EU Restricts 'Right to Be Forgotten' Rule to European Websites Only
The battle for internet privacy received a setback yesterday when the European High Court ruled that the "right to be forgotten" can only be applied to websites located in the EU. The ruling is a big victory for Google, which had been fighting efforts from ordinary people to keep some of their personal information off of search engines worldwide.
A 2014 European court decision affirmed an individual's right to request that tech companies like Google remove URLs from search results related to their name. The French privacy agency CNIL took the ruling one step forward and ruled that individuals could request a removal of URLs from worldwide searches.
But the High Court disagreed, noting the problems inherent in that request.
The CNIL argued that in most cases, the only way to ensure an individual's rights are protected online is to delist information about that person on a global scale.
But the court said Google must only comply with de-referencing requests on its domains that operate inside the EU's member states — like google.fr — not on all of its sites.
Acknowledging the global nature of the Internet and the competing demands of different privacy laws, the EU court's ruling states, "it should be emphasized that numerous third States do not recognize the right to de-referencing or have a different approach to that right."
The case grew out of a filing by a Spanish man who objected to some outdated, inaccurate personal information about him that appeared on search engines. The court recognized his right to privacy as long as information at a URL is deemed "inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed."
The clarification by the High Court on the right to privacy makes it easier for Google.
In the first several years after the landmark 2014 ruling, Google said it received more than 650,000 requests to strike more than 2.43 million URLs from search results. It agreed to remove roughly 43 percent of those URLs.
The question of the right to privacy vs. free speech is an interesting one. In a 2014 column by Forbes columnist Joseph Steinberg, it's argued that the erosion of privacy makes the "right to be forgotten" necessary and urgent. He points out that "People should realize that many privacy protections that Americans believe that they enjoy – even some guaranteed by law – have, in fact, been eroded or even obliterated by technological advances."
Some have argued that the “right to be forgotten” undermines the right to free speech, and can destroy the credibility of online information by transforming the Internet into a strictly-positive, censored environment. If the “right” is overextended, they will be correct. But, if this right is implemented properly in order to protect people’s privacy when appropriate, and done in a fashion that does not compromise true public interest, no harm will befall the First Amendment. After all, we already have laws that require the removal of adverse information from credit reports and from criminal records, laws that prohibit piracy, and laws that disallow the disclosure of trade secrets and confidential information. We just need to apply these laws to 21st Century communications media in a fair, organized, and open fashion that preserves liberties and the public interest while respecting all of our rights to privacy.
Congress should get busy and find the necessary balance between privacy and the right of the public to be informed.