Law in the Internet Society

View   r3  >  r2  >  r1
KraiAranSecondEssay 3 - 09 Jan 2022 - Main.KraiAran
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"
Deleted:
<
<
 
Changed:
<
<
The Admissibility of Evidence Obtained in Breach of GDPR
>
>

Can the Evidence Obtained in Breach of GDPR Be Used Against You in a Civil Lawsuit?

 
Deleted:
<
<
Introduction
 
Deleted:
<
<
Over the last two decades, the world has witnessed firsthand the technological revolution, which completely transformed the way people communicate and connect. Social media platforms like Facebook, Twitter, Instagram have become the storage of personal data in which the law enforcement agencies and the adverse party in a particular lawsuit will look for the evidence to identify the suspect and bring the best evidence to the court's attention. Nevertheless, in May 2018, the European Union passed the “General Data Protection Regulation” (GDPR), which is one of the strictest rules for personal data protection, to regulate the collection and processing of personal data. The provision of GDPR made a significant impact on the online investigation and the collection of online data because it tightens up the processing of personal data by requiring the social media company, as a data controller, to ask for specific, unambiguous consent from the data subject before handing it to a third person as evidence. However, what happened when evidence offered by the parties is obtained illegally without the prior, ambiguous consent as required by the GDPR? ‘Is the evidence obtained in breach of GDPR admissible in the court?’ This essay will find it out.

The Illegally Obtained Evidence

Even though the practice as to the admissibility of the illegally obtained evidence is divergent among jurisdictions across the world, this so-called “Fruit of the Poisonous Tree” principle, which was deeply rooted in the Fourth and Fifth amendment, has long been settled in the federal courts. According to this rule, the evidence obtained by an illegal search or the oral evidence about the facts discovered or seized during the unlawful search must be excluded, in order to deter the illegal government conduct by preventing them from benefiting by their illegal acts.
 
Changed:
<
<
>
>

Introduction

 
Changed:
<
<
This rule was initially applied to the physical evidence obtained during the illegal search and seizure by the police officer and later extended to the intangible evidence in Nardone v. United States (1937) in which the court ruled that the Federal Communication Act Section 605 rendered inadmissible not only evidence of the conversations heard by wiretapping but also evidence procured or made accessible by the use of that information.
>
>
Over the last two decade, the world has witnessed firsthand the technological revolution, which completely transformed the way people communicate and connect. Social media platforms like Facebook, Twitter, Instagram, or WhatsApp? have become a storage of personal data in which the adverse party in a civil lawsuit will look for the evidence to bring the best evidence to the court’s attention. Nevertheless, in May 2018, the European Union passed the “General Data Protection Regulation” (GDPR), which is one of the strictest rules for personal data protection, to regulate the collection and processing of personal data. The provision of GDPR made a significant impact on the online investigation and the collection of online data, because it tightens up the processing of personal data by requiring the social media company, as a data controller, to ask for a specific, unambiguous consent from the data subject before handing it to a third person as evidence. However, what happened when evidence offered by the parties is obtained illegally without the prior, ambiguous consent as required by the GDPR? ‘Is the evidence obtained in breach of GDPR admissible in the civil lawsuit?’ This essay will find it out.
 
Deleted:
<
<
In general, it is obvious that the main justification advanced in support of this rule is that it aims to prohibit the illegal act of the government officers, and it could be observed that the rule might be developing to apply in any other context in the future.

 
Changed:
<
<
“Fruit of the Poisonous Tree” in the Age of Digital Platforms
>
>

A Practice of Obtaining Evidence in the Age of Digital Platforms

 
Changed:
<
<
As we might have already known, people today use social media platforms as a way to express their thoughts and feelings, and courts are recently welcome social media content as evidence both for and against people. However, the advent of the GDPR significantly impacts the use of online personal data because it requires unambiguous consent from the data subjects to process their personal data. The picture of a person on Instagram, the location that a person checked in on Facebook, as well as the opinion tweeted on Twitter if taken, collected, or transmitted without his prior unambiguous consent, constitutes “processing of personal data,” which is potentially in breach of GDPR. On this basis, can the court accept such evidence obtained in breach of GDPR? To answer this question, 2 scenarios of breaching must be taken into consideration:
>
>
As we might have already known, people today use social media platforms as a way to express their thoughts and feelings, and courts are recently welcome social media content as evidence both for and against people. Personal data on social media platforms, for example, the picture of a person on Instagram, the location that a person checked-in on Facebook, as well as the opinion tweeted on Twitter are currently thought to be valuable sources of evidence that the opposing party and the legal counsel will definitely investigate when the lawsuit is anticipated. Moreover, a practice of obtaining evidence through potentially dubious means such as secret recording, hidden microphones or cameras is widely spread and prevalent because parties to civil cases are likely to do anything they can to introduce every relevant evidence to the court. These emerging litigation practices are absolutely a consequence of the digital and social media disruption.
 
Changed:
<
<
(1) When the evidence obtained by law enforcement agencies
>
>
To get a clear picture of how these personal data on social media work in the civil lawsuit, let’s take the case in Largent v. Reed (2011) as an example. In this case, the plaintiff, who claimed serious, permanent physical, mental injuries, pain and suffering, was rebutted by the post-accident photos of her Facebook account, showing that she was obviously feeling well. If the defendant counsel offered into evidence those personal photos saved from the plaintiff’s account without prior consent, would the photos be admissible? This example clearly illustrates how the social media content could be used against people in the court, which seems to be a normal practice these days.
 
Changed:
<
<
Let’s assume that the police, in an attempt to investigate the crime, used photos, locations, or communication garnered from the suspect’s social media sites as evidence without the suspect’s consent. Contrary to popular belief, Article 2 of GDPR clearly excludes the processing of personal data by competent authorities for the purpose of investigation of criminal offenses from the material scope of protection. Therefore, the act of the police in this scenario, even in violation of personal data, does not constitute a breach of GDPR and would potentially be accepted as evidence in court.
>
>
However, as you might notice, these practices also give rise to a question that ‘Should the courts in civil lawsuit accept the data obtained without consent as evidence to be considered in the court’s deliberation?’ This challenging question became more relevant when the GDPR, which requires the unambiguous consent from the data subjects “before processing their personal data,” became effective, and the practice of taking personal data from social media as well as recording of a voice call by hidden microphones or cameras all constituted “processing of personal data.”
 

Deleted:
<
<
(2) When the evidence obtained by parties to civil lawsuits
 
Changed:
<
<
This scenario could be exemplified by the Largent v. Reed (2011) case when the plaintiff, who claimed serious, permanent physical, mental injuries, pain, and suffering, was rebutted by the post-accident photos of her Facebook account, showing that she was obviously feeling well. If the defendant's counsel offered into evidence those personal photos saved from the plaintiff’s account without prior consent, would the photos be admissible? The answer here is ‘yes’ because the prohibition against using illegally obtained evidence applies only to law enforcement agencies. It does not apply to the evidence obtained by the private party.
>
>

Does the principle of “Illegally Obtained Evidence” Work in This Situation?

 
Added:
>
>
Some might argue that the personal data obtained without prior, unambiguous consent from the data subject, which is potentially in breach of GDPR, could not be introduced as evidence in a civil lawsuit, because such evidence is illegally obtained. However, contrary to popular belief, the prohibition against illegally obtained evidence applies primarily, essentially solely, to law enforcement.
 
Changed:
<
<
Final Thoughts
>
>
The principle of illegally obtained evidence has long been recognized from the decision in Weeks v. United States (1914), which created a strong version of exclusionary rule prohibiting unreasonable searches and seizures conducted by the federal agencies, and also the decision in Mapp v. Ohio (1961), which applied such principle to the state level. This rule primarily applied in order to protect the integrity of the courts, which would totally be degraded if the government agencies can turn the violation of the constitution into evidence through its prosecutors. Moreover, the Supreme Court in I.N.S. v. Lopez-Mendoza (1984) ruled that the defendant in civil proceedings could not suppress his or her identity even if subject to an unlawful arrest, and the exclusionary rule does not apply to deportation hearings, which are civil proceedings.
 
Changed:
<
<
On the basis of these considerations, it is likely that the evidence obtained in breach of GDPR could still be admissible in court. To put it another way, “consent,” which was once thought to be an effective safeguard against the wrongful use of personal data is not by any means a magic wand that can protect your personal data particularly when it was introduced as evidence in the courtroom. Therefore, the best way to protect your data, particularly when a lawsuit is reasonably foreseeable, is to use social media platforms that do not collect your personal data too much and try to think twice before posting or sharing any personal information on social media sites.
>
>
From the doctrine discussed above, it could be implied that the use of personal data garnered from social media platforms without prior consent is permissible in the civil proceedings because the rule of illegally obtained evidence does not function in this situation. Therefore, most of the courts are likely to accept these personal data without any issue.
 

