 Thanks, everyone. Welcome to our Berkman Tuesday luncheon series on a Wednesday, which seems to be happening increasingly lately because we have great folks like Michelle who are here to speak to us. As many of you know, if you've been coming to these before, we are live streaming, so just keep that in mind. This will be archived online if you ask any questions, which we will be plenty of time for questions at the end, and I hope you do. I'm delighted to introduce Michelle Ramon, who I've gotten to know over the last few years in a couple of trips I've made to the University of Geneva. We've had the pleasure of having Michelle here at Berkman as a visiting researcher this year, and speaking selfishly has just been a phenomenal resource for us as we've been thinking about questions involving researching the right to be forgotten in European privacy regulation more broadly, and he's going to be talking today about common standards for the right to be forgotten. Michelle, I'll turn it over to you. Okay, well, first thanks for everyone for coming here in such large numbers. I wasn't expecting such a crowd today. Thanks also for Chris for introducing me, and also thanks to the rest of the Berkman community, not only for giving me the space to talk about my research today, but also for all the support they've been giving me in the last year of being spending at Berkman. So just one thing I would like before starting is that my speech goes a lot back and forth between different ideas, and I'm scared that if there are many questions that asks things that will be explaining later in the speech, it might just bog down things a little. So I will maybe keep the Q&A for after I finish with my talking. So a little bit about myself. So I come from the University of Geneva in Switzerland. My background is in conflict of law, meaning international litigation, who was jurisdiction, what is the choice of law for these sort of litigation, these sort of discussions. And my PhD was on the topic of defamation on the internet, what law applies to it. And then I went on to the topic of the right to be forgotten in European law. I'm another stipend for one year here at Berkman, given from the National Science Foundation, to provide my perspective from a conflict of law sort of angle to these sort of issues. So my research will be published in two forthcoming articles. They will hopefully be published soon. The presentation you will see today is a sort of collage of my main findings in these two articles. So you'll know everything there is to know without reading the 50 pages or so that comprise all of this. So the plan for today, first I will go over quickly the basics of the right to be forgotten. Then I will ask the question, why do we need common standards for the right to be forgotten? How may we achieve them? And then what are the obstacles that are facing the current attempts to give a real identity to the right to be forgotten? But this sort of discussion cannot go on without going back to the basics. Now when you hear the term right to be forgotten, I'm sure you have a lot of different thoughts going on into your brain and that's normal because the right to be forgotten is a general concept that actually refers to a diversity of procedures and legal obligations that all share the same basic conceit that is dealing with the permanence of personal data in the digital landscape. Information you have about yourself that just on the internet somewhere, how do we deal with that? But under this like header of the right to be forgotten, you have different expressions of this notion. The most famous of it and the most well known is of course the right to be delisted, which is a creation from European law and from European data protection law in order to be more precise. Following the famous Google's page judgments, I won't go into any details on that judgment, it's been covered well enough until today, but I will just say that this right to be delisted is rather limited. It allows European citizens to request search engines to take down such results leading to outdated or irrelevant content that may harm privacy rights. So only such results, only adopted content. The right to be delisted however has a limited shelf life. In two years from now, the directive on data protection in Europe will be replaced by the general data protection regulation or GDPR for short. This will update and harmonize data protection law in Europe and article 17 contains what it calls a right to be erased or forgotten. Now the thousand dollar question you might have is, is this the same thing as the right to be delisted? The answer is no one knows. Half of the doctrine says that it's basically the same thing as we've been doing under the right to be delisted, so nothing will change. The other half think there is a risk of expanding the right to be delisted to other intermediaries, so not only search engines but also social networks, internet repositories of content, all this sort of stuff. But the provision itself does not say anything about these things. So it's all a matter of interpretation. You don't know what's going to be in the future. So in this situation, I won't go into any specifics here. I don't want to really bog this discussion down with like very in depth knowledge of this article. I just want to take the standpoint that the right to be delisted might get expanded into the future. And I'll use that as a sort of baseline for the rest of the discussion today. Now, European Union has been at the basis of most of the discussion on the right to be forgotten. But one must not forget that there are other expressions of the right to be forgotten that have popped up all over the world. You have some in Chile, Colombia, Japan, Mexico, Russia. And even though all of these expressions shared basic conceit I've been talking about, the permanence of memory in the digital landscape, all of these tackled the issue in very different ways. That's sort of a very different from the European approach. My colleague, Charlie Ruth Castro, who I've been talking to during this past year, told me the censorship element of taking down content is, for example, much more pronounced in the Latin American version of the right to be forgotten. So in the interest of time and not keeping you here for the whole afternoon, I will be talking only about the European Union version of the right to be forgotten. But you have to take into account that this is only one piece of the overall puzzle. The issues I'll be talking to you about today will probably be even more pronounced if we are trying to consider the greater international legal landscape of the right to be forgotten. So let's move on to the second part, the need for common standards of the European right to be forgotten. So you now might be wondering why I'm even asking the question. Because as it stands out, we already have common standards on the right to be forgotten. Well, yeah, those are Googles. Right now, the right to be delisted enjoys a period of relative stability. Well, that's true. But it's due to a few factors. First, the right to be delisted is only about search results. Second, Google has an iron grip on the market serving search results. So this allows for a concentration of removal requests. Third, while there exists an oversight mechanism, which allows national authorities to review Google's decisions on the right to be forgotten, only about 1% of these cases are under actually appealed to data protection authorities. Those are the ones on the right. So as the sort of as my scheme points out, we are living right now in a closed circuit. You see a lot of requests filtering your filtering filtering into Google, but almost none of it coming out. And it's a black box, you don't know what's going what's going out. So this has come under severe criticism from many authors. Some say Google lacks transparency, lack of judicial oversight, et cetera, et cetera. But on the other hand, I might say that they did a pretty nice job of actually taking the burden of implementing the right to be forgotten, and then implementing it on a procedural level. My point today will not be about Google's role. My point is about going beyond Google, because this narrative is actually harmful. It sort of puts us in a way of thinking that it's Google's right to be forgotten. It's only about Google. And I had a very funny experience when trying to make this presentation. I asked Bing where it says formula right to be forgotten. And he told me you should look at Google. It's all about Google. Google is at the center of it. So if this goes to show that there's a general perception of Google being the stalwart of the right to be forgotten, I don't think you could find a better example. But in truth, I would really like to push against this narrative. Yes, Google is at the center of the right to be forgotten, but it's only due to the combination of events that I talked to you earlier. So what happens if the situation starts to change? What if other Snowden-like leaks happen and people lose faith in Google as a search engine? What if a competitor pops out? What if over time it just simply loads its monopoly on the search market? What if going out of Google's thing, but more into regulation, Article 17 of the GDPR, as I've stated before, were to extend the right to be forgotten to other intermediaries that are outside of the search engine business? Now, I can't make bold predictions about the future, but there's at least a very real risk that the space of the right to be forgotten would become much more crowded in the future. And it might look like something like this. So in this new situation, Google will just be one of the many intermediaries that are bound to implement the right to be forgotten or delicited or what have you. And then you have a lot of questions that start to arise. What happens if each of these intermediaries start to have their own standards on what should be removed and what should stay? What if Google decides to take down a link, but Bing and Dr. Go doesn't on appeal, what's out of all of the data protection authority would have jurisdiction to decide on multi, multi intermediaries cases? Can one DPA even decide for all of these intermediaries? What happens, as is the case of Dr. Go today, if one of those intermediaries do not have even have assets in Europe? How can you even enforce the right to be forgotten? That's a European thing. I guess a company that does not have any activity there. So there are a lot of unanswered questions that lie beyond Google's shadow. And that was the starting point of the first article that I've talked to you about. It was about confronting real life cases and situation on right to be forgotten to procedure rules. See if we can find some way out of these questions. And what I found was completely terrifying. Then let me give you a short example. So this is Google's form on the right to be forgotten. You probably have must have visited it during your research or whatever. And so if you want to remove a search results on either Google or Bing