The GDPR as Privacy Pretext and the Problem of Co-Opting Privacy

28 Pages Posted: 26 Jul 2022

See all articles by Neil M. Richards

Neil M. Richards

Washington University School of Law; Yale Information Society Project; Stanford Center for Internet and Society

Date Written: July 18, 2022

Abstract

Privacy and data protection law's expansion brings with it opportunities for mischief as privacy rules are used pretextually to serve other ends. This Essay examines the problem of such co-option of privacy using a case study of lawsuits in which defendants seek to use the EU’s General Data Protection Regulation (“GDPR”) to frustrate ordinary civil discovery. In a series of cases, European civil defendants have argued that the GDPR requires them to redact all names from otherwise valid discovery requests for relevant evidence produced under a protective order, thereby turning the GDPR from a rule designed to protect the fundamental data protection rights of European Union (EU) citizens into a corporate litigation tool to frustrate and delay the production of evidence of alleged wrongdoing.

This Essay uses the example of pretextual GDPR use to frustrate civil discovery to make three contributions to the privacy literature. First, it identifies the practice of defendants attempting strategically to co-opt the GDPR to serve their own purposes. Second, it offers an explanation of precisely why and how this practice represents not merely an incorrect reading of the GDPR, but more broadly, a significant departure from its purposes—to safeguard the fundamental right of data protection secured by European constitutional and regulatory law. Third, it places the problem of privacy pretexts and the GDPR in the broader context of the co-option of privacy rules more generally, offers a framework for thinking about such efforts, and argues that this problem is only likely to deepen as privacy and data protection rules expand through the ongoing processes of reform.

Suggested Citation

Richards, Neil M., The GDPR as Privacy Pretext and the Problem of Co-Opting Privacy (July 18, 2022). 73 Hastings Law Journal 1511 (2022), Available at SSRN: https://ssrn.com/abstract=4166261

Neil M. Richards (Contact Author)

Washington University School of Law ( email )

Campus Box 1120
St. Louis, MO 63130
United States
314.935.4794 (Phone)

HOME PAGE: http://law.wustl.edu/faculty-staff-directory/profile/neil-richards/

Yale Information Society Project ( email )

New Haven, CT 06520
United States

Stanford Center for Internet and Society ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
62
Abstract Views
292
rank
500,443
PlumX Metrics