Deleted:
<
<
I'm not sure I understand the idea behind this draft.
 
Changed:
<
<
By its terms, as you point out, GDPR provides no rights against access by European States conducting criminal investigations, end of story. No one has ever suggested that the exclusionary rule applied in US courts with respect to evidence acquired in violation of European or other non-US law. So there are no courts in iether the US or Europe that could conceivably exclude criminal evidence on the basis of a violation of GDPR. Full stop.
>
>

Final Thoughts

 
Changed:
<
<
We should clear up the confusion between the Fourth Amendment's exclusionary rule and the "fruit of the poisonous tree" doctrine. The Supreme Court has consistently held, from the decision in Weeks v. United States in 1914 that evidence obtained by federal officers in violation of the Fourth Amendment cannot be admitted in federal courts. The is not, as you suggest, in order to prohibit or deter the unconstitutional action by the federal officials in acquiring the evidence. The rule is not, as Benjamin Cardozo scoffed, that the criminal goes free because the constable blundered. The rule defends the integrity of the federal courts, which is degraded if the executive branch, through its prosecutors, can turn violation of the constitution into evidence that will convict in its courts. By applying this principle to all state courts prosecutions through section 1 of the Fourteenth Amendment in Mapp v. Ohio in 1961, the Supreme Court turned that into a personal Constitutional right of all Americans to a judicial process that cannot turn the rule of law into an evidence laundry for despotism. That's a big deal.
>
>
On the basis of these considerations, it is likely that the evidence obtained from social media platforms in breach of GDPR could still be admissible in the civil proceedings. To put it another way, “consent,” which was once thought to be an effective safeguard against the wrongful use of personal data is not by any mean a magic wand that can protect your personal data particularly when it was introduced as evidence in the courtroom. Therefore, the best way to protect your data, particularly when lawsuit is reasonably foreseeable, is to use the social media platforms that do not collect your personal data too much and try to think twice before posting or sharing any personal information on the social media sites.
 
Deleted:
<
<
So what do we do, in the real world of police business, when a warrant that should not constitutionally have been granted results in a search that yields a valid basis for a further search warrant that produces valuable evidence? This second-order consequence of supressible evidence is "the fruit of the poisonous tree." See Silverthorne Lumber Co. v. United States; Nardone v. United States.
 

KraiAranSecondEssay 2 - 01 Jan 2022 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"
Deleted:
<
<
 
Deleted:
<
<
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted.
 The Admissibility of Evidence Obtained in Breach of GDPR
Line: 59 to 57
 
Added:
>
>
I'm not sure I understand the idea behind this draft.

By its terms, as you point out, GDPR provides no rights against access by European States conducting criminal investigations, end of story. No one has ever suggested that the exclusionary rule applied in US courts with respect to evidence acquired in violation of European or other non-US law. So there are no courts in iether the US or Europe that could conceivably exclude criminal evidence on the basis of a violation of GDPR. Full stop.

We should clear up the confusion between the Fourth Amendment's exclusionary rule and the "fruit of the poisonous tree" doctrine. The Supreme Court has consistently held, from the decision in Weeks v. United States in 1914 that evidence obtained by federal officers in violation of the Fourth Amendment cannot be admitted in federal courts. The is not, as you suggest, in order to prohibit or deter the unconstitutional action by the federal officials in acquiring the evidence. The rule is not, as Benjamin Cardozo scoffed, that the criminal goes free because the constable blundered. The rule defends the integrity of the federal courts, which is degraded if the executive branch, through its prosecutors, can turn violation of the constitution into evidence that will convict in its courts. By applying this principle to all state courts prosecutions through section 1 of the Fourteenth Amendment in Mapp v. Ohio in 1961, the Supreme Court turned that into a personal Constitutional right of all Americans to a judicial process that cannot turn the rule of law into an evidence laundry for despotism. That's a big deal.

So what do we do, in the real world of police business, when a warrant that should not constitutionally have been granted results in a search that yields a valid basis for a further search warrant that produces valuable evidence? This second-order consequence of supressible evidence is "the fruit of the poisonous tree." See Silverthorne Lumber Co. v. United States; Nardone v. United States.

 

KraiAranSecondEssay 1 - 07 Dec 2021 - Main.KraiAran
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="SecondEssay"

It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted.

