Google will not be forced by Europe to remove links to sensitive personal information globally about people under the “right to be forgotten” legislation.
In a landmark case, the European Court of Justice ruled that the “right to be forgotten” should only be enforced in Europe and not globally.
The case at Europe’s top court was brought after France’s privacy regulator, CNIL, ordered Google to globally remove links to pages containing damaging or false information about a person.
A year after that order was made in 2015, Google created a geoblocking feature that prevents European users only from seeing the delisted links.
However, Google will soon face similar restrictions in the US when the California Consumer Privacy Act comes into force on 1 January 2020. The law, the first of its kind in the US, gives Californians the “right to erasure”, whereby people have a right to ask a business to delete personal information about them. The key difference is that a business does not have to delete information that is received from third parties (from a consumer report or sales lead list, for example).
The “right to be forgotten” comes from a judgment in 2014 when Mario Costeja González sued Google to suppress search results about him that described his earlier financial troubles. The right has legal precedent in the UK, where journalists may not report “spent” prison convictions as news.
Google said just under half (45%) of links were delisted following 845,000 requests to remove 3.3 million web addresses since the “right to be forgotten” was established.