors on the ARPANET was not lost on other communities and disciplines, so that by the 1970s computer networks had begun to appear wherever funding could be found for the purpose.

The early networks (including ARPANET) were built for a purpose – i.e., they were destined for, and largely limited to, closed communities of scholars; therefore, there was little pressure for the individual networks to be compatible and, indeed, they largely were not.

A reason for the rapid growth of the Internet has been the free and open access to the basic documents, especially the specifications of the protocols.

The Internet is as much a selection of communities as a selection of technologies, and its triumph is mostly deducible to both satisfying basic community needs as well as utilizing the community in an efficient way to push the infrastructure forward. This community spirit has a long history; it began with the early ARPANET. The early ARPANET researchers worked as a solid community to achieve the initial demonstrations of packet switching technology described earlier.

INTERNET PRINCIPLES

The Internet represents a step forward in what human rights are concerned, offering a series of unprecedented opportunities and playing a very important role on a day to day basis. Therefore, it is important for both public and private sector to respect and protect our basic human rights on the Internet.

In order to ensure a rights-based Internet, there are 10 principles that have to be respected:

Universality and equality – all humans are born free and equal in dignity and rights, which must be respected, protected and fulfilled in an online environment;

Rights and social justice – the Internet is a place for promotion, protection and fulfilment of human rights and the advancement of social justice. Everyone has the duty to respect the human rights of all others in the online environment;

Accessibility – everyone has an equal right to access and use a secure and open Internet;

Expression and association – everyone has the right to seek, receive, and impart information freely on the Internet without censorship or orther interference. Everyone also has the right to associate freely through and on the Internet, for social, political, cultural or other purposes;

Privacy and data protection – everyone has the right to privacy online. This includes freedom from surveillance, the right to use encryption, and the right to online anonymity. Everyone also has the right to data protection, including control over personal data collection, retention, processing, disposing and disclosure;

Life, liberty and security – the rights to life, liberty and security must be respected, protected and fulfilled online. These rights must not be infringed upon, or used to infringe other rights, in the online environment;

Diversity – cultural and linguistic diversity on the Internet must be promoted, and technical and policy innovation should be encouraged to facilitate plurality of expression;

Network equality – everyone shall have universal and open access to the Internet’s content, free from discriminatory prioritization, filtering or traffic contraol on commercial, political or other grounds;

Standards and regulation – the Internet’s architecture, communication systems, and document and data formats shall be based on open standards than ensure complete interoperability, inclusion and equal opportunity for all;

Governance – human rights and social justice must form the legal and normative foundations upon which the Internet operates and is governed. This shall happen in a transparent and multilateral manner, based on principles of openness, inclusive participation and accountability.

CHAPTER 2 – RIGHTS IN THE INFORMATION AGE

Whilst the rules and rights that govern behaviour in the physical world have been around for centuries, those that govern the digital world have only evolved in the last decade.

Users of information processing systems have the right to own their own digital identity. Also, they have the right to have sole control of that digital identity in all of its use. In addition to that, they have the right to have no one other than the owner of a digital identity revoke it. They have the right to replace their digital identity in case it was compromised in any way, so that it matches the compromised one.

People can use systems in an anonymous way or under pseudonyms if they want, as long as it is not done for unlawful reasons.

Users can also request and receive proof of their interacting parties identities, obtain information of interacting parties acting in delegated roles for a legal entity, access and use information resources as defined by the owner of the resources and access and use information resources at an affordable price.

Moreover, users have the right to make backup copies of information for their personal use, so that it can be restores if the original is lost. They can also use legitimately downloaded material on the device of choice.

Other rights include agreeing with other interacting parties on the jurisdiction of the digital interaction and obtain redress, if required, using the relevant dispute resolution process in the agreed jurisdiction.

Also, users can undertake digital interactions with other parties as permitted by law; have freedom of expression and opinion, as permitted by law; have the right to publish freely their expressions and opinions, as permitted by law.

One of the most important rights all users have is not having their digital interactions subject to surveillance or interception, in absence of a legitimate court order. They have the right to refuse any unwanted digital interaction and have proof of all digital interactions they are a part of. Also, users can implement any level of protection they want for any and all digital interaction; they have the right to avoid self incrimination in any digital interaction.

An important part of the world today is intellectual property; this being said, users can own and decide the use and purpose of their intellectual property and they have the right to not have government censorhip of their digital interactions, unless sanctioned by law and also not have their identity credentials stored in a central database where they are likely to be attacked.

Users can navigate in an unrestricted manner through public digital networks in a non-discriminatory manner and have due judicial process and proper representation in conflicts with any service provider or transaction partner; they have the right to not be held liable for any content provided by others on systems they own and control where this content may be stored or transmitted.

In the end, we have to remember that all users have the right to uninterrupted services and reasonable access to contracted digital services and resources without prejudice, be notified and give approval for personal data to be transmitted to anyone by a service provider or any other individual or legal entity holding such data and to be assured that all private and personal digital information held by any third party is securely deteled on termination of contractual or other relationship with the information holder.

2.1 CIVIL RIGHTS IN THE INFORMATION AGE

With the continuing change and advance of technology, many aspects of real life have changed due to the fact that these aspects were also made possible on the Internet. This advancement, though, has brought along new ways and methods of abusing our civil rights.

Next, I will give some examples of how technology affects our privacy and civil rights, sometimes without us even knowing or noticing it.

Phone hacking in the information age

Even though we are now aware that we are tracked on our phones, a few years ago we had no idea that every step we take is followed by the authorities. People still want to believe today that what they talk on the phone or what they send via text message is personal, but in recent years phone hacking has become very popular, especially for public figures.

Phone hacking is the act of accessing someone’s phone calls, text messages or voicemail messages without their permission. Of course, phone hacking is illegal in most countries, but this does not prevent people from doing it for various reasons. It is believed that softwares have been created that allow people to have access to other people’s phones.

Cyber-crime in the information age

Cyber-crime is considered by the BBC one of the „fastest growing criminal activities on the planet”. The term cyber-crimes covers a wide range of criminal activities such as illegally downloading music or movies, stalking, computer hacking, stealing information from others, identity theft or creating and/or distributing viruses. In he UK, cyber-crime costs over 27£ annually, so we can safely say that it has a major effect not only on security, but also financially.

