Loading

Blog details

Right to be forgotten EU Scope

Right to be forgotten EU Scope

According to EU Court of Justice’s Advocate General, “right to be forgotten” should be limited to EU browsers’ domains.

French Data Supervisory Authority (CNIL) fined Google 100.000€ in 2015 for failing to comply with CNIL whole requirement regarding a “right to be forgotten” (right to erasure) request.

Whereas CNIL demanded Google to remove links from all of its search engine’s domain name extensions, the search engine simply removed the links from only the results displayed following a search performed on the domain names corresponding to the versions of its search engine in the Member States of the EU.

Advocate General Maciej Szpunar notes that extraterritorial effects cannot apply in this case due to the global nature of the internet, and underlines that the fundamental right to be forgotten must be balanced against other fundamental rights, such as the right to data protection and the right to privacy, as well as the legitimate public interest in accessing the information. Szpunar stresses that permitting a worldwide de-referencing would make tricky such balancing, as public interest in accessing information will necessarily vary from one third State to another depending on its geographic location.

Finally, Szpunar concludes that the search engine operator is not required, when acceding to a request for de-referencing, to carry out that de-referencing on all the domain names, but must take every measure available to it to ensure full and effective de-referencing within the EU, including by use of the ‘geo-blocking’ technique, in respect of an IP address deemed to be located in one of the Member States, irrespective of the domain name used by the internet user who performs the search.

Opinion can be accessed in the following link.

Do you require assistance with GDPR and Data Protection Act 2018 compliance? Aphaia provides both GDPR adaptation consultancy services, including data protection impact assessment, and Data Protection Officer outsourcing.

Prev post
EU cybersecurity law
January 4, 2019
Next post
EU AI Ethics guidelines overview
January 18, 2019

Leave a Comment