You Are Who Google Says You Are
Even with a potential right to be forgotten, Internet users may always struggle with their online past.
WORDS BY Mei Wang // ART BY Colleen Lowery
She took down her Twitter account, got rid of selfies and anything political across all of her social media platforms. She nixed food porn shots on Instagram, deleted inappropriate high school pictures on Facebook, and untagged herself from Facebook photos she deemed inappropriate for her brand image too.
That’s what Jacqueline Janssen, a fashion design junior at Syracuse University, did in March after speaking to her fashion and beauty professor Zandile Blay. Blay explained how Janssen should portray herself on social media in the fashion industry, since different fashion houses and designers generally stick to one specific angle, whether it is selling a lifestyle or showing behind-the-scenes work.
“Blay told me to find what path I wanted to take and to decide how much of my personal life I want to broadcast on social media,” Janssen says. “I prefer a more private personal life and an open art and design life for everyone to see on social media.”
Although image maintenance is nothing new, the personas we present are now available online, 24/7, and are watched not only by our friends but also future employers and business partners. To a great extent, we are whoever Google says we are. As a result, questions arise on whether we should have the right to demand that search engines erase compromising information.
“They deserve the right to remove this material that could haunt them for years to come,” said Darrell Steinberg, a Democrat who wrote the bill that provides minors an online “erase button.”
The European Court of Justice ruled on May 13 that European Union citizens could request to have their personal data scrubbed from search engines — a “right to be forgotten.” The ruling is based on the case of Mario Costeja González, who complained that an auction notice of his repossessed home in a 1998 newspaper that appeared in Google’s search results infringed on his privacy. The new ruling allows the petitioners to submit a request form on Google’s legal page, where they must provide personal information, links they want to remove, and justifications. They also need to upload a copy of their driver’s license or national ID for identity verification. According to The New York Times, about 1,000 Europeans submitted requests to Google to take down links in the first few days after the court’s ruling. About half of them had criminal convictions.
But information requested for removal can only be partly forgotten. Google requires petitioners to select “the country whose law applies to your request,” to determine which Google domain will remove the result. For instance, if a French citizen requests a link removal, it will only disappear from Google.fr, but not Google.com, Google.de, or other domains.
In January 2012, Viviane Reding, the vice president of the European Commission, said in a speech: “If an individual no longer wants his personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.” It seems unlikely, however, that a similar law will pass in the U.S., according to online privacy law experts.
“It could undermine free expression,” says Jasmine McNealy, an assistant professor in the Information Communication Technology Program at the University of Kentucky. “The U.S. has very strong protection for freedom of expression. I think it would be very difficult for a plaintiff to win a case like this in the U.S.”
Bradley Shear, a Maryland-based lawyer specializing in social media privacy law, thinks the European ruling is based on a good concept. “How it would be turned out and implemented is problematic. Because things like your criminal history are public records, people have the right to know that,” Shear says. Concerns over Internet privacy and security have already led to dozens of legislative proposals in the U.S.
According to the National Conference of State Legislatures, the Stored Communications Act of 1986 protects employees’ privacy in their electronic communications. The Act, however, has only been applied to select communications or social media sites. In September 2013, by a vote of 62-12, California became the first state to ask all websites to add an “erase button” for minors to delete posts. The law, Senate Bill 568, will be enacted in January 2015, but it won’t apply to posts that have been reposted by a third website.
Senate leader Darrell Steinberg, a Democrat who wrote the bill, said in a Sept. 2013 statement that the law would protect children from hastily posting pictures or messages. “They deserve the right to remove this material that could haunt them for years to come,” Steinberg wrote in the statement.
It’s not only about not posting things — we need to understand privacy as our right,” says Bradley Shear, a lawyer specializing in social media law.
Other possible solutions fall into four major categories: employer access to an employee’s social media usernames and passwords; security breach legislation; data disposal laws; and social media privacy laws. Since increasing numbers of Americans use social media both on and off the job, some employers have asked employees to turn over their usernames or passwords to personal accounts. But in 2012, state legislation was passed to prohibit employers from requesting that information from employees and applicants.
As of May 30, 68 bills related to online privacy have been introduced or considered in at least 28 states this year, according to the NCSL. The states that have enacted such a law include Louisiana, Maine, Oklahoma, Tennessee, and Wisconsin. And in 2013, 71 bills were introduced or considered in at least 36 states. Ten states — Arkansas, Colorado, Illinois, Nevada, New Jersey, New Mexico, Oregon, Utah, Vermont, and Washington — enacted legislation.
Although the laws vary by state, many prohibit students and employees from “friending” their employers and school officials. Other laws prevent supervisors from accessing private accounts through a friend or “shoulder surfing,” when a person is required to log in to a social media account while an employer or official is present.
Personal information is often collected by businesses and government and is stored in digital and paper format. As of Dec. 26, 2013, at least 30 states have passed laws that require businesses to destroy personal information in both paper and digital formats or make it undecipherable. Only 14 states apply a similar law to governments. Arizona’s statute is confined to paper records, while Nevada requires encryption or destruction of information on data-storage devices.
In addition to the legislative proposals, new technologies have been introduced to help people protect their online privacy. Suicidemachine.org, for instance, is a website that helps people delete all their posts on social media and leave no searchable information. Wickr is an instant messenger for iPhone and Android that allows users to send encrypted messages without a trace, including photos and file attachments. And Snapchat, a popular photo messaging app among young people, destroys users’ photos seconds after they’re sent.
But nothing is 100 percent secure. Snapchat revealed in a settlement with the Federal Trade Commission (FTC) that the so-called self-destructing images could be used by third-party apps. Its Find Friends feature allowed hackers to steal 4.6 million usernames and phone numbers.
WORDS BY Ashley Branch
The newest trend in travel, selfie hotels, encourages everyone to snap a great vacation.
WORDS BY Lauren Boudreau
On the quest for cheap rent and cultural diversity, 20-somethings are reinventing the burbs. Here are seven of the nation’s finest.
WORDS BY Chris Landers
What to read, watch, and listen to now.