The document discusses the recent EU court ruling that upheld a citizen's "right to be forgotten", requiring Google to remove outdated or irrelevant personal information from search results upon request. The key points are:
1) The EU court ruled that search engines like Google process and control personal data through their search results, and have a responsibility to protect users' privacy and right to be forgotten.
2) The ruling aims to balance an individual's right to have outdated or irrelevant data removed from search results with the public's right to access information.
3) Based on the ruling, EU citizens can now request search engines remove detrimental personal information to ensure their right to be forgotten, while balancing the interests of internet users.
This document discusses Freedom of Information (FOI) and the importance of local governments enacting FOI ordinances. It provides background on FOI in the Philippines and explains that while the national executive order on FOI does not bind local governments, an FOI ordinance is still needed at the local level. The document outlines key features that should be included in an FOI ordinance like centralized receiving of requests, online request portals, timeframes for responses, and standardized exemptions. It provides examples of local governments that have passed FOI ordinances and positive outcomes of implementing FOI like increased transparency, business opportunities, and informed citizens. The document was authored by a lawyer practicing in Occidental Mindoro who teaches about FOI.
Freedom of Information, What do We Know?Kieran Lamb
This document summarizes key information about freedom of information and data protection legislation in the UK. It discusses the Freedom of Information Act 2000 and the Data Protection Act 1998, outlining public authorities' obligations to respond to requests about information held and personal data within certain timeframes. It provides guidance on recognizing FOI requests, individuals' rights to information and personal data, and the duties of public authorities to assist requests and confirm or deny if information is held.
Privacy and Access to Information Law - Lecture 1James Williams
The first lecture from Law 3040X.03, Privacy and Access to Information Law. This lecture was given in January 2013 at Osgoode Hall Law School, York University. The rest of our slides are for students only.
The Treaty of Lisbon, which came into effect in 2009, aimed to make the European Union more democratic, efficient, global, and free. It strengthened the role of the European Parliament and national parliaments. It also sought to make the EU institutions more transparent and accountable while protecting fundamental rights and values like social justice, non-discrimination, and environmental protection. The changes sought to build a Europe with greater prosperity, security, and opportunity for its citizens.
Presentation by Ric Hobby, VP Regulatory, Government and Industry Affairs, Herbalife International at the International Life Sciences Institute Seminar in Taiwan, 2014
Asylum Procedures in the EU_A Method in the Madness_by Elisabeth VosElisabeth Vos LL.M.
This document is a thesis that analyzes whether Article 23(1) of the EU Procedures Directive, which restricts the scope of legal representation for asylum applicants, is consistent with the fundamental right to an effective remedy.
The thesis begins by outlining the legal context of the right to an effective remedy under international, European, and EU law. It then discusses the Common European Asylum System and the EU Procedures Directive, focusing on Article 23(1) which leaves discretion to Member States regarding legal assistance.
The thesis will then analyze Article 23(1) to determine if it restricts fundamental rights and ensure effective judicial protection. It will assess the impact of Member State discretion and the potential threats
Human rights are inherent to all humans regardless of attributes and should be respected by governments. The UN Universal Declaration of Human Rights established core human rights in 30 articles and calls on nations to promote these rights. Children's rights are also outlined in the Convention on the Rights of the Child which defines rights to a child's normal development and protection wherever they are. Human rights and protecting children are fundamental values to ensure people's safety and ability to develop freely.
This document discusses Freedom of Information (FOI) and the importance of local governments enacting FOI ordinances. It provides background on FOI in the Philippines and explains that while the national executive order on FOI does not bind local governments, an FOI ordinance is still needed at the local level. The document outlines key features that should be included in an FOI ordinance like centralized receiving of requests, online request portals, timeframes for responses, and standardized exemptions. It provides examples of local governments that have passed FOI ordinances and positive outcomes of implementing FOI like increased transparency, business opportunities, and informed citizens. The document was authored by a lawyer practicing in Occidental Mindoro who teaches about FOI.