or whatever, you have to choose your country of residence from a list and support this claim with identification. So this serves two functions. First function, it proves that you're from the European Union and you can actually use the right to be forgotten. Second function, it grounds your claim into your home jurisdiction. Like, I'm a Spanish guy. I live in Spain. I want to take down some content. I want to be sure that I have access to the Spanish DPA in order to appeal the claim if I need to. So it sort of gives a legal grounding to the whole claim system. For a few years now, we've been hinging on this sort of system to apply the right to be forgotten in practice. We have happily operated on a country of destination rule based on the claimant's place of residence. This, however, none of this is supported by the directive, by the text that makes the right to be forgotten exist in the first place. If you look at the rules of the data protection directive, well, if you look at the choice of law rule, it rests on a modified country of origin rule that does not care at all for where the claimant is situated. In other words, I want you to take a second to let it sink in. The whole system upon which takedown request on the right to be forgotten exists right now rests on nothing, on a judicial nothingness that just sort of exists somewhere out of pure practice. So if you ever get things more complicated, I've shown earlier to more intermediaries, more stakeholders, different decisions coming from different intermediaries, then I have the very real fear that the whole system may break down. We have no rules to fall back upon. So there have been proposals for harmonizing the right to be forgotten. One year ago, I was in Geneva, along with Urs Gasser and Professor Jacques de Vera, and we were discussing a way of centralizing the way the right to be forgotten, like a proposition about transitioning the adjudication of the right to be forgotten to a common platform which would take arbitration like features. Of course, we're not the only ones. There were other proposals for harmonizing the right to be forgotten, like the one described by Sena Kolevska and Michael Elweshtad. They took Park in a Berkman luncheon that took that took place long ago, and they had a proposal based on a safe harbor sort of concept. But in order to do that, you need to actually agree on what the right to be forgotten is and what are the standards used for taking down content. So this leads me into the second part of my presentation. So can the right to be forgotten be formalized in a series of common standards? This is the topic of my second article. And in answering this question, I use a very conflict of laws like approach, which takes me into the first question is qualification, characterization. What is the right to be forgotten? If you answer that, then you might know what lies beyond. So I would like to propose that the right to be forgotten right now is what I would call a legal grab bag. So you have this one big bag. You put a lot of different things into it. These things, they may or may not be similar in nature, shape, form, whatever. But as long as they're in the bag, you don't really think about the content. You think about the bag. You have to go inside the bag and take things out of the bag to actually consider the things that are inside. The bag, of course, is data protection law. That's how we've been thinking about the right to be forgotten in Europe until now. It's being under the data protection directive. It's article 17 of the GDPR. It's data protection law. But what about the content? Well, in order to give some answers on that, I want to reach into the bag and pull out three examples that show the complexity of the right to be forgotten. So first example, a person who is not a public figure wishes to remove the link linking to a blog she made a long time ago. She doesn't have the password to raise it. She just wants Google to remove the link to it. This is rather plain data stewardship. It's not really controversial. It's like I have my data. I put it on myself. I want to take it back. Okay, now let's dig in further. Let's have a second example. A person wants to remove a link leading to a website publishing a past criminal conviction made by a German court. Now here it's more complicated. It's not about that person's desire to remove a link to personal data. It's also about the value of that information as a mark of social identity and criminal rehabilitation. To really know what to do in that case, I think you should probably have to ask German law. What is the lifespan of a criminal record? What is the German conception of criminal rehabilitation? They probably have detailed procedural rules on what info can be published on criminals, under what time frame, etc. etc. It's nothing actually really new. There's a link with an existing legal institution. That's criminal procedural law. Now let's finish with my third example, which is the most controversial and the most often used when discussing the right to be forgotten. So we have a politician or an actor who wishes to remove a link leading to an article discussing past sexual misconduct. Well why would that person want to take that link? It's probably because that person failed to have an injunction granted against the original article in the first place. But that's one of the cases where the discussion on the right to be forgotten gets really polarized. On one side you have non-EU lawyers saying it's about censorship. You want to censor