European Court Allows Old Online Users to Just Fade Away

Stephen DeAngelis

May 15, 2014

At the end of his 1951 farewell address to Congress, General Douglas MacArthur quoted a refrain from an old British army ballad that states “old soldiers never die, they just fade away.” Soldiers in the fight for online privacy may experience the same fate. Hayley Tsukayama rhetorically asks, “Do you have the right to be forgotten online?” To which she answers, “In Europe, now you do.” [“‘Right to be forgotten’ highlights sharp divide on U.S., European attitudes toward privacy,” Washington Post, 13 May 2014] Carol Matlack reports, “The European Union’s top court [has] ruled … that individuals can demand the removal of links and other information in search results that could threaten their privacy. People ‘have a right to be forgotten,’ the court said.” [“Europe Orders Google to Let People Sanitize Their Search Results,” Bloomberg BusinessWeek, 13 May 2014] Matlack explains what the European case involved.

“The case involved a Spanish man who wanted Google to delete a 16-year-old newspaper article about his house being auctioned off for failure to pay taxes. But the ruling, by the Luxembourg-based European Court of Justice, is binding on all 28 EU member countries and involves all search engine owners, not just Google. EU Justice Commissioner Viviane Reding called it ‘a clear victory for the protection of personal data of Europeans.'”

Tsukayama calls this “a particularly European approach to the protection of online privacy.” Earlier this month, the Obama administration jumped into the online privacy debate with the release of a report entitled “Big Data and Privacy: A Technological Perspective.” [Executive Office of the President of the United States, May 2014] To learn more about what that report recommends, read my post entitled “White House Advisors Weigh-in on Big Data Privacy.” I’m not sure you could call the White House study the “American approach”; but, clearly the U.S. approach is to tread cautiously in an area that has Constitutional implications. In another article, Tsukayama reports, “The decision, handed down by the Court of Justice of the European Union, puts the onus on search engine operators to field and evaluate appeals from individuals who want to have links to harmful or unflattering content removed from their services, even if the material was published legally or as part of media coverage or government postings. Along with its effect on Google, the decision has the potential to affect the operations of all search engines in Europe, including Yahoo and Microsoft’s Bing.” [“European court ruling on privacy could give boost to U.S. privacy advocates,” Washington Post, 13 May 2014]

 

Tsukayama reports that “Google said that it is disappointed in the ruling and is evaluating how it affects its larger business,” and “Yahoo indicated that it believes the ruling crosses a line into censorship.” The ruling, however, didn’t come as a complete surprise given European outrage over NSA spying revealed by Edward Snowden. Tsukayama explains:

“Privacy has been a hot-button topic in the United States and the European Union for years. But it has come to a head in light of the information leaked by former National Security Agency contractor Edward Snowden, which revealed just how much access the U.S. government has to information collected in the private sector. Those revelations sparked a stronger push for data protection in the EU, and this ruling follows hard on the heels of another pro-privacy ruling on data retention last month.”

Perhaps the biggest surprise resulting from the European court’s decision is that some privacy advocacy groups don’t support it. Matlack explains:

“The ruling drew sharp criticism from Internet privacy rights advocates who warned it could undermine freedom of speech. ‘The principle that you have a right to be forgotten is a laudable one, but it was never intended to be a way for people to rewrite history,’ says Emma Carr, acting director of the British group Big Brother Watch. ‘Search engines do not host information, and trying to get them to censor legal content from their results is the wrong approach.’ Big Brother Watch said that any removal of personal information should be ‘tackled at the source,’ not through intermediaries such as Google. A second data-protection advocacy group, London-based Open Rights Group, took a similar position, adding that the decision ‘has major implications for all kinds of Internet intermediaries,’ not just search engines.”

Freedom of speech concerns are shared by a number of groups. The New York Times‘ editorial board believes the ruling “could undermine press freedoms and free speech.” [“Ordering Google to Forget,” 13 May 2014] The editorial continues:

“The court said links could be removed if they were found to be ‘inadequate, irrelevant or no longer relevant.’ But the ruling provided little guidance to lower courts about how to decide when links should be removed. As a result, it could open the floodgates for people living in the 28 countries of the European Union to demand that Google and other search engines remove millions of links from search results. Such a purge would leave Europeans less well informed and make it harder for journalists and dissidents to have their voices heard. … The desire to allow individuals to erase data that they no longer wish to disclose is understandable. For example, there are good reasons to let people remove embarrassing photos and posts they published on social media as children or young adults. But lawmakers should not create a right so powerful that it could limit press freedoms or allow individuals to demand that lawful information in a news archive be hidden.”

Even though Tsukayama reports that “the ruling cannot be appealed,” it’s clear that the decision raises a number of concerns that still must be addressed. For example, the court noted that companies could reject requests to have material removed “if there’s a ‘preponderance’ of evidence that keeping the information online is in the public interest. The court, however, does not provide any guidance on how companies should evaluate that situation.” Tsukayama continues:

“The court does, however, say that individuals can appeal company decisions to national data protection agencies — a provision that opens companies up to potential fines by those agencies in cases of disagreement. Critics have warned that companies could opt to deal with the issue by removing all information identified in the complaints, opening up the system to abuse by those who wish to hide negative information from the public.”

Joel Reidenberg, a law professor at Fordham University and an expert on information law and privacy, told Tsukayama that “the European court’s ruling is unlikely to spark any fast movement among U.S. lawmakers, who have long dragged their feet in producing privacy legislation. … But it does add ammunition to those fighting for similar provisions in America, … by providing ‘a degree of international legal support.'” I have repeatedly argued that with so much at stake and so many interested parties involved, that all stakeholders need to collaborate and help develop rules that will foster the ethical collection, storage, and analysis of personal data. It’s too big of an issue to leave to any single interest group. The only thing I’m sure of right now is that the issue, unlike the old soldier, is not going to fade away.