Personal information is valuable and few people know how safely data they hand out about themselves is actually being handled. In some cases, you do not even have to hand out data, it is automatically accumulated from your computer or different websites you visit.

Personal data, for example purchasing history, can reveal a lot about a person or their interests and lifestyle; it can allow companies build an idea of who you are and use that idea to estimate what you would be interested in buying.

These are the reasons why various laws have been put in place in order to protect citizens and combat the threats technology poses for private life and personal data.

DNA profiling

Since the 1990s, the police have built up an extremely large database containing people’s DNA used to assist in crime detection, so when a person commits a crime, it is easier to find the culprit – this would be the advantage.

On the other hand, we could split the disadvantage in two parts: first, when a person is found innocent of a crime, their DNA records are erased from the database, so if the same person commits a crime in the future, it would be harder for the police because they would have limited access to compare evidence from the previous crime; secondly, why should anyone have the right to delete or to handle a person’s personal records without the actual person’s consent?

National identity cards

There have been several discussions regarding identity cards for every citizen of the European countries that are part of the European Union. These cards will contain information such as fingerprints and a photograph of its owner, so anyone who will require proof of identity will ask the person for his/hers identity card.

One of the advantages speculated regarding the identity card is reduction of crime, as the fear of being caught will be increased. Another advantage would be if we are to talk about banking, as it would be easier for its owner to open a new bank account as they already have proof of identity; however, it would be very dangerous if the owner loses his/her identity card.

CCTV system

From the police’s point of view, CCTV systems are out there for the good of the community. They claim that it is easier for them to spot and recognize the criminal; even if there a lot of crimes that are now planned around the CCTV systems, figures from the start of the decade to the present day have shown a reduction of crime through the use of the CCTV systems.

Also, they are a good system for speedy drivers, as they have been installed in certain places on different roads and highways; as drivers fear getting a ticket, they will immediately slow down in the proximity of the cameras.

The big disadvantage, however, is the fact that we are being watched everytime and everywhere. In my opinion, it is a breach of our civil rights the fact that we are not even asked if we give our permission to be under constant surveillance. How far should surveillance go? What actually happened behind the scenes? All governments claim that the cameras are in the interest of public security; but what about private security? Is there a guarantee that our information will not be used in other ways exempt from those that are needed? I do believe that in the wrong hands, all the information stored on these systems can be detrimental to a person’s security.

I feel that this is a good place to talk about intellectual property laws and information privacy laws.

Intellectual property laws grant exclusive property rights over a piece of information, while information privacy laws protect individuals against unwanted access to their personal information.

At the first glance, intellectual property and information privcy have little in common, but at a closer look at the target of the two areas of law, we can reveal some differences. Two main intellectual property protections, copyright and patent rights, intent to protect the inventor. From an economic standpoint, this exclusivity is fundamental for two complementary reasons: first, it offers the inventors a stimulant to create and second, exclusivity endows the creation of markets for intellectual property. Information privacy laws do not have similar utilitarian purpose; however, information privacy rights aim at boosting an “individual’s control of his/her personal information, autonomy and participatory self-determination”.

In the United States of America, judicial protection of information privacy is dispersed across different jurisdictions and legal sources. On the federal level, the 1974 Privacy Act serves only to protect individuals against overreach of the federal government, while extensive but sector-specific information privacy rights can be found in many other federal statutes.

Intellectual property and information privacy also vary in the primary legal instrument employed to effect governance. Copyright gives inventors and authors a temporary and limited monopoly in the form of an exclusive right over the use of their creations. On the other hand, information privacy rights stop other people from divulging or misusing one’s personal information withour authorization.

In practice, information privacy’s persission-and-consent structure has led to individuals having only limited control over how others use their personal information. This is one of the reasons why a numer of legal specialists have proposed a new governance method for securing information privacy: a quasi-property right to personal information. Such a right would empower individuals to gain economically through the transfer of usage rights over their personal informations, just like creators and authors benefit from licensing their copyright to third parties. It would also ease the creation and function of robust markets for personal information, reducing illicit trade and also unauthorized free riding.

In opposition from the situation in the United States of America, information privacy in Europe is seen as a fundamental right. It is enforced throughout the European Union through a European Union Directive that grants individuals’ the right to determine when, for what motive and in what context their personal data is used.

Creators’ rights are usually seen as consisting of two different, but associated dimensions: economic and moral. The economic side ensures the creator the right to grow economically through the use and licensing of his/her creation in two ways: by making use rights transferable and by offering authors effective tools to enforce their rights in a court of law. Regarding the moral dimension, it guarantees that the work of art is identified as that of a particular creator should he/she choose so, and that it cannot be altered without the creator’s consent.

In continental Europe, information privacy rights are also based on a solid personal rights foundation. Individuals are given a set of rights to control when, where and by whom their personal rights are being used. Therefore, through negotiations and persmission an individual outlines the concrete context and purpose of how his/her personal information can and will be used; information privacy rights are inalienable and cannot be simply transferred to other individuals.

Information privacy rights give individuals legal claims to be informed about the intended use of their personal information. Such transparency is seen as both an indispensable condition for consent, and as a way to shine a light onto processing practices and purposes. The protection extends beyond the moment of consent in the sense that consent is premised on a particular processor, context and purpose of usage. Generally, none of these elements can change without the need to go back to the individual and ask for permission.

A number of European information privacy decrees have installed an independent data protection commissioner, whose task is to audit information processors, investigate complaints of potential violations of information privacy statutes, and renders reports, with the hope of compliance from behalf of the information processors and the hope of staying within the legal limits in future endeavours. Data protection commissioners are public individuals, who comments publicly on planned legislation and furthermore influencing the legislative trajectory in favour of information privacy.

In conclusion, information privacy governance is generally happening beyond individual enforcement of information privacy rights, and is usually taking place through governance methods that information privacy intermediaries use.

2.2 CONSTITUTIONAL RIGHTS IN THE INFORMATION AGE

Professor Laurence Tribe, professor of constitutional law at Harvard Law School once said: “Science and technology open options…they do not alter what is right or what is wrong. The Constitution’s norms, at their deepest level, must be invariant under merely technological transformations.”

Today the internet is ubiquitous. We often forget that it was not commercialized until the mid-1990s, and that its intersection with the law is a relatively recent development – it has been less than 20 years.

The right to privacy usually means the right to personal autonomy and the right to choose whether or not to engage in certain acts. There are a number of amendments that have been made to the United States of America Constitution which have been used in varying degrees of success in determining a right to personal autonomy:

The First Amendment protects the privacy of beliefs;

The Third Amendment protects the privacy of home against the use of it for housing soldiers;

The Fourth Amendment protects privacy against unreasonable searches;

The Fifth Amendment protects against self-incrimination, which in turn protects the privacy os personal information;

The Ninth Amendment says that the “enumeration in the Constitution of certain rights shall not be construed to deny or disparage other rights retained by the people” – this has been interpreted as a justification for broadly reading the Bill of Rights to protect privacy in ways not specifically provided in the first eight amendments;

The right to privcy is the most often quoted in the Due Process Clause of the 14th Amendment, which states: “No state shall make or enforce any law which shall abridge the privileges or immunities of citizens of the United States; nor shall any state deprive any person of life, liberty or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws.”

We have to mention in this section Justice Stewart’s memorable assertion in the Katz v. United States case: “For the Fourth Amendment protects people, not places. What a person knowingly exposes to the public, even in his own home or office, is not a subject of the Fourth Amendment protection…But what he seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected.” In this particular case, federal agents attached an eavesdropping device to the outside of a public phone booth used by the defendant, Katz. Based on recordings of his end of the conversations, Katz was convicted under an eight count indictement for the illegal transmission of wagering information from Los Angeles to Boston and Miami. The Court ruled that Katz was entitles to the Fourth Amendment protection for his end of the conversations, and that a physical intrusion into the area he occupied was unnecessary to bring the Amendment into discussion.

Another case in which the right of privacy, as a constitutional right, was the main topic was Griswold v. Connecticut. Griswold involved a challenge to a Connecticut statute barring physicians giving instruction or means of a contraception to married persons. The question that was on everybody’s mind was whether states could abridge individual citizens’ rights deemed fundamental, although not specified in the federal Constitution, but understood to be derived from the explicit guarantees in the Constitution. The Court found the statute unconstitutional. Justice Douglas noted that “specific guarantees in the Bill of Rights have penumbras, formed by emanations from those guarantees that help give them life and substance…[and those] various guarantees create zones of a privacy.” In a concurring opinion, Justice Goldbers stated that “the inquiry is whether a right involved is of a such character that it cannot be denied without violating those fundamental principles of liberty and justice which lie at the base of all our civil and political institutions.”

It is only the intent of the person subject to a privacy intrusion that matters most, and not the interests of the government or any private data brokers. The only question that arises is whether the American people are knowingly exposing profiling data to the public, which includes the government, when engaging in arms length transactions with private sector entitites, or ar they seeking to preserve such information as private and only disclosed in privacy.

We can talk about the Constitution in the Internet age in three sections: due process, free speech and the Fourth Amendment.

Due process and jurisdiction

Before the Internet, jurisdiction was metes and bounds – based on place, territory, and almost always physical borders. Then, the Internet appeared and it got so much harder to determine jurisdiction on issues that took place online.

A district court in Pennsylvania established a foundational structure for analysis – the Zippo sliding scale test. Under the Zippo sliding scale test, “the likelihood that personal jurisdiction can be constitutionally exercised is directly proportionate to the nature and quality of commercial activity that an entity conducts over the Internet.”

In the case of Boschetto v. Hansing, a plaintiff from California bought a car from a seller from Wisconsin, via eBay. The Nith Circuit stated that personal jurisdiction did not exist in California, noting that “traditional jurisdictional analyses are not upended simply because a case involves technological developments that make it easier for parties to reach across the state lines.”

In the case of Mavrix Photo, Inc. v. Brand Technologies, Inc., a photo company from Florida discovered that one of its photos of singer Fergie and her husband were being hosted by “celebrity-gossip.net”, a company from Ohio. Obviously, the company sued in California. The interactive nature of the website did not argue general jurisdiction, such that a non-resident defendant intended to “sit down and make itself at home.” Nevertheless, the court found specific jurisdiction because the website received a substantial number of hits from residents from California, third parties advertised to California residents and it focused on a California industry, the entertainment world.

Another emblematic case is La Ligue v. Yahoo!, in which the first question to arise is when do French rulings impact the First Amendment rights of a U.S company’s conduct on the Internet?

The case started in France, but ended in a US court of law. La Ligue complained that Yahoo! was allowing its online auction service to be used for the sale of memorabilia from the Nazi period, contrary to the French Criminal Code, which was true. The defense stated that the auctions were conducted under the jurisdiction of the United States, not the French jurisdiction. They also claimed that there were to technical means to prevent French citizens from participating in the auctions, not without financial impact and not without compromising the nature of the Internet. Yahoo! advocated that its servers were located on US territory; that its services were mainly aimed at US residents; that the First Amendment guarantees freedom of speech and expression and that any effort to enforce a judgement in the United States would fail for unconstitutionality. Yahoo! lost in the French court, but sought a declaratory judgement in California, stating that the French ruling was unenforceable in the US; the American court agreed.

Free speech and the First Amendment

The First Amendment provides that “Congress shall make no law…abridging the freedom of speech, or of the press…”

The Supreme Court’s Internet free speech cases in the past two decades revolve around regulations seeking to protect children from exploitation and from viewing indecent and obscene material.

The Court stated that the same free- speech principles that apply to books and movies should apply to the Internet as well.

The Fourth Amendment and privacy

In 1999, Scott McNeeley of Sun Microsystems was quoted as claiming, “You have zero privacy. Get over it.”

In United States v. Knotts, the court said that “a person travelling in an automobile on public thoroughfares has no reasonable expectation of privacy in his movements from one place to another.” Also, the court held that surveillance of private property from the air was legal and constitutionally permissible because the cameras used for surveillance were on the market and available to the public.

As time passed and technology evolved, the amount of gadgets available to the general public has exploded, becoming more and more possible to use these technologies to aggregate hundreds, if not thousands or more data points about any particular person, and in the process, to get closer and closer to a model or total surveillance.

This kind of evolution led to cases like Kyllo, involving a thermal imaging device that could see through walls from outside. Pushing back against law enforcement, the court held that there are limits on how the government can use technologies, even those in public use, because the manner of use might reveal too much.

In 2012, in United States v. Jones, the court held that law enforcement’s installation and use of a physical GPS device, which had been attached to the underside of a criminal suspect’s car, was a search. Invading the physical space of a car was a trespass to property, and that made it a search.