this article by taking down a link to it. And then you have the EU lawyer saying it's about data protection. It's about, it's about the right to have this old and outdated thing taken off the internet. In my opinion both sides are actually correct. Regarding the EU perspective it's true that the right to be forgotten is not an injunction. Injunction exists to take down illegal content that harm reputation. And the right to be forgotten on the other hand is to take down links to content that is outdated and irrelevant but still legal so they have to pass the threshold. But to reference to the US point of view, the non-European point of view, when you have one of these cases coming through a search engine they still have to decide whether the content has become irrelevant or not. And when you have to decide upon that you have to ask yourself questions that are very familiar to privacy lawyers. How popular is the claimant? Is the article still newsworthy? Was the impact on privacy, the freedom of information, is original source trustworthy? Now these sort of questions. It's not the same thing but there's a definite interplay between on one hand the right to be forgotten and on the other hand privacy injunction, existing legal structures of privacy, defamation, and content take down. I hope you'll at least concede that there's a methodological link if not a substantial link. So now we have an idea of what's in the bag. Now we can start to think about it. There's still a simplification somewhat. But where do I want to take you with this? Well two things. First it explains what I've been talking to you about in the first part. The data protection directive in its procedural part, choice of law part, is about defining when European data law applies to data processors. In what capacity, what act of processing, what law applies to Google. But on the other hand it was never drafted to support a quasi injunction right granted directly to European citizens. In this sense, the procedural like elements, they just don't fit. You have, you try to shove something into the bag, it doesn't, it just splits out from everywhere. So this is the cause of the procedural breakdown I've been talking about earlier. We're not really talking about the same thing. Now second argument, the imagery of the legal grab bag casts what I call a huge shadow on the idea of finding common standards on the right to be forgotten. Because if you look at European law without even talking about US law, well this is harmonized. This is European law in the proper sense of it. This however is not. This is still state law. This is still national member state law. It's not European law at all. Criminal procedure, criminal rehabilitation. This is still national state law. My colleague Elder Haber is not here today, I think, from University of Haifa. We'll be talking about the criminal elements of the right to be forgotten. I won't enter much into detail of that. My feel is more personal privacy and if you look at personal privacy from the tort angle in Europe, you will find that it's a complete mess. So we like to frame the right to be forgotten as an issue of US versus EU with the EU somehow agreeing to a standard of privacy. But that's not exactly true. It's more complicated than that. Of course, yes, the European Union agrees to a general right of privacy according to Article 8 of the European Convention of Human Rights. But the details of it, it's still all over the place. Some countries have criminal laws on privacy, some are still civil law, have lots of differing standards. If you want to know if your injunction will succeed in any given case, you have to juggle with the national of every member state. And this fragmented state of affairs is not for lack of trying either. The European Union has since 2007 worked to find common standards for these issues to no avail. They even fail to agree on the conflict of law rule for these sorts under the Rome II regulation. There are fundamental differences in the way each member state manages the equilibrium between freedom of press and personality rights. So, it got so bad in 2007 of the failure of finding a conflict rule under Rome II, the commission mandated a research group to make a comparative assessment of privacy rights in Europe in order to cover those gaps. And the answer of the group said, we have no idea what we're doing, let's just give up. So, the legislative effort died soon after that. If any English lawyers are in the room, they will tell you that following the Max Mosley case, there's a lot of pushback against privacy in England because they sort of got dragged kicking and screaming into the whole privacy thing. And they're even right now considering of opting out of some basic rules of European privacy and having their own bill of rights. So, even inside a country you have pushback, how do you want to have the right to be forgotten for everyone if you don't agree on those issues on a national level? So, this leads me to the conclusion of my talk. If you take this narrative into account, of course I'm bringing more complexity into the argument, but this complexity is at the roots of why we're not agreeing on the right to be forgotten. You have some people arguing, oh, it's about the First Amendment. Other people arguing, oh, it's about privacy, but we're not actually arguing about the same thing. We're picking out the thing we like the most in a bag and start arguing about that. And we, and when other people just try to use the thing they're passionate about, then it