Freedom of Information, What do We Know?Kieran Lamb
This document summarizes key information about freedom of information and data protection legislation in the UK. It discusses the Freedom of Information Act 2000 and the Data Protection Act 1998, outlining public authorities' obligations to respond to requests about information held and personal data within certain timeframes. It provides guidance on recognizing FOI requests, individuals' rights to information and personal data, and the duties of public authorities to assist requests and confirm or deny if information is held.
Privacy and Access to Information Law - Lecture 1James Williams
The first lecture from Law 3040X.03, Privacy and Access to Information Law. This lecture was given in January 2013 at Osgoode Hall Law School, York University. The rest of our slides are for students only.
The Treaty of Lisbon, which came into effect in 2009, aimed to make the European Union more democratic, efficient, global, and free. It strengthened the role of the European Parliament and national parliaments. It also sought to make the EU institutions more transparent and accountable while protecting fundamental rights and values like social justice, non-discrimination, and environmental protection. The changes sought to build a Europe with greater prosperity, security, and opportunity for its citizens.
Presentation by Ric Hobby, VP Regulatory, Government and Industry Affairs, Herbalife International at the International Life Sciences Institute Seminar in Taiwan, 2014
Asylum Procedures in the EU_A Method in the Madness_by Elisabeth VosElisabeth Vos LL.M.
This document is a thesis that analyzes whether Article 23(1) of the EU Procedures Directive, which restricts the scope of legal representation for asylum applicants, is consistent with the fundamental right to an effective remedy.
The thesis begins by outlining the legal context of the right to an effective remedy under international, European, and EU law. It then discusses the Common European Asylum System and the EU Procedures Directive, focusing on Article 23(1) which leaves discretion to Member States regarding legal assistance.
The thesis will then analyze Article 23(1) to determine if it restricts fundamental rights and ensure effective judicial protection. It will assess the impact of Member State discretion and the potential threats
Human rights are inherent to all humans regardless of attributes and should be respected by governments. The UN Universal Declaration of Human Rights established core human rights in 30 articles and calls on nations to promote these rights. Children's rights are also outlined in the Convention on the Rights of the Child which defines rights to a child's normal development and protection wherever they are. Human rights and protecting children are fundamental values to ensure people's safety and ability to develop freely.
The Right to Be Forgotten in European Search ResultsGreg Sterling
The Court of Justice ruled that an internet search engine operator is responsible under EU data protection law for processing personal data found on third party websites. It held that search engines like Google collect, organize and store personal data through their indexing programs, amounting to processing under the law. The operator must ensure its activities comply with requirements to protect individuals' privacy and personal data. The Court also ruled that search engines may be required to remove links to third party web pages containing personal information from search results at an individual's request, if keeping the links would be incompatible with EU law due to the information being inadequate, irrelevant or excessive.
Press release court of justice the right to be forgottenMonica Lupașcu
The Court of Justice ruled that an internet search engine operator is responsible under EU data protection law for processing personal data found on third party websites. It held that search engines like Google collect, organize and store personal data through their indexing programs, amounting to processing under the law. The operator must ensure its activities comply with requirements to protect individuals' privacy and personal data. The Court also ruled that search engines may be required to remove links to third party web pages containing personal information from search results at an individual's request, if keeping the links would be incompatible with EU law due to the information being inadequate, irrelevant or excessive.
The document discusses the "right to be forgotten" ruling by the European Court of Justice that search engines like Google must remove inadequate, irrelevant or excessive personal information from search results upon request. It provides background on the case that prompted the ruling involving a Spanish man seeking removal of outdated information about debts. The ruling has been both praised and criticized for its implications on privacy rights versus free expression. There is debate around whether similar laws could exist in the United States given its different legal framework around privacy and data protection.
Right to be forgotten is the rule to remove any data from the internet sources. This report analyses about the laws and rights of European court for data protection.
https://www.assignmentprime.com/law-assignment-writing-help
Report of the advisory committee to google on the right to be forgottenGreg Sterling
The Advisory Council to Google on the Right to be Forgotten issued a report summarizing its advice to Google on how to evaluate requests to delist search results based on an individual's name. The report outlines 4 primary criteria for assessment: 1) the data subject's role in public life, 2) the nature of the information, 3) the source of the information, and 4) the time elapsed. It provides guidance on how these criteria should influence Google's required balancing of the individual's privacy rights versus public interest in access to information. The report was based on the Council's expertise, independent views, and evidence from experts heard during public consultations across Europe.