The Admissibility of Evidence Obtained in Breach of GDPR

Introduction

Over the last two decades, the world has witnessed firsthand the technological revolution, which completely transformed the way people communicate and connect. Social media platforms like Facebook, Twitter, Instagram have become the storage of personal data in which the law enforcement agencies and the adverse party in a particular lawsuit will look for the evidence to identify the suspect and bring the best evidence to the court's attention. Nevertheless, in May 2018, the European Union passed the “General Data Protection Regulation” (GDPR), which is one of the strictest rules for personal data protection, to regulate the collection and processing of personal data. The provision of GDPR made a significant impact on the online investigation and the collection of online data because it tightens up the processing of personal data by requiring the social media company, as a data controller, to ask for specific, unambiguous consent from the data subject before handing it to a third person as evidence. However, what happened when evidence offered by the parties is obtained illegally without the prior, ambiguous consent as required by the GDPR? ‘Is the evidence obtained in breach of GDPR admissible in the court?’ This essay will find it out.

The Illegally Obtained Evidence

Even though the practice as to the admissibility of the illegally obtained evidence is divergent among jurisdictions across the world, this so-called “Fruit of the Poisonous Tree” principle, which was deeply rooted in the Fourth and Fifth amendment, has long been settled in the federal courts. According to this rule, the evidence obtained by an illegal search or the oral evidence about the facts discovered or seized during the unlawful search must be excluded, in order to deter the illegal government conduct by preventing them from benefiting by their illegal acts.

This rule was initially applied to the physical evidence obtained during the illegal search and seizure by the police officer and later extended to the intangible evidence in Nardone v. United States (1937) in which the court ruled that the Federal Communication Act Section 605 rendered inadmissible not only evidence of the conversations heard by wiretapping but also evidence procured or made accessible by the use of that information.

In general, it is obvious that the main justification advanced in support of this rule is that it aims to prohibit the illegal act of the government officers, and it could be observed that the rule might be developing to apply in any other context in the future.

“Fruit of the Poisonous Tree” in the Age of Digital Platforms

As we might have already known, people today use social media platforms as a way to express their thoughts and feelings, and courts are recently welcome social media content as evidence both for and against people. However, the advent of the GDPR significantly impacts the use of online personal data because it requires unambiguous consent from the data subjects to process their personal data. The picture of a person on Instagram, the location that a person checked in on Facebook, as well as the opinion tweeted on Twitter if taken, collected, or transmitted without his prior unambiguous consent, constitutes “processing of personal data,” which is potentially in breach of GDPR. On this basis, can the court accept such evidence obtained in breach of GDPR? To answer this question, 2 scenarios of breaching must be taken into consideration:

(1) When the evidence obtained by law enforcement agencies

Let’s assume that the police, in an attempt to investigate the crime, used photos, locations, or communication garnered from the suspect’s social media sites as evidence without the suspect’s consent. Contrary to popular belief, Article 2 of GDPR clearly excludes the processing of personal data by competent authorities for the purpose of investigation of criminal offenses from the material scope of protection. Therefore, the act of the police in this scenario, even in violation of personal data, does not constitute a breach of GDPR and would potentially be accepted as evidence in court.

(2) When the evidence obtained by parties to civil lawsuits

This scenario could be exemplified by the Largent v. Reed (2011) case when the plaintiff, who claimed serious, permanent physical, mental injuries, pain, and suffering, was rebutted by the post-accident photos of her Facebook account, showing that she was obviously feeling well. If the defendant's counsel offered into evidence those personal photos saved from the plaintiff’s account without prior consent, would the photos be admissible? The answer here is ‘yes’ because the prohibition against using illegally obtained evidence applies only to law enforcement agencies. It does not apply to the evidence obtained by the private party.

Final Thoughts

On the basis of these considerations, it is likely that the evidence obtained in breach of GDPR could still be admissible in court. To put it another way, “consent,” which was once thought to be an effective safeguard against the wrongful use of personal data is not by any means a magic wand that can protect your personal data particularly when it was introduced as evidence in the courtroom. Therefore, the best way to protect your data, particularly when a lawsuit is reasonably foreseeable, is to use social media platforms that do not collect your personal data too much and try to think twice before posting or sharing any personal information on social media sites.


You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.


Revision 3r3 - 09 Jan 2022 - 03:43:48 - KraiAran
Revision 2r2 - 01 Jan 2022 - 19:47:15 - EbenMoglen
Revision 1r1 - 07 Dec 2021 - 16:32:33 - KraiAran
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM