[SamReidHughes]

When can Congress pass a law requiring newspapers to delete information it has collected about somebody?

[Dylan16807]

I think you're conflating GDPR with other laws. GDPR isn't about editorial content, it's about data you collect on your users.

[SamReidHughes]

Which is information you might want to keep and share. So that you can talk about people.

Example: if I want to say Brian accessed my website last Thursday.

[Dylan16807]

You can do journalism about Brian specifically, but you can't preemptively store information about everybody just in case.

[SamReidHughes]

Then you can't keep information around necessary to defend yourself against defamation.

[CamTin]

They've done so in other industries a couple times with HIPAA and FERPA. What makes newspapers different?

[Mvandenbergh]

The way that works (and in fact the way that classification of government secrets works in the US) is that this information is 'born secret'.

This information is has to be kept away from the public, including journalists, but there is no law preventing journalists from publishing information about someone's health. HIPAA doesn't cover journalists, it just prevents covered entities from giving journalists information.

[SamReidHughes]

FERPA's tied to federal funding.

The constitution specifically calls out for a "free press."

[duxup]

I don't think things like GDPR and "free press" are in conflict like you think they are.... at least you haven't explained how they are supposedly in conflict.

HIPAA exists... and it doesn't prevent the press from using that information.

[SamReidHughes]

Part of free speech is being able to gather and record information. Observation.

[duxup]

The press can do that... that's allowed.

I'm not sure your really have a good grasp on what any of these laws actually do, let alone 'free speech'. You keep alluding to complications that don't exist and don't explain what you're talking about.

[SamReidHughes]

If the GDPR didn't affect press freedom, the USA Today wouldn't be serving a different version of its website to EU users.

[duxup]

My doctor can't share information even if he has collected it about me.

It's not like information doesn't have restrictions already, those situations do not seem to have been ruled unconstitutional...

[DanBC]

GDPR can't do that either.

[SamReidHughes]

It does do that.

[hannasanarion]

No it doesn't. Newsworthy information is an explicit exception listed in Article 17, and so is free speech.

[SamReidHughes]

Who decides newsworthy? Their subscriber list is newsworthy if they deem it so.

[hannasanarion]

First, the company decides whether the request needs to be complied with or not, and if the user doesn't like that decision, they can complain to the regulators who may choose whether the refusal is worth looking into.

[SamReidHughes]

Regulators.

[DanBC]

No. Here's the full text of the right to erasure. Pay attention to all the reasons given for why processors can ignore the request to erase data.

https://gdpr-info.eu/art-17-gdpr/

But then look at para 3.

> Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:

> for exercising the right of freedom of expression and information;

[SamReidHughes]

Then I'm going to store all the information I want, for the purpose of expressing it to others. Oh wait, I can't do that? Somehow the EU has a different definition of "freedom of expression" in mind than what the words actually mean.