Objectives
In the landmark decision Google Spain v AEPD and Mario Costeja González, the Court
of Justice of the European Union has declared that individuals have a so-called ‘right to
be forgotten.’ This assignment aims to explore the philosophical and legal scope of
control over the storage of private information in online systems in the European Union
(EU) and US. The learning outcomes for this assignment are to provide students the
ability to examine the legal dispute (civil, criminal, private) in the landmark case of 2014
and understand the legal and ethical arguments and evidence used to resolve it (PLE3).
Another learning outcome is to understand the organization’s responsibilities related to the
handling of data in the US and EU and their obligation to maintain privacy as it pertains
to legal, ethical, and/or agency auditing issues (PLE2).
Structure
This legal and ethical assignment is designed to provide students with hands-on
experience analyzing a historical case and identifying real-world solutions for fulfilling the
legal and ethical requirements associated with information privacy. For the second part of
the assignment (Outcome PLE2), students will select an organization that they are
familiar with to use as the basis for this part of the assignment.
Assignment • Provide an executive summary addressing the key guidelines points below
• Provide section titles for the 7 question items
• Executive summary should be brief, 3-5 pages
• A cover page and a reference page in APA format
• Include a cover page with your name, the term (Winter 2022), the course name (MMIS-623),
and the professor’s name (Dr. Ramim), and a reference page
• Include a minimum of 5 references (academic and industry, *minimum 3 academic peer-reviewed)
QUESTION ITEMS
1. Outline the case Google Spain v AEPD and Mario Costeja González, the “right to be
forgotten” as it pertains to data protection, privacy, freedom of expression, search
engines companies.
2. Summarize the relevant data protection regulation (i.e., acts, directives, etc.) in the US
and EU
3. Provide an argument for a fairer balance between the data individual’s right to
privacy, data protection, the general public’s access to information, web publishers’,
and search engines’ rights to freedom of expression.
4. Describe the applicable laws and policies (in the US and EU) of cyber defense
responsibilities related to the handling of data as it pertains to issues of legal, ethical
and/or agency auditing (i.e., in regulated industries such as banking, finance,
healthcare, etc.).
5. Provide an ethical stand on the “right to be forgotten” in the following cases –
5.1. A victim of crime
5.2. Cyberbullying
5.3. Social media platforms
5.4. A victim of non-consensual pornography
5.5. Information that puts individuals at risk of identity theft
6. Describe the practices at your organization (or one that you are familiar with) on the
handling of data privacy, data storage, and transmission.
7. How will your organization handle an individual request to de-list their information?