Justice Sotomayor concurred: “It may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties…This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as Justice Alito notes, some people may find the tradeoff of privacy for convenience worthwhile, or come to accept this diminution of privacy as inevitable,…and perhaps not. I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year.”

CHAPTER 3 – RUMOR AND REPUTATION IN THE DIGITAL WORLD

“The effects of 21st century instant communications provide particular challenges and opportunities in terms of how reputations can be created, sustained and rebuild.” – Rupert Younger, Director of the Oxford University Centre for Corporate Reputation said.

Just as the newspaper, the radio and the TV once were, the web is also a transformative technology. As a result, there is a temptation to confuse the population with the message. But, as an old saying stated: “computers don’t spread rumors, people do.”

The omnipresence of new technologies has generated unprecedented possibilities for the proliferation of rumors. Spreading rumors can cripple political campaings, damage business’ reputation or escalate and trigger panics in society.

Two definitions of the word “rumor” have been given in previous studies; one treats rumos as a kind of message, while the other says that rumor is a form of communication. The first one tends to regard tumor as an unverified or even distorted piece of information and the latter views rumor as an important part of collective problem-solving process through multiple communicative acts.

Humans generate rumor as improvides news through a collective transaction to cope with their unsecurities when the formal communication channels fail to provide them with trustworthy pieces of information. The alteration of the rumor content, the distortion, is part of the developmental process through which people strive for understanding problem at hand. Therefore, falsehood is not an absolute feature of rumor and rumor is not so much a distortion of some word combinations, but what is held in common. Considering rumor as a form of communication not only changes the understanding of rumor beyond a falsehood with harmful effct, but also provides a bigger theoretical framework for understanding rumor as a collective activity that aims at giving meaning to mysterious phenomena and events through communicative activities. Therefore, rumor generates unofficial communication outside the formal system of communication.

Cass Sunstein, professor or constitutional law, administrative law, environmental law and behavioral economics, acknowledges that that web makes virtually unlimited amounts of information available. It is now possible to sit in a coffee shop anywhere in this world and read newspapers from the opposite part of the world, while simultaneously receiving alerts on your phone on even more news. It if often argued that the Internet is a boon to democracy – if information is good, therefore more information is better. Sunstein considers that “the web has a feature that is even more salient: at the same time that it makes more news available, it also makes more news avoidable.”

“The most striking power provided by emerging technologies is the growing power of consumers to ‘filter’ what they see” – Sunstein said. The major news channels and papers like CNN, BBC or the New York Times still own most of the websites, but more and more people are getting their information in a customized form, like subscribing to e-mail and RSS feeds on their favourite subjects and skipping subjects they find less congenial. The fastest-growing websites are those who explicitely cater to their users’ ideologies and opinions.

In the 1970s, two psychologists from a college in Michigan performed the following experiment: they administered a questionnaire on racial attitude to seniors at some nearby high schools and then they divided the students into groups. The students who, based on their answers to the questionnaire, exhibited “high prejudice” were placed with other students equally biased; the students who exhibited “low prejudice” were placed with other students who scored the same thing. Afterwards, the students were instrucred to discuss several issues and finally, they were asked to complete another questionnaire. The result was that simply by talking to one another, the bigoted students became more bigoted, and the tolerant students more tolerant.

The tendency to become more extreme after speaking with people with the same thinking as yours is called “group polarization” and it was documented in several other experiments: in one of them, feminists who spoke with other feminists became more and more adamant in their idea of feminism; in another, opponents of same-sex marriage became even more opposed to the idea after speaking with other people who thought the same thing, while people who agreed to the idea, continued to agree.

Group polarization happens, according to one theory, when people engage in discussions with other people who share their opinions and they hear new arguments to support said opinion; that makes them believe in it even more than before.

Sunstein considers that the web takes things to a whole new level because there is virtually no opinion an individual can hold that is so bizarre that he/her will not find another person to share it with.

“Views that would ordinarily dissolve, simply because of an absence of social support, can be found in large numbers on the Internet, even if they are understood to be exotic, indefensible, or bizarre in most communities”, Sunstein observes.

As far as reputation is concerned, we can define it as a social mechanism by which we come to trust one another, in all aspects of our society. I see it as a security mechanism. The promise and threat of a change in reputation entices us all to be trustworthy, which in turn enables others to trust us. In a very real sense, reputation enables friendships, commerce and everything else we do in society. It’s old, older than our species, and we are finely tuned to both perceive and remember reputation information, and broadcast it to others.

To understand how reputation works, we can imagine that we are living in a village where everyone knows each other. In this situation, based on reputation, we know who we can lend money to, we know who is likely to return the borrowed sum, and who is not. Of course, the system is not perfect, we can even call it obsolete and discriminatory against strangers and outsiders; this is the real problem, that the system does not scale. To enable lending on a larger scale, personal reputation was replaced with a modern, technological system: scores and credit reports. The flaw with the system is that it can be easily hacked; all kinds of attacks that would not have happened with a personal reputation system became possible with a system that works as a technological reputation system.

3.1 GOSSIP AND THE VIRTUES OF KNOWING LESS

Gossip has two sides: one side is the amazing warm feeling you get from spending time with your friends and sharings stories about mutual acquaintances; the other side is the angry and frustration feeling you get when you realize that someone else is talking about you behind your back.

When it is good, gossip binds communities and people together. People living in small communities know that gossiping is something that they naturally do, as they share a collective identity.

Nowadays, gossip seems to be the main form of entertainment. We are constantly, even if we do not want to, bombarded with different kinds of information, such as where a certain celebrity is vacationing, what did he/she had for dinner, personal embarassments of politicians and a whole pool of people on pseudo-reality shows whose main purpose is to self-promote themselves.

The dictionary defines gossip as “idle talk or rumor, especially about the personal or private affairs of others”.

In a 2006 study, a social psychologist and her colleagues from the University of South Florida, asserted that people feel a closer kinship over shared dislikes of other people than shared likes.

Negative gossip does a lot more than identify a common belief. Its real power comes from creating a sense of community by setting up “in-groups” and “out-groups”, putting those gossiping on the inside by putting the subject on the outside.

An Anglican speaker and author wrote a book on the Ten Commandments to modern life. He offers different useful tests to help determine if something is gossip or justified interest in another:

Is it true?

