Open Access Kent State (OAKS)

Blog post for the ALA 'Choose Privacy Every Day' I have been captivated by the Right to be Forgotten (RTBF) since I first heard about the concept at a panel presentation at the annual ASIST conference in 20151, both as a practitioner who manages open digital collections, but also as a selectively private person when I’m off the clock. The RTBF is also known as the ‘right to erasure’, and in some places in the world, is a means for an individual to have control over the information that pertains to them. The RTBF revolves around the desire by an individual to remove access to personal information from publicly accessible websites and hosted content. This idea relates heavily to privacy, particularly under the lens of the ‘right to be let alone’, as Warren and Brandeis discuss in the seminal article “The Right to Privacy” Harvard Law Review, Vol. 4, No. 5. (Dec. 15, 1890). The European court case that really thrust this issue into law was in the 2014 court case Google Spain SL, Google Inc. v Agencia Española de Protección de Datos, Mario Costeja González. The defendant had come across a digitized newspaper article from 1998 where his name was mentioned in a section on the topic of forced sales due to social security debt. The defendant further argued that the information was no longer relevant, all these years later. The court sided with the defendant, and subsequently requested that the links to the digitized information be removed by Google, citing that the information appeared “to be inadequate, irrelevant or no longer relevant or excessive in the light of the time that had elapsed”2. The result of this decision has led to a fascinating application in the real world. EU citizens may request to have a URL delisted for privacy reasons. (An interesting outline of this process and the statistics of the removals to date can be found in Google’s Transparency Report, “Requests to delist content under European privacy law”.) My intrigue with the privacy law is in part how I think about how this applies to digital archives. In successful delistings, the information is still available, but not as easily searchable and discoverable. I relate this most directly to takedown requests that I have dealt with over the past twelve years of working in digital libraries (And in these scenarios, the request has most often been for the removal of the content, and not the delisting of a URL). Takedown requests in my experience at two different academic institutions have most frequently been from individuals directly or from journal publishers. But what really hit home for me while I was on maternity leave in 2016, is how differently we each think about takedown requests as practitioners. While I was out of the office, a colleague responded to a takedown request to remove a name from an article in the digital student newspaper. This was not an unusual request. Our student newspaper ran a ‘Police Blotter’ column for many years that has led to the majority of the takedown requests. Most often, the column highlights what takes place at many large public state universities; underage drinking, vandalism, and a slew of other (sometimes entertaining) petty crimes. Though what struck me about this particular request was not what the requestor was asking for, but the difference in the response from my colleague who was filling in during my leave. It was clear my colleague and I held very different ideas on how we related to the takedown request. The situation really got me thinking about how differently we each regard and reflect on the notion of privacy. And for practitioners who manage digital archives, these differences in how we view, relate and decide on privacy issues and how it can impact decision-making are important ones to examine. For me, the maternity leave scenario was the inspiration to conduct a survey3 on the topic, and I continue to be fascinated with how divergent our professional attitudes and actions can be when we reflect on takedown requests, and also how our personal feelings around privacy considerations factor into the equation. In the survey, my colleague and I found a wide variety of how practitioners think about and respond to takedown requests, in the array of responses around the same hypothetical scenarios. By and large, the US has not gone the route of the EU in terms of the RTBF. In fact, a very similar court case a few years before the Costeja case helps to illustrate this idea. In 2009, a Cornell alum (who also happened to be a practicing lawyer in California) claimed their privacy had been breached in a 1983 article that had been recently digitized from Cornell’s student newspaper. Here, the article reported on recent burglaries and theft that involved the plaintiff. In the end, the courts sided with the university, citing that the information was true and accurate. There was a great quote from the Cornell university librarian that has stayed with me: “I do share concerns that individuals might have about potentially embarrassing material being made accessible via the Internet, but I don’t think you can go back and distort the public record.” (Anne Kenney, university librarian)4 This presents an interesting quandary; the tension between maintaining a comprehensive, searchable, discoverable digital archive and serving up anything else that could be construed as edited, redacted or partial. (I’ve thought about the latter archive as having a ‘swiss cheese’ kind of effect- having gaps and holes around areas where information has been redacted/removed). The tension lies between access and privacy, with few easy answers. And the reason my fascination continues is that I feel I sit squarely on the fence on the topic. The practitioner side of me wants to build open, complete, comprehensive digital collections, though I very much identify and connect with the desire to have some control over one’s name (or other personally identifiable information) and adjoining information. And when these types of scenarios are laid in the laps of practitioners, we have yet to really define how we reflect on these requests and process decision-making in a more consistent, systematic approach. I believe the creation and application of good internal guidelines can help more evenly address many situations, though I also believe there will continue to be complex, often ethically grayer requests that will prove challenging. While presenting the results of the survey at a conference, one of the session attendees presented an example of a sensitive takedown request they had received that involved a brutal crime and an empathetic plea from the victim’s child to redact the name in a historical digital newspaper archive. After internal debate, the practitioners sided with the requester and removed the name, going against the regular internal practices around such a request. While we can weigh the truth and accuracy aspect as the judge in the Cornell case had, I think it’s important to also have exceptions that can provide some compassion and empathy when needed. 1. The 2015 ASIST panel included Meg Leta Jones, Elana Zeide, Jens‐Erik Mai, Elisabeth Jones, Jill Dupre and Neil Richards https://dl.acm.org/doi/10.5555/2857070.2857080 I would highly recommend the books “Ctrl + Z: The Right to Be Forgotten” by Meg Leta Jones and “Intellectual privacy: rethinking civil liberties in the digital age” by Neil Richards. 2. Judgment of the Court (Grand Chamber), 13 May 2014. Google Spain SL and Google Inc. v Agencia Española de Protección de Datos (AEPD) and Mario Costeja González. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62012CJ0131 3. Dressler, V., & Kristof, C. (2018). The Right to Be Forgotten and Implications on Digital Collections: A Survey of ARL Member Institutions on Practice and Policy. College & Research Libraries, 79(7), 972. doi:https://doi.org/10.5860/crl.79.7.972 4. Libel lawsuit over 1983 Chronicle news item is dismissed’, by Bill Steele, June 9, 2008, Cornell Chronicle, https://news.cornell.edu/stories/2008/06/libel-lawsuit-against-cornell-over-1983-news-item-dismissed