Comments on the Guidelines on Transparency under Regulation 2016/679

4 Pages Posted: 26 Nov 2018

See all articles by Daphne Keller

Daphne Keller

Stanford Cyber Policy Center, Freeman Spogli Institute

Date Written: January 23, 2018

Abstract

These comments address the issue of transparency under the GDPR, as that topic arises in the context of Internet intermediaries and the “Right to Be Forgotten.” CIS Intermediary Liability Director Daphne Keller filed them in response to a public call for comments from the Article 29 Working Party – the EU-wide umbrella group of data protection regulators established under the 1995 Directive, soon to be succeeded by the European Data Protection Board established under the GDPR.

The comments are based on more detailed analysis of GDPR transparency provisions in Keller’s forthcoming Berkeley Technology Law Journal article, The Right Tools: Europe's Intermediary Liability Laws and the 2016 General Data Protection Regulation.

One set of comments addresses provisions in GDPR Articles 12, 13, and 14. While reasonable as applied to “back-end” data collected and used by intermediaries for purposes such as ad targeting, these provisions may cause real harm if applied to another class of data: expression and information publicly posted by Internet users. Read literally, these articles could require platforms to reveal confidential and personal information about online speakers. They could also lead platforms to improperly disseminate information about data subjects who exercise objection or erasure rights.

The second set of comments relates to public transparency about the processes and rules enforced by Google and other platforms in honoring “Right to Be Forgotten” requests. With support from the Working Party or Board, researchers’ understanding of these processes could be improved. Thoughtful and narrowly tailored transparency provisions, developed through consultations with experts on all sides of the issue, would support fundamental rights and the fairness and accountability principles of the GDPR.

Keywords: GDPR, General Data Protection Regulation, Right to Be Forgotten

Suggested Citation

Keller, Daphne, Comments on the Guidelines on Transparency under Regulation 2016/679 (January 23, 2018). Available at SSRN: https://ssrn.com/abstract=3262947

Daphne Keller (Contact Author)

Stanford Cyber Policy Center, Freeman Spogli Institute ( email )

Encina Hall, 616 Jane Stanford Way
Stanford, CA CA 94305
United States
6507234581 (Phone)

HOME PAGE: http://cyberlaw.stanford.edu/about/people/daphne-keller

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
76
Abstract Views
425
PlumX Metrics