Intermediary publishers and European data protection: Delimiting the ambit of responsibility for third-party rights through a synthetic interpretation of the EU acquis
Published version
Peer-reviewed
Repository URI
Repository DOI
Change log
Authors
Abstract
With the explosion of computer technology, vastly more and more varied types of data related to individuals are being disseminated online, often without their consent. Whilst intermediary publishers are not the initial and immediate cause of this, they generally play a contributory role and engage in further (semi-)autonomous processing such as organising or promoting content. Current case law rather haphazardly recognises intermediary publishers to be data protection ʻcontrollersʼ and/or protected by the intermediary ʻhostʼ shield, whilst also acknowledging the engagement of general human rights law. Seeking to synthetically balance the competing purposes which underlie these three legal frameworks, this article argues that greater responsibility should flow from more autonomous control but that some shielding is still necessary for all intermediary publishers. Conceptually it is argued that such a synthetic approach leads to intermediary publishers being grouped into three increasingly autonomous categories - ʻprocessor hostsʼ, ʻcontroller hostsʼ and ʻindependent intermediariesʼ - which should be subject to a successively greater ambit of responsibility accordingly. Detailed elaboration of the resulting duties must also take account of the seriousness of the potential interference with competing rights and, in this regard, should give weight to the divergent resource capacity of otherwise similarly situated actors.
Description
Keywords
Journal Title
Conference Name
Journal ISSN
1464-3693