Yesterday was international Data Privacy Day–if you had no idea then it succeeded. Ironically, this annual campaign to increase awareness over data privacy falls right in the middle of one of the most interesting cases to impact social media privacy and personal data in many years.
The case deals with a number of anti-Semitic tweets that were being posted in French, allegedly by French users of Twitter. Unlike the United States which is highly permissive of hate speech (so long as the speech does not incite violence or is considered fighting words, among the few exceptions), France has specific hate speech laws that provide for both civil and criminal actions against those who defame or insult people based on ethnicity, nationality, religion, race, sexual orientation, or if they are handicapped.
Although the case ends in France (for now), it actually began in Germany when a Neo-Nazi group had access to their Tweets blocked to German users of Twitter in October 2012. At the start of 2012, Twitter rolled out functionality that allowed them to block specific content to countries with laws preventing those kinds of speech. Although initially subjected to scorn for this action by free speech advocates, Twitter pointed out that prior to this feature their only option was to take down tweets globally or leave them up globally. This new feature allowed a more targeted approach but also brought greater emphasis to the national differences in free speech protection.
This new feature was used by Twitter to block the Neo-Nazi group in October. It was almost immediately followed up by requests from French organizations against similarly anti-Semitic tweets. Twitter complied with the requests and blocked the tweets to French users. One of the groups involved with the French blockage was not content to merely have the tweets out of circulation–they wanted to go after the individuals posting the hateful content. The French Union of Jewish Students filed suit against Twitter in France demanding the personal information for specific Twitter accounts posting the anti-Semitic content. A judge heard the group’s argument last week and issued a ruling in their favor demanding that Twitter turns over the personal information for these accounts.
Twitter is reportedly considering the court’s decision. They are not obligated to follow the order–Twitter has no offices in France so there’s no place for authorities to show up and demand action. Twitter does, however, have many French users and sell advertising to companies in France–so there’s always the potential for the issue to escalate and impact Twitter’s operations within France.
But the case brings up some interesting questions and social media and the differences in legal protections. We are accustomed to thinking of social media as knowing no boundaries but laws certainly know boundaries. Speech that is legal in your country may be illegal somewhere else. Whose law applies? The country you live in? The country Twitter operates in? The country where the person who read your content lives?
Most of my readers are from the United States where we take freedom of speech for granted. So think of it this way–what if one of your tweets was enough to have you sentenced to death by the courts of a foreign country? And then that country asked Twitter for all the information they had on you.
Yeah, that’s a bit scary.
And it isn’t so far from the truth. Egypt did sentence an American citizen to death for his role in a movie critical of Islam. Given this individual’s reputation, he probably intended the movie to be a bit controversial. But what if it happened to someone not trying to stir things up and then the foreign country asked Twitter to hand over the information?
I’m not saying this has happened or Twitter would comply. Twitter has said that they comply with 63% of government requests which is a good amount shy of 100%. Google just posted a great entry about how they handle government requests. I do not envy them the work that must go into reviewing those requests.
Still, this French request is not without precedent. In 2011, Twitter was served with a subpoena to turn over personal information for some users in the UK. The request was made in relation to a case against some anonymous bloggers and was made two years after the case was initially filed (the case did mention the blogging platform but not Twitter, this seemed to be more of an angle to uncover information on the anonymous blogger). Twitter told their user of the request and that the user had a few weeks to respond but when he didn’t Twitter turned over the information.
The catch is that the case involved some local politicians in the UK against an anonymous blogger in the UK but the lawsuit was filed in California (where the blogging platform and Twitter operate). The user could have objected to Twitter turning over the information but would have needed a lawyer in California to make the objection. Maybe we like that rule–California has some great sushi restaurants and some decent free speech protections. But the concept of a court action that compels your information taking place thousands of miles from your home that would incur significant expense if you wanted to defend the release of that information is a bit concerning. Granted, here there was a case in California (defamation and libel, mostly) and California doesn’t sentence people to death over speech, but the underlying notion of a case pending against you thousands of miles from your home is a bit alarming.
Social media has given us all a global stage for speaking to the world without the realization that the entire world might actually be listening and that our speech might be a crime. While the world celebrated Data Privacy Day yesterday (somebody did, I’m guessing) we should keep an eye on a huge exception to privacy–court cases that can trigger the release of personal information based on laws in a country you’ve never visited.