just does not lead to a conversation, but to a series of monologues. So, furthermore, even before trying to expand the right to be forgotten to the U.S., maybe the European Union would need to know what's inside the bag, do some soul searching about the deeper nature of the right. What do we want to do with it? So, here are some pointers maybe for the future, which may lead into the Q&A. Finding common standards has three big risks. First risk, there's a risk of conflict with existing legal tools. If we expand the right to be forgotten to content, I can take down an article. Then what good is a privacy injunction? Is there friction? How can we think about that? Second, risk of legislative overreach of data protection law. Right now, everything is data. We live in a digital society. Does that mean that all of the aspects of the right to be forgotten have to be solved by this tool of data protection law? Can a data protection lawyer come to a privacy lawyer and say, well, we solved that for you. I think there might be a definitely problem with that. Finally, risk of legal fragmentation in practice. If we just come with a top-down concept of the right to be forgotten without doing a bottom-up consensus on the values we want to defend on the right to be forgotten, then no one will actually agree to it and legal fragmentation will still persist. Now, I'm not saying that legal fragmentation is a bad thing in and of itself. Legal fragmentation can certainly work, and that's why private international law exists in the first place. But to make it work, you have to have good procedural rules. And this leads me back to the first part of my presentation. We don't have procedural rules for that. So with that, I conclude. I thank you for your time. Lots of questions I can pick up, but anyone want to kick us off with some questions? Maybe I'll start by virtue of sitting next to you. So it occurs to me that there is a line, and I'm coming at this from a very US-oriented perspective, but let's say outside the right to be forgotten in terms of what content a particular site can host or search engine can point toward. There's a line of what's lawful and unlawful. Unlawful because it violates intellectual property laws or constitutes defamation or that sort of thing. But within the realm of things that are lawful, we generally think it's a pretty good thing. Maybe some people would disagree with this that there are many different sites that come up with different sets of standards about what content they want to host. So the content moderation policy of the New York Times comment section might be very different from the content moderation policy, a particular moderator imposes on a certain subreddit on a Reddit and some video hosting sites might be much more tolerant of nudity or adult content and others are less tolerant of that. And that responds to the diversity of interests about the things that we might all want to consume online. Is there any risk that standardizing things again beyond beyond the point of defining what's truly unlawful and what's lawful within the realm of what's lawful is there a risk that creating standards is going to cut back on that diversity? I see a point and that's what I've been trying to get through with the last point of my presentation. Diversity is not bad in and of itself and we certainly should have a culture of diversity of different legal norms and different ways of handling the problem. But the thing is that if you don't have a solid backbone of handling things when things go wrong then you don't actually know what's going to happen in the future. Right now these sort of issues as you mentioned like New York Times Commons etc. They're sort of work because like all of the major corporations that deal with personal data they're based in the U.S. They have U.S. based laws and it's like okay so the right to be forgotten is the first major attempt of having the U try to strike down when it's on European law to a U.S. giant giant corporation and from the pushback that has been given between the U.S. and the U you can see that it's already rattling some feathers and sort of giving the way to a whole conversation but if you take it from a more international perspective what if like every country starts to have its own way of doing things and then we may end up for more fragmented internet maybe is that something we want it's something we don't want I don't know I'm not really into into the deeper policy aspects because I think still there are many answers that needs to be given but not necessarily by the same people that have been talking about the right to be forgotten until now you have criminal law I haven't heard much about criminal law on the right to be forgotten until now so yes maybe found some standards this will lead me maybe to another point there might be some things that we agree on on a global on a global thing like as I've shown it's a legal grab bag maybe we will agree even between the US and the EU on the less controversial aspects of the right to be forgotten I have the right to my data if it's something I've put on the internet I can take it back that's less controversial than the more speech-related aspects of the internet maybe we can find something about it also maybe linking someone to a criminal past but as a victim this could be also agreed upon because it's less about speech it's less about so maybe we could have a sort of baseline and then drift from that and still keep some level of diversity but still have some procedure behind it in order to manage them that diversity that's great Google's here when you say that Bing is referring to Google do you mean that Google gives Bing all of its takedown requests and being also implements them? I meant that more as a joke rather than a not true is that actually happens is there no way to submit a takedown request to Bing? They have their own form they have their own form you can access it so it's a completely separate system now one question that might be interesting that has not been really tackled is how can major search engines implement a right to be forgotten? I don't want to get into that but if someone could tackle the the issue I'd be very happy if there was a database of takedown requests somebody could turn that back into a search engine for things that were supposed to have been removed and put that up Yeah that's what we're trying to get at with efforts such as Lumen and the discussion I've been highlighting about centralizing the right to be forgotten into a database but formally you don't have to have a database of the right to be forgotten so if you're Bing and you just want to say now I just want to have my own system you have nothing to prevent you from doing that so that's yeah Other questions? Yeah right here and then Thank you so much for a really great overview and flagging of tough questions it's striking that there's such a trove of data within Google as in so many other situations is the only thing that's coming out of the black box now the one percent of appeals Yes so we don't know for example whether Google's lawyers who are processing these requests are taking it to that next step of granularity that you're suggesting and looking at the national standards for the privacy related ones for example We can't be sure for certain and one hint that may go against in this direction is that following the Google Spain judgment the article 29 working party which is a explanatory body of the European Union came down with some guidelines on the right to be forgotten and they're very basic ones you won't find any real answers in them but the striking thing is that Google then made their own set of guidelines which are subtly different from the ones that were made by the article 29 working group if you read the literature made by Julia Browsen right to be forgotten she states that Google sort of took the right to be forgotten and ran away with it and that goes directly in the direction you're suggesting but and one thing with regard to the grab bag as you describe it and that's actually right it in a situation like this it seems natural that there should be sort of a developing common law of of what could be what should be delisted and what shouldn't and it's just such a shame that we don't know the Google has developed a common law for itself but we just don't know it and it seems a a terrible pity that we can't know there definitely should be but I also feel for Google on some respects because like if they publish like their decisions then maybe like some DPAs national DPAs they say oh the French EPA might say but this has nothing to do with the way I'm trying to do a data protection in France so I'm going to appeal systematically to you or something like that they they have to walk a tightrope between harmonization of harmonizing something that's actually not harmonizing the first place that's very difficult here we go so you said before that it seems like people go to the right to be forgotten if they've lost you know an injunction against a particular piece is there any indication that like the presence of like an easy right to be forgotten form on like Google site that that's like led to like a decrease in injunctions or are they sort of stabilizing in the US there's been a couple of interesting cases since the right to be forgotten happened in Europe that have been sort of a mixed bag in terms of trying to get an injunction so I'm kind of curious whether you've seen any difference in that I don't actually have any data on that so I really can't answer your question but I'm quite sure that if ever there are some injunctions there will probably be any right to be forgotten notices just made alongside that that's now it's part of the arsenal and have to take account of it other questions thoughts for that so I'm curious as your thoughts as to how far harmonization could go I mean so there's like I'm starting with a couple of premises we're assuming that there are going to be intermediaries who are present across multiple jurisdictions and those jurisdictions are going to have substantively different conceptions on the three you know the three elements the grab bag right you know criminal forgetting criminal records privacy etc right so how far could the substantive harmonization go and if there is not substantive harmonization is there a way to create some principal limits around you know maybe formalizing what google has done which is to say that certain rights certain privacy rights you know only attached to individuals who have certain connections with you know a country that bests them with those rights so if I'm a german living in england I may have a different relationship to my criminal records and if I were a german in germany is that the right approach or is that a viable approach I definitely think there should be an effort right now about finding common grounds and like standards about the right to be forgotten but I also feel that right now there's there's being a lot of pushback against this but mostly become we haven't really used the sort of grab bag imagery to describe the right to be forgotten mostly oh it's the right to be forgotten now I I strongly believe that the most speech related elements of the right to be forgotten will not be harmonized and that's that we can just give up I mean if I just came in in the U.S. and say hey guys your first amendment thing I think we should really talk about that I don't think this will go out well and it will be exactly the same if you do something similar in every European country about their own free speech laws I actually I reminded that I don't remember the name of the author but I was trying an article I read about the french author that said exactly what I've been saying we have a strong tradition of our press laws how why is data protection on trying to harmonize this when we have refused it in the European Union in first place because we want to have our own law for these issues so the discussion might need to sort of compartmentalize the right to be forgotten see what issues we can agree on and definitely have agree with you with that the most data data protection lawish issues of the right to be forgotten may be formalized and may be may be agreed upon but then we also have to find which areas we should just give up and then maybe use procedure to sort of manage this discrepancies that suggests to me that the right to be forgotten is something that should be forgotten that where you're trying to deal with a right it implies harmonization consistency wouldn't we be much better off if we just forgot that all together and sat down and said what are the problems that we are that we see that need to be solved and addressed and work on those on a national level or where necessary on a across European level I wouldn't go that far I might say the right to be forgotten is an exceedingly bad response to a very good idea the base concept of having in reference to the Google Spain case of not having a 10 year old conviction that's really useless be the first thing that's shown about you on Google that is a concern giving context back back to your own data knowing like sort of formalizing the power that information intermediaries have about showing your profile to everyone giving people the right to manage their own data and their own reputation on the internet I think the core question is very interesting and it merits being defended the thing is the way it's been brought up by the European Union following the Google Spain judgment was very half of it we took like one paragraph from the the budding GDPR project we said oh it's right to be forgotten so now everything has to follow it and then you had like huge conversation about something we don't know what it's about in the first place and so everyone more or less has their own opinion about the right to be forgotten which is either good or bad maybe we should just go to what values are we trying to protect in what judicial concept we're not inventing something new guys we're just trying to get some context back into the internet and start from that a bottom up approach rather than top down other questions but she'll work yeah yes yeah I have a question and do you think that the right to be forgotten is an independent right that means it is provided by a statute or when we talk about this right we will say it is a derivative right we should talk about firstly it has violation of privacy or other rights that's a very good question now if I put on my European hat I would say it's part of data protection because it's born under the EU data protection directive and I can all of these formal arguments but I definitely see sort of tendency to formalize the right to be forgotten as it's own thing you saw the procedural example I give in my presentation the whole practice does not work when you look at it on the context of the directive so it's sort of a right that was born in the directive and then just had its own life of its own and it certainly is starting to have a life of its own if we look at what's happening in Chile what's happening in Russia etc so yes it might start to become like an independent right that becomes a real human right about about being forgotten and there are being expressions of that in national law even before like this whole Google Spain judgment but it's a whole cloud of many things that haven't been formalized properly so it's sort of a difficult question because we sort of have to know what we're talking about before we talk about it yeah David yes so let's fast forward 50 years into the future what do you think things look like are we looking at a more harmonized system do we see more fragmentation or are the issues so completely different because it is not as important as it once was it's dangerous to make a prediction from the future on on tape too so this is a lot of pressure I appreciate it's not an easy question I'm curious where if you could think of the long-term trajectory where do you think things are are headed if it's at all possible to tell oh yeah that's that's a very just give me three hours and I'll get back to you now the very difficult things about the right to be forgotten is that it's such a short time frame think about like 10 years ago Google wasn't at a place it was today but we had very different ways of looking at intermediaries on the internet and the whole big data thing was just a nascent if this thing that was the kind of happening and so most of the major issues that we're facing today with the right to be forgotten is a byproduct of the current big data culture that we have