European Data Protection, the Right to be Forgotten and Search EnginesDavid Erdos
Provides background and explores the interpretation and enforcement of search engines' obligations under European data protection almost four years on from Google Spain (2014) and on the cusp of the new GDPR era. Focuses on four ongoing controversies: (i) the scope of such responsibilities under DP, (ii) the regulation of sensitive persona data, (iii) the legitimacy of webmaster notification and (iv) the geographical scope of action required.
Guidelines on the implementation of the Court of Justice of the European UnionSilesia SEM
This document provides guidelines for implementing a recent European Court of Justice ruling regarding search engines and the right to be delisted. Some key points:
- Search engines are data controllers subject to EU data protection law when processing personal data through their services.
- Individuals have the right to request delisting of specific search results that are inadequate, irrelevant or excessive in relation to their data protection rights.
- Delisting a result does not remove the underlying content, only the search result link.
- National data protection authorities will consider criteria like the public interest in the information when reviewing delisting requests.
- Search engines must comply with delisting decisions across all relevant domains to fully protect individuals' rights.
This document provides guidelines for implementing a European Court of Justice ruling regarding a person's right to request removal of search engine links to personal information. It summarizes that search engines are data controllers subject to EU data protection law. When a search is done by name, the search engine processing can significantly affect privacy rights by enabling users to compile an extensive profile about a person. The rights of the data subject generally take priority over the economic interests of the search engine or public's interest in the information. National data protection authorities will consider various criteria on a case-by-case basis when evaluating removal requests.
EU Guidelines On The Right To Be Forgotten Implementation November 2014Krishna De
Right To Be Forgotten Implementation Guidelines - see original article here http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp225_en.pdf
This has been added to SlideShare for students on my Online Reputation workshops - see a curation of content about this legislation here http://bgn.bz/righttobeforgotten
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
The document summarizes the key aspects of the Right to be Forgotten case between Google and Mario Costeja González. The European Court of Justice ruled that search engines like Google must allow individuals to request the removal of inadequate or irrelevant personal information from search results. Specifically:
1) The court found search engines are processing personal data and must comply with data protection laws.
2) Google was required to remove links to personal information from search results if the data subject can no longer demonstrate its relevance.
3) However, exceptions may apply if the individual played a role in public life and there is a preponderant public interest in the information.
4) The decision leaves open questions around the responsibilities
Factsheet on the "Right to be Forgotten" rulingSilesia SEM
This document discusses a 2014 European Court of Justice ruling regarding a "right to be forgotten" case involving a Spanish citizen's request to have certain personal information about him removed from search results. The court ruled that:
1) EU data protection law can apply to companies even if their servers are located outside of Europe, as long as they have a presence in an EU country.
2) Search engines are subject to EU data protection rules and individuals have a right to request the removal of inadequate, irrelevant or excessive personal information from search results.
3) This right is not absolute and must be balanced against other rights like freedom of expression; requests will be evaluated on a case-by-case basis.
This document summarizes a 2014 ruling by the European Court of Justice establishing an individual's "right to be forgotten". The court ruled that:
1) EU data protection law can apply to companies like Google even if their servers are located outside of Europe, if they have a presence in an EU member state.
2) Search engines are subject to EU data protection rules and individuals have a right to request the removal of inadequate, irrelevant or excessive personal information from search results.
3) This right is not absolute but must be balanced with other rights like freedom of expression. A case-by-case assessment of factors like the information's sensitivity and the public interest is required.
The document also discusses how
Artificial Intelligence isn't just an overly imaginary pipe dream anymore. So what if algorithm starts mining for you after your gone? Or still hear, point is nobody can assume it couldn't.
SOMETHING TO CONSIDER
This document provides an overview of privacy in online communication and data protection laws. It discusses:
1) How the EU has laws like the 1995 Data Protection Directive and 2009 ePrivacy Directive to regulate personal data processing and require consent for cookies.
2) Differences between EU and US privacy laws, with the US having a combination of legislation and self-regulation instead of comprehensive data protection.
3) Examples of messaging apps Telegram and WhatsApp, which take different approaches to prioritizing customers' privacy within legal bounds.
The document discusses privacy issues related to personal information shared online. It notes that while people think their online data is private, companies like Google find this data very valuable. There are complex questions around who owns personal information and how individuals can control how it is used. The document outlines Europe's recognition of the "right to be forgotten" where search engines must delete inadequate or irrelevant personal data upon request. This establishes search engines' responsibility over the content they link to. The ruling could allow deletion of embarrassing photos or insults from social media and benefit public figures in Uganda who have faced negative publicity from leaked information. The government must recognize dangers in collecting personal data and empower citizens to protect their own information from corporate and government interests.
This document provides an overview of data privacy and the General Data Protection Regulation (GDPR). It begins with an introduction to the context and definitions of key terms. The main principles of GDPR are outlined, including accountability, consumer rights, privacy by design, security, and penalties. Requirements for processing activities, risk analysis, training, and designating a data privacy officer are also summarized. The document discusses potential consequences of GDPR for companies and provides context for developing an effective methodology for compliance.
The document provides an overview of the General Data Protection Regulation (GDPR) that goes into effect in the European Union on May 25, 2018. Some key points:
- GDPR strengthens data protection rights for EU citizens and applies to any organization that collects data from EU individuals, regardless of location.
- It establishes high fines for noncompliance (up to 4% of global revenue or 20 million euros) and requires clear and easy-to-withdraw consent for data collection and use.
- Individuals have new rights regarding their data, including rights to access, correct, and delete personal data, and object to automated decision making. Organizations must also notify about data breaches.
- While
1) The document discusses the development of the right to be forgotten (RTBF) in Asia, focusing on key examples from Japan, South Korea, and other Asian countries.
2) It describes a recent Japanese court case that denied a citizen's RTBF request to remove an arrest record from search results, as well as new non-binding guidelines in South Korea strengthening citizens' RTBF.
3) The author expects more RTBF developments across Asia and anticipates Google will strongly oppose RTBF in Asia, as it has in the EU, though the implementation will primarily focus on removing content accessibility, not availability.
The Right to Be Forgotten in European Search ResultsGreg Sterling
The Court of Justice ruled that an internet search engine operator is responsible under EU data protection law for processing personal data found on third party websites. It held that search engines like Google collect, organize and store personal data through their indexing programs, amounting to processing under the law. The operator must ensure its activities comply with requirements to protect individuals' privacy and personal data. The Court also ruled that search engines may be required to remove links to third party web pages containing personal information from search results at an individual's request, if keeping the links would be incompatible with EU law due to the information being inadequate, irrelevant or excessive.
Press release court of justice the right to be forgottenMonica Lupașcu
The Court of Justice ruled that an internet search engine operator is responsible under EU data protection law for processing personal data found on third party websites. It held that search engines like Google collect, organize and store personal data through their indexing programs, amounting to processing under the law. The operator must ensure its activities comply with requirements to protect individuals' privacy and personal data. The Court also ruled that search engines may be required to remove links to third party web pages containing personal information from search results at an individual's request, if keeping the links would be incompatible with EU law due to the information being inadequate, irrelevant or excessive.
The document discusses the "right to be forgotten" ruling by the European Court of Justice that search engines like Google must remove inadequate, irrelevant or excessive personal information from search results upon request. It provides background on the case that prompted the ruling involving a Spanish man seeking removal of outdated information about debts. The ruling has been both praised and criticized for its implications on privacy rights versus free expression. There is debate around whether similar laws could exist in the United States given its different legal framework around privacy and data protection.
