Demetra Garbasevschi - Infoselves

This was 2012. Only two years later, the actions of one single individual set in motion a chain reaction that accelerated the adoption of legislation aimed at protecting the identity of individuals in the online environment. Following the complaint of a Spanish citizen, directed at Google Spain, Google Inc, and a local newspaper, about outdated and unjustly incriminating personal data appearing in searches, the EU Court of Justice ruled in favor of “the right to be forgotten,” taking a first step in the legal protection of personal information online (European Court of Justice 2014). Citizens of the European Union now had the power to request search engines like Google to remove search results based on a person’s name, if the information included in these results was inaccurate, inadequate, irrelevant, or excessive. From June 2014 to April 2019, Google had received 801,659 queries in connection with the “right to be forgotten,” requesting the removal of 3,124,642 URLs, according to Google Transparency Policy (2019). What is more useful to note is that the number of requests has grown annually and that almost 90% of these requests were originated by private individuals. Not all requests find their resolution. Google makes it clear that they are evaluated on a case-by-case basis, taking into account criteria such as the importance of personal information to the general public or the position and history of the person requesting the removal. The rights to privacy and data protection are therefore analyzed against other values, rights, or interests, for example freedom of speech or freedom of access to information. Moreover, this being EU legislation, it applies to EU citizens only (URLs that appear in European search results are delisted; also, with the use of geolocation signals, access to a certain URL from the country of the requester is restricted). Yet it affects any company outside of the EU targeting EU citizens. By defending the right of European individuals to personal data protection online, the “right to be forgotten” was the first breakthrough in founding a global legislative system able to protect the identities of individuals in the online environment.

What followed is by now notorious. The GDPR (General Data Protection Regulation), a historic change in personal data protection legislation, was adopted by the European Parliament (2016) and has been enforced since 2018 in all EU countries. European Union citizens benefit from a common legal framework that limits their exposure as data subjects and allows them to question the collection, storage, and use of any personal information online. Looking at the definition of “personal data” provided by the European Commission (n.d., online), we can understand how, by stipulating how their personal data can be handled, the premise of regulation is to protect the identities of individuals:

Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Personal data that has been de-identified, encrypted or pseudonymised but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.

The GDPR, still in its infancy and still to prove its long-term efficiency, succeeded in setting a global regulatory standard that pressured consistent followership from other countries around the world. In the US, where Silicon Valley exercises a major economic influence and acts as an important consultative pillar for this type of legislative decision, a federal law with a scope similar to that of the GDPR is yet to be designed and enforced. In the meantime, there have been various signals that such a regulatory initiative is long overdue. Facebook has received a fine of US$5 billion, the largest penalty ever imposed on a company for breaches of consumer privacy, and 20 times greater than any similar penalty ever imposed worldwide (Federal Trade Commission 2019). In a May 2019 op-ed in The New York Times , Chris Hughes – one of Facebook’s initial five co-founders – openly advocated for the breakup of Facebook and sustained regulatory reform:

For too long, lawmakers have marveled at Facebook’s explosive growth and overlooked their responsibility to ensure that Americans are protected and markets are competitive.

(Hughes 2019)

Hughes refers to Facebook’s successive moves towards insulating itself from competition: in 2012, it acquired Instagram and, in 2014, WhatsApp. Hughes’s argument is based on the claim that the resulting colossus is both too powerful and too dangerous. Breaking it up would ensure healthy competition, while regulating it would prevent further abuses of power. What is noteworthy to mention is that Facebook’s response to Hughes’s plea, although expectedly not in favor of dismantling the company, acknowledges the long overdue need for tight regulation:

We are in the unusual position of asking for more regulation, not less. … Anyone worried about the challenges we face in an online world should look at getting the rules of the internet right.

(Clegg 2019)

It is difficult to predict what a comprehensive legal framework covering all aspects of the online environment – personal, social, and commercial – would look like, or the effects of implementing unifying regulation at a global scale to companies and individuals. From a broader perspective, there is no precedent validated by history to guide lawmakers in approaching such a gargantuan task. The turmoil surrounding the repetitive offences of Facebook and those of other platforms points to the deficiency of existing laws and, at the same time, reveals a system that has been operating in retrospect. For too long, the online environment had been regulating itself. Only when flagrant consequences transpired did boundaries begin to be erected one by one. Yet, continuing to design and enforce legislation for the online environment is not a straightforward task. Going back to the goal of the “Onlife Initiative,” we must be ready to update our conceptual framework in order to be able to understand and address the never-ending challenges related to our digitization as a global society.

I have digressed: this is not a book about the trajectory of Facebook or social media, nor is it a book about regulation in the online environment, although both are crucial aspects that define where we are and help set the scene for the discussion proposed here. This is a book about each and every individual that is incessantly connected to this new social reality made possible through digital technologies of connectivity. In the face of the immense and still unchartered landscape that is the online environment, the importance and perspective of the single individual can be easily overlooked. Yet the individual is the most significant unit of a new value system; in that quality they need thorough consideration and protection, sometimes from their very own actions.

Every society in the world has the mission to equip its young with the tools to navigate social life and thus become social individuals, part of the larger community. From a very early age we are taught the norms, values, and customs of our society. We learn from our parents, educators, and role models what is good and what is bad, what is socially acceptable and what is not. We are shown how do behave in certain social circumstances and what are the consequences if we do not conform. This lengthy process that can last a lifetime is called socialization. While socialization comes with numerous dos and don’ts for conventional living, it does not yet include an online package. Much as the legal system, the social system has been caught off guard by the speed and the spread of the online engagement of its members. How exactly do we socialize the young for an environment that is more familiar to them than to the older members of society, the very ones that are supposed to be in charge of socialization? From this perspective, we could say that socialization has been going through a process of reversal. It is the young who have often socialized the older members of society to be equipped to take part in the digital world, an idea David Altheide introduced as early as 1995 (Altheide 1995). But this happens mostly at a technical level and escapes the problematic territory of values and norms. The reality is that the young have received no social training to help them navigate onlife . The approach of parents has mostly been one of uncritical adoption of digital technology. One of the well-being specialists I have interviewed insightfully remarks: