Google, the EU, Online Privacy, and Your “Right to Be Forgotten”

online privacy

On Tuesday, May 13th, the European Court of Justice mandated that Google and other search engines must remove information about an individual from their search results if that individual requests it. This is a landmark ruling for many reasons, as it legitimizes the legal concept of the “right to be forgotten” and rewrites what privacy means in Europe.

As the European Court of Justice (often abbreviated as ECJ) is roughly the equivalent of the US Supreme Court, it isn’t a surprise that this new ruling is a big deal. Not only will this decision cost Google and other search engines a lot of money to handle these personal data requests, but all EU courts will have to take this rule into consideration whenever privacy and data protection cases come up.

So, what does this law say exactly?

According to the ECJ’s summary of their decision:

An internet search engine operator is responsible for the processing that it carries out of personal data which appear on web pages published by third parties. Thus, if, following a search made on the basis of a person’s name, the list of results displays a link to a web page which contains information on the person in question, that data subject may approach the operator directly and, where the operator does not grant his request, bring the matter before the competent authorities in order to obtain, under certain conditions, the removal of that link from the list of results.

Why is this important to Your Online Privacy?

Basically, the ECJ has ruled that individuals have a right to control their personal data and information. Coined as the “right to be forgotten”, this legal concept originated from the French idea of a “right to oblivion”, where after a convict has served their prison time, the details of their sentence and incarceration won’t be published.  In relation to internet searches, this essentially means that so long as public interests aren’t involved, individuals can demand “rectification, erasure or blocking” of data related to them, negative or otherwise.

What impact could this ruling have?

While the US is unlikely to ever adopt this “right to be forgotten” as it clashes with the First Amendment right of free speech, this ruling has many concerned. The EU has always been stricter in regards to privacy; however, the details about how this law will be enforced are unclear.

On one hand, this ruling seems reasonable as most people have things they wish could be erased from the Internet. Ranging from drunken pictures that hurt job searches to asylum seekers and domestic violence victims who wish to leave their painful pasts behind, this law could be a desired change.

However, there are big judgments that must be made in the process. Who decides what information stays and what gets deleted? Where’s the line between data that is important for the public to have access to and data that falls under an individual’s personal control?

With this law comes the risk of self-motivated censorship, as there are certainly individuals who would benefit from inconvenient information being taken down. Likewise, a future situation could occur where search results for the same terms in Europe and the US are completely different, such as the manner in which censorship impacts current day searches from inside and outside China.

While time will show how this ruling eventually plays out, there are certainly important implications for both EU and other nations’ privacy laws that have yet to be realized.

About Dan Johnson

Dan has been involved with computers in the early 1990s with a 2400 baud dialup modem. Since then, he has been working on various internet projects for over a decade and makes a conscience effort to inform others about staying safe on the internet. Currently he works with IronSocket and some other online side projects, when not hiking through the pine forests around his house.