Will it benefit anybody knowing this? – if the answer is yes, there are two additional questions:

Would you be willing to put your name to it – to be known to all as its source?

Would you be willing to say it to the person’s face in a public setting? – if not, then even if you might be justified in talking to the subject about it, you have no business talking to others. Ask yourself how would you feel if someone would to the same to youl it really is as simple as this: “So in everything, do to others what you would have them do to you.” (Matthew 7:12)

What is your motivation? Is it to help the person, or is it for self-seeking motives – to bond with another person, to feel morally superior, to justify your own choices? If your motives are impure, then even a valid attempt to help will probably fall flat or cause harm.

In the past, gossip was unhurried and it advanced lazily. People share different kinds of information within their social circles, which have boundaries.

Traditionally, it has been unusual for gossip to leap from one social circle to the other, because people in one group rarely know or care about someone in a completely different group. A person’s coworkers make up one such social circle. Gossip often travels quickly throughout a workplace, since people work in the same building and have frequent encounters with one another. They are interested in information about fellow group members. Therefore, if one of them hears a juicy piece of gossip, he or she is more likely to spread it to other coworkers than to tell someone outside the group. But others outside the workplace might not care anyway. They might find the details of a particular salacious story to be interesting, but unless they know the person involved, they probably don’t care at all about that person’s identity.

Physical space has long been an effective antidote to too noisy a neighbor. When the next farm is many miles away, what one does or says is less likely to spread, except intentionally.

In his book, another writer describes the term “social epidemics”; in his opinion, the spread of information and ideas resemble the spread of diseases or epidemics. He says that change does not happen gradually, but instead arrives at a dramatic moment – a tipping point.

How does this happen? The explanation is simple. Within social groups or networks, there are certain people we can call “connectors”, as in friendly and gregarious people eho who exist in numerous different social circles; they can also be called “super nodes”, hubs that link many clusters of people.

“Most of us don’t have particularly broad and diverse group of friends”, Gladwell says. That is exactly why connectors are important, because when a piece of information hits a connector, it spreads from one circle to another; it is no longer contained in a social circle, but leaps into numerous others.

As information spreads, it begins to proliferate expotentially. But this process does not happen readily. The information in case has to be “sticky” – it must inspire people to want to keep talking about it; it has to be contagious. When this process occurs, the spread of the gossip might reach a “tipping point”, where communication boils over into an epidemic, and a rumor can spread to thousands of people.

In the real world, gossip doen not usually reach a “tipping point”. Spreading the information to new people takes time and friends often associate in similar social circles. But here comes the Internet, who takes this phenomenon and takes it to a whole other level.

The Internet allows people to communicate with thousands of other people almost simultaneously. If you post something on your Facebook page countless of people can access it at the same time, share it and so on, until your post arrives on another continent; in an instant, any piece of information can spread all over the globe. Of course, the web being bombarded with tons of information in a second, much of the gossip that finds its was online remains a needle in a haystack of data.

“The real problem”, says a network theorist in his book, “isn’t the overall size of the Web. It’s the distance between any two documents. How many clicks does it take to get from the home page of a high-school student in Omaha to the Webpage of a Boston stockbroker?” The answer, in his opinion, is not too many – on average, about 19 clicks.

Gossip has both good and bad qualities. As the philosopher Aaron Ben Ze’ev observes, “gossip is engaged in for pleasure, not for the purpose of hurting someone. Gossip is nor virtuous, but is is not vicious either.”

Gossip remaine ubiquitous, although many people criticize it. We can easily say that about two-thirds of all conversations include gossip, because let’s be honest – what people talk about is mostly other people.

Also, gossip is essential in establishing reputations, good or bad. Psychologist Nicholas Emler says that “gossip does not merely disseminate reputational information but is the very process whereby reputations are decided. Reputations do not exist except in the conversations that people have about one another.”

Gossip is a way to expose people’s infringements of norms, and it is an essential tool for a community to ensure that its norms are respected.

3.2 THE RIGHT TO BE FORGOTTEN

Since the beginning of time, for us humans, forgetting has been the norm and remembering the exception. Today, with the help of widespread technology, forgetting has become the exception, and remembering the default.

The right to be forgotten is a concept put in practice in Argentina and the European Union since 2006. The issue has risen from the desire of people to not be held accountable for specific actions performed in the past and to develop their life in an autonomous way, almost like being anonymous.

The right to be forgotten "reflects the claim of an individual to have certain data deleted so that third persons can no longer trace them."

In 2007, Google admitted that until spring of that year, had stored every single search query ever entered by its users and every single page its users had accessed. The search engine was able to link every search term to demographics. Also, Google is able to link every search query to a particular individual across time.

As a real life stalker, Google knows everything about our lives: the big changes, what we searched for and when, what results we found interesting enough to click on them, details we erased from our mind as we thought they were irrelevant.

For a time now, Google has announced that it will no longer keep individual records, bur after a period of nine months it will anomyze them, erasing some of its comprehensive memory.

We have not realized what an important role forgetting plays until the information age came upon us. Forgetting plays a paramount role in human decision-making; it lets us act in time, aware of, but not confined by, past events.

Forgetting is human and not just an individual behavior. As a society, we forget. That is a good thing for people who fail at something the first time around. They can start a new job, a new relationship; even criminals get to start over after a period of time, when their convictions have been expunged from their record.

The process of remembering has two steps: the first one is successfully committing all sorts of information to the long-term storage and the second one is to recall those pieces of information from memory.

There are two types of memory:

Procedural memory – this means that repeating certain task in your everyday life will eventually become part of yout routine; such remembering is not a conscious act, but a by-product of humans engaging in certain routines. That’s why it is part of implicit memory – memory that we acquire and recall without realizing it.

Declarative memory – this type of memory requires a conscious act of recalling an information; if you want to remember, you have to think hard about something you did or something that happened to you a long time ago. Because these are specific episodes of our lives we have experienced, they are called episodic. It differs from abstract knowledge, which humans also have the capacity to store and recall.

As nowadays remembering has become the rule and forgetting the exception, experts discovered that there are four main technological drivers that have facilitated this change: digitization, cheap storage, easy retrieval and global reach.

Digitization is the process of converting information into a digital format. In this format, information is organized into discrete units of data that can be separately addressed.

Text and images can be digitized similarly: a scanner captures an image (which may be an image of text) and converts it to an image file. An optical character recognition program analyzes a text image for light and dark areas in order to identify each alphabetic letter or numeric digit, and converts each character into a code.

Audio and video digitization uses one of many analog-to-digital conversion processes in which a continuously variable signal is changed, without altering its essential content, into a multi-level (digital) signal. The process of sampling measures the amplitude (signal strength) of an analog waveform at evenly spaced time markers and represents the samples as numerical values for input as digital data.

Digitizing information makes it easier to preserve, access, and share. For example, an original historical document may only be accessible to people who visit its physical location, but if the document content is digitized, it can be made available to people worldwide. There is a growing trend towards digitization of historically and culturally significant data.

According to an article in The Guardian in March 2007, if all spoken language since the dawn of time were digitized, it would consume five exabytes of storage space. Total digital information, in 2006 was estimated at 161 billion exabytes. Email alone made up six exabytes of that figure.

Cheap storage. If in the early 1940s digital storage was so expensive, nowadays technology has advanced into making all kinds of devices on which we can storage videos, photos, documents etc.

Digital storage has gotten so cheap that storing indormation – even full screen videos – on digital memory is cheaper than the analog information storage counterparts of paper, film and tape. It makes possible to preserve the tremendous amount of information we encounter and generate, much like Gordon Bell, who is far along in capturing his entire life on digital media – the digital equivalent of decades of thoughts and notes in his notebooks and papers, a hundred thousand photographs, hundreds of hours of audio, and thousands of images capturing websites he visited.

Easy retrieval. Remembering is ore than committing information to memory. It includes the ability to retrieve that information later easily and at will.

Data recovery is the process of restoring data that has been lost, accidentally deleted, corrupted or made inaccessible for any reason. The data recovery process may vary, depending on the circumstances of the data loss, the data recovery software used to create the backup, and the backup target media. Data recovery can also be provided as service. Such services are typically used to retrieve important files that were not backed up and accidentally deleted from a computer's file system but still remain on disk in fragments. An organization's disaster recovery plan should make known who in the organization is responsible for recovering data, provide a strategy for how data will be recovered and document acceptable recovery point and recovery time objectives.

Global reach refers to a business initiative to increase the access between a company and their current and potential customers through the use of the Internet. The Internet allows the company to market themselves and attract new customers to their website where they can provide product information and better customer service. Customers can place orders electronically, therefore reducing expensive long distant phone calls and postage costs of placing orders, while saving time on behalf of the customer and company. A company striving to obtain Global Reach should provide a code of ethics, a company purchasing policy, additional contact information, adequate product information and price. The website itself should be multi-lingual, easy-to-use, and have the ability to secure customer information.

People crave to remember, but the truth is they mostly forget. To ease the process of remembering technology has developed all kinds of devices and tools whose purpose is to function as an external memory for us – forgetting has become difficult and expensive and remembering has become cheap and easy.

From 1978 to 1984, Dutch psychologist Willem Wagenaar kept a detailed diary of his life.

Every day he recorded the most important event of that day, where it happened and who was with him, but during these years of recordkeeping he never allowed himself to look at the diary entries he’s earlier written – he did not want them to trigger any internal memories. Afterwards, he tried to randomnly remember recorded events using partial cues from his diary. For example, he read what happened on a particular day, and then tried to remember where it happened, who was with him when it happened, and what the exact date of the event was. Expectedly, cues helped him greatly in recalling events which otherwise he would have had much greater difficulty remembering. But, unexpectedly, cues did not work equally well. By a significant margin, using “what” to remember “who”, “where”, and “when” worked best, followed by a fairly equally effective “where” and “who” cue. In contrast, the “when” cue failed to work in almost all cases – knowing a specific date almost never helped Wagenaar remember the important event of that day. Wagenaar’s results reflect the great difficulty humans have in sorting and retrieving memory based on the passing on time. Of course, a precise date (like April 30, 1971) is perhaps too artificial a time mark for people to associate events with. Since pinpointing a specific date is hard, Wagenaar thought that perhaps recalling events using relative time might be easier. To find out, for a couple of hundred days he noted not one daily event but two in his diary, and marked these days. He hoped that he could use one event as the cue for the other – if our memory is not sorted sequentially, perhaps events we remember have at least relatine links to events immediately before or after. They don’t, as he discovered. Humans do not only have great difficulties remembering events based on exact time cues, but likely also on relative time cues. Time is quite simply a very difficult dimension of memory for humans to master.

CHAPTER 4 – PRIVACY ON SOCIAL NETWORKS

Privacy in the context of the information age is the degree of control individuals have over the uses and sharing of their personal information, and the access others are granted to that information.

Transparency is the openness among governments, societies and individuals necessary to establish trust among strangers and across cultural boundaries.

Nowadays, privacy is by far assured; we live under an impression of privacy and most of the times, we choose to ignore it.

“That the individual shall have full protection in person and in property is a principle as old as the common law; but it has been found necessary from time to time to define anew the exact nature and extent of such protection. Political, social, and economic changes entail the recognition of new rights, and the common law, in its eternal youth, grows to meet the demands of society.” – said Samuel Warren and Louis Brandeis about the right to privacy.

Daniel J. Solove has developed four sets of activities that circumscribe best all modern privacy matters in regards to when/if details that are on social media are protected: information collection, information processiong, information dissemination and invasion.

As the world’s leading social media site, Facebook enables the collection of vast amounts of personal information about its users. Facebook also processes information in various ways, and disseminates information to others, including application developers, advertisers, and consumer data aggregators, in order to make a profit. Finally, according to privacy advocates, who have taken Facebook to court, it is accused of havind deceived its users and invaded their privacy. It is no surprise, then, that many of the proposals to strengthen U.S privacy laws have social media and its applications at their center.

If we are to analyze the U.S privacy law, we can divide the history of legislation, which began in the 1960s, into three categories, by the amount of legislation devoted to each: information privacy, communication privacy and psychological privacy.

Regarding information privacy, the issues at stake are concerned with the use of personal information collected by all kinds of organizations (e.g government, banks, education institutions, credit card companies etc).

Communications privacy, between the 1960s and all through the 1990s, dealt with interceptions of private talks between two parties, communications that were printed, electronic or verbal.

Psychological privacy included questions about studying individuals’ attitude and thoughts, mostly by the use of the polygraph.

As the Internet started to be used more frequently and by more and more users, so have privacy concerns began to multiply, as more and more cases of unintended consequences of life onlide made the newspapers’ headlines and attracted attention. What citizens thought about as protected “beyond a reasonable doubt”, proved to be a victim of Internet “crimes”.

The United States of America do not have a clear regulation of the right to privacy. In 2012, the Obama administration attempted to set the tone for lawmakers in the 112th Congress interested in strengthening privacy protection by creating a task force that produced a “Consumer Privacy Bill of Rights”. In it, the White House task force sets out six principles the president hopes to see frame U.S policy:

Transparency: Consumers have a right to easily understand information about privacy and security policies;

Respect for Context: Consumers have a right to expect that organizations will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data;

Security: Consumers have a right to secure and responsible handling of personal data;

Access and Accuracy: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate;

Focused Collection: Consumers have a right to reasonable limits on the personal data that companies collect and retain;

Accountability: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

The results so far are mixed and inconclusive. Several of the Internet titans with search engines, such as Google, Apple and Microsoft, agreed to support a “do not track” choice for users who visit their websites, but so far, despite the fact that about 19 bills and one discussion draft circulating since January 2011 have taken place, the 112th Congress has taken no action on the privacy legislation.

Amongst the bills introduced, there are measures that would add several new protections in areas like children’s privacy online, storage, standards for collection, use of consumer’s personal information available online, standards for reporting data breaches, identity theft and so on and so forth.

“Foundational political goods are those without which a nation state fails to be good and just. Privacy, I maintain, is a foundational good in the liberal west, to which the United States and similar nations should have a substantive commitment, as they do to personal freedom, and race and gender equality. People should be taught to value others’ privacy and their own. Governament will sometimes be entitled or even required to reinforce privacy practices.” – said Anita L. Allen on the values of privacy in America.

Privacy is a public value, meaning that it is a vital part of the rights a democracy holds sacred, in this including the rights of free speech, freedom of worship and association. Also, privacy preserves the main interests in these freedoms that all citizens share, whether or not they hold the same opinions or would take the same stand for different public issues.

The Internet is built in certain ways, as is the software and hardware. They are developed as a reflection of the influences of the other three constraints: what the marketplace desires in order to be profitable and grow, what the law wants and what the social norms require in the way of controls over, and access to, information online.

“The first generation of these architectures was built by a noncommercial sector – researchers and hackers, focused upon building a network. The second generation has been built by commerce. And the third, not yet off the drawing board, could well be the product of government. Which regulator do we prefer? Which regulators should be controlled? How does society exercise that control over entities that aim to control it.” – said Lawrence Lessig on the overarching issues posed by the four constraints.

Now, there is a different between the regulations of privacy in European law and in the American Law. Viktor Mayer-Schonberger declared that “Americans have no federally codified general right to information privacy vis-à-vis anybody outside the federal government.” In contrast, he stated that European legislatures “were bolder (perhaps due to the long shadow cast by Europe’s violent and brutal twentieth century history), and so empowered individuals with information privacy rights not just vis-à-vis central government, but all public and private sector information processors.”

Europeans developed their contemporary social values of dignity and autonomy from deeply rooted legal and social history going back to the monarchies and aristocracies of the seventeenth ad eighteenth centuries in which norms of personal honor were legally enforced for citizens of high status. By the early twentieth century, a leveling up has begun across European jurisprudence that applied these norms to all citizens.

The United States of America has its First Amendment to the Constitution which stipulates the protection of freedom of expression from government intrusion and Europe has its Human Rights Convention to guarantee this freedom; but, the United States has so equivalent to the Charter of Fundamental Rights of the European Union, which was adopted in 2000, and which stipulates “the right to respect for his or her private and family life, home and communications”. In the United States, the right to privacy is implied in some of the Constitutional amendments, but has remained submissive to the liberty rights, much to the apprehension of privacy advocates.

In general, the EU privacy changes are aimed at: strengthening meaningful consent requirements; enforcing transparency principles on any entity (whether located in the EU or not) that would collect or process individuals’ information to communicate their practices and requests in clear and simple language; encouraging privacy ‘by design’ in the development of online services; and strengthening purpose limitation to control the currently unregulated transfer of individuals’ information and profiles among Internet providers, including social networking sites and search engines.

4.1 DATA PROTECTION

In 2012, the European Commission proposed a comprehensive reform of data protection rules in the European Union.

In May 2016, the official texts of the Regulation and the Directive have been published in the European Union Official Journal in all the 24 official languages. While the Regulation will enter into force on the 24th May 2016, it shall apply from 25 May 2018. The Directive enters into force on the 5th May 2016 and EU member states have to transpose it into their national legislation by 6 May 2018.

“The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market which the Commission has prioritised. The reform will allow European citizens and businesses to fully benefit from the digital economy.

Whenever you open a bank account, join a social networking website or book a flight online, you hand over vital personal information such as your name, address, and credit card number.

What happens to this data? Could it fall into the wrong hands? What rights do you have regarding your personal information?

Everyone has the right to the protection of personal data.

Under EU law, personal data can only be gathered legally under strict conditions, for a legitimate purpose. Furthermore, persons or organisations which collect and manage your personal information must protect it from misuse and must respect certain rights of the data owners which are guaranteed by EU law.

Every day within the EU, businesses, public authorities and individuals transfer vast amounts of personal data across borders. Conflicting data protection rules in different countries would disrupt international exchanges. Individuals might also be unwilling to transfer personal data abroad if they were uncertain about the level of protection in other countries.

Therefore, common EU rules have been established to ensure that your personal data enjoys a high standard of protection everywhere in the EU. You have the right to complain and obtain redress if your data is misused anywhere within the EU.

The EU's Data Protection Directive also foresees specific rules for the transfer of personal data outside the EU to ensure the best possible protection of your data when it is exported abroad.”

The Data Protection Directive is an  European Union directive adopted in 1995, which oversees the processing of personal data in the European Union.

The right to privacy if one of the most important and developed branches of law in Europe. All the members of the EU are signatories of te European Convention on Human Rights (ECHR). The 8th article of the ECHR provides a right to respect one’s “private and family life, his home and his correspondence”, which is subject to several restrictions. This article has been the subject of very broad interpretations in the European Court of Human Rights’ jurisprudence.

In the hope of creating a more comprehensive and complete data protection system throughout Europe, in the 1980s, the Organization for Economic Cooperation and Development (OECD) emitted its “Recommendations of the Council Concerning Guidelines Governing the Protection of Privacy and Trans-Border Flows of Personal Data”. There are seven principles that govern OECD’s recommendations for protection of personal data and they are:

Notice – subjects should be given a notive as soon as their data is being collected;

Purpose – data should only be used for the states purposes;

Consent – data should not be disclosed without the subject’s consent;

Security – data that is collected should be kept secure from potential abuses;

Disclosure – subjects should be informed about who is collecting their data;

Access – subjects should be allowed to access their data and any corrections they deem necessary to innacurate data;

Accountability – subjects should have a method to be able to hold people who collect their data accountable for not respecting the principles stated above.

The Guidelines, though, were nonbinding, so every country in the EU had its own data privacy laws, but all seven principles were incorporated in the EU Directive.

As time passed, the European Commission realized that different data protection laws among the EU states impeded the free flow of data and proposed the Data Protection Directive.

Personal data is defined as “any information relating to an indentified or identifiable natural person (data subject)”. An identifiable person is “one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.”

Processing data means “any operation or set of operations which is performed upon personal data, whether or nor by automatic means, such as collecting, recording, organization, storage, adaptation or alteration, retrieval, consutation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.”

The responsibility for concession lies in the hands of the “controller”, as in the artificial or natural person, public authority or agency or anybody that alone or together with others determine the means and motives of the processing of private data.

The rules protecting data are applicable not only when the controller is within the EU, but also when the controller uses equipment or programs from outside the EU, as long as it follows certain data protection regulations.

There are seven conditions or principles that have to be met in order to be able to process personal data: transparency, legitimate purpose and proportionality.

Transparency

The subject has the right to be announced anytime his/her data is being processed. The controller has the obligation to provide the subject’s name and address, the reason of the processing, the recipients of the data and all the information required to assure that the processing is fair.

There are several conditions that have to be respected in order for the data to be processed:

the subject has to give his/her consent;

the processing has to be necessary for the performance of or the entering of a contract;

the processing has to be necessary for compliance of a legal obligation;

the processing has to be necessary in order to protect vital information or interests of the subject;

the processing has to be necessary for the realization of a task carried out in the public interest or in the exercise of official authority of the controller or of a third party to whom the processed data are divulged;

the processing has to be necessary for “the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject. The data subject has the right to access all data processed about him. The data subject even has the right to demand the rectification, deletion or blocking of data that is incomplete, inaccurate or isn't being processed in compliance with the data protection rules.” (art. 12)

Legitimate purpose

“Personal data can only be processed for specified explicit and legitimate purposes and may not be processed further in a way incompatible with those purposes.” (art. 6 b)

Proportionality

Data can be processed only as long as it is adequate, relevant and it is not excessive in relation to the reason for which they are collected and processed. The data has to be accurate and up to date, so every step has to be taken in order to ensure that the data that is incomplete or innacurate is being rectified or erased from the system. “The data shouldn't be kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use.” (art. 6)

“When sensitive personal data (can be: religious beliefs, political opinions, health, sexual orientation, race, membership of past organisations) are being processed, extra restrictions apply.” (art. 8)

“The data subject may object at any time to the processing of personal data for the purpose of direct marketing.” (art. 14)

“A decision which produces legal effects or significantly affects the data subject may not be based solely on automated processing of data.” (art. 15)

As I have said before, the US has no data protection regulation similar to the EU’s Data Protection Directive.

US’ privacy laws tend to apperar and be adopted on an ad hoc basis, that is when different issues and circumstances arise that need tending to. For example, the Video Privacy Act in 1988, the Cable Television Protection and Competition Act in 1992, the Fair Credit Reporting Act, and the Health Insurance Portability and Accountbility Act in 1996.

The United States prefers what it calls a 'sectoral' approach to data protection legislation, which relies on a combination of legislation, regulation, and self-regulation, rather than governmental regulation alone.

Europe's extensive privacy regulation is justified with reference to experiences under World War II-era fascist governments and post-War Communist regimes, where there was widespread unchecked use of personal information.

In the age of computers, Europeans’ guardedness of secret government files has translated into a distrust of corporate databases, and governments in Europe took decided steps to protect personal information from abuses in the years following World War II.

The Data Protection Act – 1998

The Data Protection Act gives individuals the right to know which information is held about them, and provides a framework to ensure that personal information is handled properly.

The Act was promulgated on the 1st of March 2000, and it covers personal data stocked on computers and manual files. Also, it imposes restrictions on the transfer of data outside the European Economic Area, which has particular ramifications for placing material on the Internet.

There are eight data protection principles that have to be respected to ensure that personal information is:

fairly and lawfully processed;

processed for limited purposes;

adequate, relevant and not excessive;

accurate and up to date;

not kept for longer that is necessary;

processed in line with the rights of individuals;

secure; and

not transferred to other countries without adequate protection.

Anyone who has information relating to individuals in their line of work must acknowledge:

if the information they have access to is subject to the Act;

if the arrangements they planned satisfy the conditions of the Act.

CONCLUSION

The Internet has changed much in the time since it came to existence. It was invented in the period of time-sharing, but has survived in the era of personal computers, notebooks, tablets, macbooks, smartphones, client-server, peer-to-peer computing, and the network computer. It was conceptualized as supporting a series of functions from file sharing and remote login to resource sharing and collaboration, and has generated electronic mail and more recently, the Web. It started as the conception of a small group of enthusiasthic researchers, and resulted into a commercial success with billions of dollars of annual investment.

One should not conclude that the Internet has now finished changing. The Internet, although a network in name and geography, is a creature of the computer, not the traditional network of the telephone or television industry. It will, indeed it must, continue to change and evolve at the speed of the computer industry if it is to remain relevant. It is now changing to provide new services such as real time transport, in order to support, for example, audio and video streams.

The most crucial question for the future of the Internet is not how the technology will change, but how the process of change and evolution itself will be managed. The architecture of the Internet has always been led by a group of designers, but the form of that group has changed as the number of interested parties has grown. With the success of the Internet has come a new generation of stakeholders – stakeholders with an economic as well as an intellectual investment in the network.

The present paper is structured in four chapters: Origins of the Internt, Rights in the information age, Rumor and reputation in the digital world and Privacy on social networks.

REFERENCES