Right to be forgotten is the rule to remove any data from the internet sources. This report analyses about the laws and rights of European court for data protection.
https://www.assignmentprime.com/law-assignment-writing-help
Report of the advisory committee to google on the right to be forgottenGreg Sterling
The Advisory Council to Google on the Right to be Forgotten issued a report summarizing its advice to Google on how to evaluate requests to delist search results based on an individual's name. The report outlines 4 primary criteria for assessment: 1) the data subject's role in public life, 2) the nature of the information, 3) the source of the information, and 4) the time elapsed. It provides guidance on how these criteria should influence Google's required balancing of the individual's privacy rights versus public interest in access to information. The report was based on the Council's expertise, independent views, and evidence from experts heard during public consultations across Europe.
European Data Protection, the Right to be Forgotten and Search EnginesDavid Erdos
Provides background and explores the interpretation and enforcement of search engines' obligations under European data protection almost four years on from Google Spain (2014) and on the cusp of the new GDPR era. Focuses on four ongoing controversies: (i) the scope of such responsibilities under DP, (ii) the regulation of sensitive persona data, (iii) the legitimacy of webmaster notification and (iv) the geographical scope of action required.
Guidelines on the implementation of the Court of Justice of the European UnionSilesia SEM
This document provides guidelines for implementing a recent European Court of Justice ruling regarding search engines and the right to be delisted. Some key points:
- Search engines are data controllers subject to EU data protection law when processing personal data through their services.
- Individuals have the right to request delisting of specific search results that are inadequate, irrelevant or excessive in relation to their data protection rights.
- Delisting a result does not remove the underlying content, only the search result link.
- National data protection authorities will consider criteria like the public interest in the information when reviewing delisting requests.
- Search engines must comply with delisting decisions across all relevant domains to fully protect individuals' rights.
This document provides guidelines for implementing a European Court of Justice ruling regarding a person's right to request removal of search engine links to personal information. It summarizes that search engines are data controllers subject to EU data protection law. When a search is done by name, the search engine processing can significantly affect privacy rights by enabling users to compile an extensive profile about a person. The rights of the data subject generally take priority over the economic interests of the search engine or public's interest in the information. National data protection authorities will consider various criteria on a case-by-case basis when evaluating removal requests.
EU Guidelines On The Right To Be Forgotten Implementation November 2014Krishna De
Right To Be Forgotten Implementation Guidelines - see original article here http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2014/wp225_en.pdf
This has been added to SlideShare for students on my Online Reputation workshops - see a curation of content about this legislation here http://bgn.bz/righttobeforgotten
The Right To Be Forgotten in the Google Spain Case (case C-131/12): A Clear V...ioannis iglezakis
The document summarizes the key aspects of the Right to be Forgotten case between Google and Mario Costeja González. The European Court of Justice ruled that search engines like Google must allow individuals to request the removal of inadequate or irrelevant personal information from search results. Specifically:
1) The court found search engines are processing personal data and must comply with data protection laws.
2) Google was required to remove links to personal information from search results if the data subject can no longer demonstrate its relevance.
3) However, exceptions may apply if the individual played a role in public life and there is a preponderant public interest in the information.
4) The decision leaves open questions around the responsibilities
Factsheet on the "Right to be Forgotten" rulingSilesia SEM
This document discusses a 2014 European Court of Justice ruling regarding a "right to be forgotten" case involving a Spanish citizen's request to have certain personal information about him removed from search results. The court ruled that:
1) EU data protection law can apply to companies even if their servers are located outside of Europe, as long as they have a presence in an EU country.
2) Search engines are subject to EU data protection rules and individuals have a right to request the removal of inadequate, irrelevant or excessive personal information from search results.
3) This right is not absolute and must be balanced against other rights like freedom of expression; requests will be evaluated on a case-by-case basis.
This document summarizes a 2014 ruling by the European Court of Justice establishing an individual's "right to be forgotten". The court ruled that:
1) EU data protection law can apply to companies like Google even if their servers are located outside of Europe, if they have a presence in an EU member state.
2) Search engines are subject to EU data protection rules and individuals have a right to request the removal of inadequate, irrelevant or excessive personal information from search results.
3) This right is not absolute but must be balanced with other rights like freedom of expression. A case-by-case assessment of factors like the information's sensitivity and the public interest is required.
The document also discusses how
Artificial Intelligence isn't just an overly imaginary pipe dream anymore. So what if algorithm starts mining for you after your gone? Or still hear, point is nobody can assume it couldn't.
SOMETHING TO CONSIDER
This document provides an overview of privacy in online communication and data protection laws. It discusses:
1) How the EU has laws like the 1995 Data Protection Directive and 2009 ePrivacy Directive to regulate personal data processing and require consent for cookies.
2) Differences between EU and US privacy laws, with the US having a combination of legislation and self-regulation instead of comprehensive data protection.
3) Examples of messaging apps Telegram and WhatsApp, which take different approaches to prioritizing customers' privacy within legal bounds.
The document discusses privacy issues related to personal information shared online. It notes that while people think their online data is private, companies like Google find this data very valuable. There are complex questions around who owns personal information and how individuals can control how it is used. The document outlines Europe's recognition of the "right to be forgotten" where search engines must delete inadequate or irrelevant personal data upon request. This establishes search engines' responsibility over the content they link to. The ruling could allow deletion of embarrassing photos or insults from social media and benefit public figures in Uganda who have faced negative publicity from leaked information. The government must recognize dangers in collecting personal data and empower citizens to protect their own information from corporate and government interests.
This document provides an overview of data privacy and the General Data Protection Regulation (GDPR). It begins with an introduction to the context and definitions of key terms. The main principles of GDPR are outlined, including accountability, consumer rights, privacy by design, security, and penalties. Requirements for processing activities, risk analysis, training, and designating a data privacy officer are also summarized. The document discusses potential consequences of GDPR for companies and provides context for developing an effective methodology for compliance.
The document provides an overview of the General Data Protection Regulation (GDPR) that goes into effect in the European Union on May 25, 2018. Some key points:
- GDPR strengthens data protection rights for EU citizens and applies to any organization that collects data from EU individuals, regardless of location.
- It establishes high fines for noncompliance (up to 4% of global revenue or 20 million euros) and requires clear and easy-to-withdraw consent for data collection and use.
- Individuals have new rights regarding their data, including rights to access, correct, and delete personal data, and object to automated decision making. Organizations must also notify about data breaches.
- While
1) The document discusses the development of the right to be forgotten (RTBF) in Asia, focusing on key examples from Japan, South Korea, and other Asian countries.
2) It describes a recent Japanese court case that denied a citizen's RTBF request to remove an arrest record from search results, as well as new non-binding guidelines in South Korea strengthening citizens' RTBF.
3) The author expects more RTBF developments across Asia and anticipates Google will strongly oppose RTBF in Asia, as it has in the EU, though the implementation will primarily focus on removing content accessibility, not availability.
1. 56 July 2014 | LegalEra | www.legalera.in
Let’s Uphold
Human
beings tend
to remember some things and forget
others. Some incidents and events get
etched in our collective consciousness
while some just don’t stick. So, some
event that occurred centuries ago
may be known to all and sundry but
something that occurred a month
ago may be forgotten by most. In
today’s digital age, however, our
collective consciousness has come
to be represented as Google search.
What occurred centuries ago and
what occurred yesterday, including
a passing inconsequential remark,
remain etched in Google’s memory.
Thus, nothing is now ever forgotten.
But nature has its ways for a reason.
We remember for a reason and forget
for a reason. It would not be feasible
to live in peace if our past lives were
latched on to our backs at all times.
One must learn from the past but
to move into the future, some of the
past has to be let gone. That deletion
work is done naturally by our fading
memories. We forget what need not
be remembered so that we may live
in peace and also enabling the other
person concerned to live in peace, so
that no one’s past can haunt them
forever.
This natural cycle has been broken
and now not only one’s past but
every miniscule detail of that past is
remembered, recorded and available
just a click away. Is that healthy?
Or should something be done
so that nature has its way and some
things can be forgotten? What can
and should be done? Is there any
legal recourse? But how can there
be any legal recourse unless
there is a legal right to be forgotten?
Right to be forgotten implies that any
information about one’s self that gets
unearthed and is kept alive by search
engines can be demanded to be
stashed away by the person concerned
in certain cases as s/he has a right to
be forgotten. The information may
still exist at the source but it need
not be brought to the fore by a search
engine.
The European Union has for some
time been contemplating “the right
to be forgotten.” In 2012, a proposal
was made for a Regulation that would
incorporate “right to be forgotten.”
[http://ec.europa.eu/justice/data-protection/
document/review2012/com_2012_11_en.pdf]
Alongside, a Spanish man has been
battling for the enforcement of his
“right to be forgotten” before the
European Court of Justice. His right
to be forgotten has now been upheld
by the ECJ. [http://curia.europa.eu/
jcms/upload/docs/application/pdf/2014-05/
cp140070en.pdf; http://curia.europa.eu/juris/
document/document.jsf;jsessionid=9ea7d0f130
d564636cbfe10940d09972f8c622d2228f.e34Ka
xiLc3eQc40LaxqMbN4OaNmQe0?text=&docid
=152065&pageIndex=0&doclang=EN&mode=r
eq&dir=&occ=first&part=1&cid=73529]
In Google Spain SL, Google Inc. v
AgenciaEspañola de Protección de
Datos, Mario Costeja González, the
European Court of Justice held that
EU citizens have a right to ask search
engines to hide publicly available data
Google
EU
V/S
The
2. 57www.legalera.in | LegalEra | July 2014
Editorial
the data no longer appeared in the
search results and in the links to La
Vanguardia.
The AEPD rejected the complaint
against La Vanguardia, taking the
view that the information in question
had been lawfully published by
it. However, the complaint was
upheld as regards Google Spain and
Google Inc. Consequently, Google
Spain and Google Inc. brought
two actions before the Audiencia
Nacional (National High Court,
Spain), claiming that the AEPD’s
decision should be annulled. It is in
this context that the Spanish court
referred a series of questions to
the European Court of Justice. The
court upheld González’s right to have
irrelevant information about himself
stashed away by search engines.
The EU ruling can
be broken down and
understood as follows:
1. Search engines are processing
information
Court noted that by searching
automatically, constantly and
systematically for information
published on the internet, the
operator of a search engine ‘collects’
data within the meaning of the
Directive 95/46/EC. The operator
within the framework of its indexing
programmes, ‘retrieves’, ‘records’
and ‘organises’ the data in question,
which it then ‘stores’ on its servers
and, as the case may be, ‘discloses’
and ‘makes available’ to its users in
the form of lists of results. Thus, the
operator is ‘processing’ information
even where they exclusively concern
material that has already been
published as it stands in the media.
2. Search engines control what
data shall appear in search
results
The Court further holds that the
operator of the search engine is
the ‘controller’ in respect of that
processing as the operator determines
the purposes and means of the
Protección de Datos (Spanish Data
Protection Agency, the AEPD)
against La VanguardiaEdiciones
SL (the publisher of a daily news
paper in Spain) and Google Spain
and Google Inc. requesting that
La Vanguardia be required either
to remove or alter the pages in
question (so that the personal data
relating to him no longer appeared)
or to use certain tools made available
by search engines in order to protect
the data. He also requested that
Google Spain or Google Inc. be
required to remove or conceal the
personal data relating to him so that
from queries for their own names.
The case deals with the woes of
Costeja González who in 2009
discovered that a Google search of
his name pulled up legal notices from
the late 1990s concerning a real -
estate auction organised following
attachment proceedings for the
recovery of social security debts
owed by him. These he contended
were long settled and hence, were
irrelevant. Yet, the ghost of these
notices continued to haunt him
and attached a permanent taint to
his name. He lodged a complaint
with the Agencia Española de
to be forgotten and
shrugging the past off
their backs. However,
in a majority of
cases, there is a
need to keep balance
between the right to
information and the
right to be
Pursuant to the
EUruling
against
Googlecitizens of
the EU can ask
search engines to
remove data that is
detrimental
to them,
ensuring theirright
forgotten
by Fatima Ansari
,
3. 58 July 2014 | LegalEra | www.legalera.in
Let’s Uphold
the purposes for which they were
processed and in the light of the time
that has elapsed.
The Court adds that, when
appraising such a request made by
the data subject in order to oppose
the processing carried out by the
operator of a search engine, it should
in particular be examined whether
the data subject has a right that the
information in question relating to
him personally should, at this point in
time, no longer be linked to his name
by a list of results that is displayed
following a search made on the
basis of his name. If that is the case,
the links to web pages containing
that information must be removed
from that list of results, unless there
are particular reasons, such as the
role played by the data subject in
public life, justifying a preponderant
interest of the public in having
access to the information when such a
search is made.
6. Request to remove
information to be made to
search engine operator; failing
which to appropriate authority
The Court points out that the data
subject may address such a request
directly to the operator of the
search engine (the controller) which
must then duly examine its merits.
Where the controller does not
grant the request, the data subject
may bring the matter before the
supervisory authority or the judicial
authority so that it carries out the
necessary checks and orders the
controller to take specific measures
accordingly.
Thus, pursuant to the EU ruling
against Google, citizens of the EU can
ask search engines to remove data that
is detrimental to them ensuring their
right to be forgotten and shrugging
the past off their backs.
important role played by the internet
and search engines in modern
society, which render the information
contained in such lists of results
ubiquitous. In the light of its potential
seriousness, such interference cannot,
according to the Court, be justified by
merely the economic interest which
the operator of the engine has in the
data processing.
4. Fair balance to be sought
between right to information
and right to forget
While allowing the right to be
forgotten, the court also takes into
consideration the legitimate interest
of internet users potentially interested
in having access to that information.
The Court holds that a fair balance
should be sought in particular
between that interest and the data
subject’s fundamental rights, in
particular, the right to privacy and
the right to protection of personal
data. The data subject’s rights
override the interest of internet users.
The balance depends on the nature
of the information in question and
its sensitivity for the data subject’s
private life and on the interest of the
public in having that information.
This interest of the public in having
the information may vary. It shall be
affected, in particular, according to
the role played by the data subject in
public life.
5. Requests to remove data can
be reappraised as nature of data
may change with time
If it is found, following a request by
the data subject, that the inclusion
of certain links in the list is, at this
point in time, incompatible with the
directive, the links and information
in the list of results must be erased.
The Court observes in this regard
that even initially lawful processing
of accurate data may, in the course
of time, become incompatible with
the directive where, having regard
to all the circumstances of the
case, the data appears to be
inadequate, irrelevant or no longer
relevant, or excessive in relation to
processing. As long as the activity
of a search engine is additional to
that of the publishers of websites
and is liable to affect significantly
the fundamental rights to privacy
and to protection of personal data,
the operator of the search engine
must ensure, within the framework
of its responsibilities, powers
and capabilities, that its activity
complies with the directive’s privacy
requirements.
3. Search engines generate
a profile for the person that
could not have been generated
otherwise and hence have a
responsibility to maintain
peoples’ right to privacy
The operator is, in certain
circumstances, obliged to remove
links to web pages that are published
by third parties and contain
information relating to a person from
the list of results displayed following
a search made on the basis of that
person’s name. The Court makes it
clear that such an obligation may also
exist in a case where that name or
information is not erased beforehand
or simultaneously from those web
pages, and even, as the case may be,
when its publication in itself on those
pages is lawful.
The Court points out in this context
that processing of personal data
carried out by such an operator
enables any internet user, when he
makes a search on the basis of an
individual’s name, to obtain, through
the list of results, a structured
overview of the information relating
to that individual on the internet.
The Court observes, furthermore,
that this information potentially
concerns a vast number of aspects
of his private life and that, without
the search engine, the information
could not have been interconnected
or could have been only with great
difficulty. Internet users may thereby
establish a more or less detailed
profile of the person searched
against. Furthermore, the effect of
the interference with the person’s
rights is heightened on account of the
Disclaimer – Statements and opinions
expressed in this article are those from the
editorial and are well researched from various
sources. The content in the article is purely
informative.