right now we have Google at the center of it we have these whole data repositories that are sort of of juggling our data I think the base concept that motivate the right to be forgotten they will not change and they haven't been new actually exactly if you think about libel tourism about issues of First Amendment being completely destroyed abroad because someone use forum shopping that's something new you think about the Yahoo case of 10 years ago that was not a right to be forgotten but it was also a question of jurisdiction clashing on speech issues on what regulation should be on the internet and all that sort of stuff so in some ways the right to be forgotten is maybe all wine in new bottles we just have a very sort of bubbled bottle and that doesn't allow us to think back to the older examples we've been having now I do think that the right to be forgotten maybe in this current accumulation is passing fancy maybe we won't have Google in the future and we'll have to think about new ways of thinking about the same issues but the basic questions will remain the same as they have always been even before the advent of the digital landscape yes does the European notion of the right to be forgotten distinguish between public figures or elected officials the way our First Amendment rights do and this just in order to there's the notion of a diminished right of privacy you know if once you step into the public sphere and just so that we protect our public discourse so there is an exception on the public figure about being a public figure I mean and if you're a public figure you'll have more trouble taking down a link and if you're not and that's present on the article 29 guidelines on right to be forgotten also present on Google's guideline on right to be forgotten it's also more or less a standby in European law because there's dangerous prudence on that but the court of European rights but past the general idea of a public figure you're on your own you have to ask it's your addiction how they handle the concept other thoughts questions yes maybe a little bit more with the speculations in this field will you think or have you thought in a how to integrate this conversation in a geopolitical level not only including the Europe United States but also other visions especially in a world and in an age with immigration hard challenges not only in United States also in Europe that's also a tough question now to be honest I've been like mostly working on the European right to be forgotten like analyzing the system from an international from a conflict of last perspective not really thinking about the broader policy choices because I think that's not really my choices to make you have to to ask lawmaker you have to ask someone who's deeply in French in US or in European law so I sort of took the point of view of a neutral third observer to give these sort of conclusions now what I would say is that there are mechanisms in place that exist to have this conversations on the on the subject I remember last year it was an internet governance forum there were panels about the right to be forgotten and this issue was completely striking because on one hand in one side of the room you had the European lawyers that were like you know the right to be forgotten is only data then you had a Mexican lawyer he says it's about censorship it's terrible it's a horrible thing and they just like not talked with each other so they definitely should be forums for inter inter in international discussions about about the subject but the fact that the right to be forgotten forgotten is so politicized in the first place it's censorship it's the first amendment it's it's a democracy on the internet it sort of prevents us from having a real or a real conversation as Jay-Z said on that subject censorship should be the beginning of the conversation not the end of it and maybe we would have to change our attitudes about how we look at the right to be forgotten maybe leave our strong feelings about democracy on the at the door and say okay how can how can we make this thing work between different countries and different different versions of the concept I see with the whole right to be forgotten and the way it's implemented by Google with this private judicial policy is basically there's no counterparty you know I say this should go away it's about me there's nobody on the other side to sort of argue the other side and say well actually that's in the public interest that that should stay there because maybe I know something that you don't Google which is that he's running for office next year and this is like going to be really important exactly so it's not only it's a hidden it's a hidden judicial system and it's one that's not an real adversary system and so there's no there's no right there's no right to appeal from the other side because there's no information going to the other side exactly and I might even add that why do we have judicial injunctions for privacy before a full court in the first place is to guarantee these sort of of procedural things so somebody from those you know the smack and say well actually it's in the public interest that we don't remove this story and you know exactly that doesn't happen here it's a it's a complete black box right now and since there are no procedural rule to give some guidelines on that certainly is a lack of accountability of these decisions on the right to be forgotten outstanding thank you so much Michelle great presentation thank you everybody thank you you're really good