Do you have the right to be forgotten online? In Europe, now you do.
The European Union's highest court ruled Tuesday that search engines such as Google -- the defendant in this case -- must evaluate requests, particularly from private citizens, to have links to damaging content removed from its search engines. If there's no public interest reason for the links to stay a part of the search engine's results, then they must be removed.
The case stems from a complaint filed by a Spanish doctor who found that references to a debt he'd paid still showed up prominently in Google search results for his name. But the ruling, which is now binding in all of the European Union's 28 member states, is the latest in what's emerged as a particularly European approach to the protection of online privacy.
The European Union has been far more aggressive than others on the issue of digital privacy, often butting heads with American companies that assert that the pressure to respond to requests to remove links, or to orders such as celebrity super injunctions, are a form of censorship. The argument is that Internet users have a right to freedom of expression and information, and that purging information from search engines, except in extreme cases, violates that freedom. Further complicating the question is that companies such as Google don't publish the content themselves but point to existing information -- raising questions about how liable they should be for information displayed on their services.
That's an argument that these companies have been far more successful in making to the U.S. government, which has generally taken a hands-off approach to digital privacy -- offering guidance and suggestions but few laws -- in favor of allowing industries to self-regulate. Even in its recent evaluation of large-scale corporate data collection and privacy, the White House limited its policy recommendations to situations where there's been a crime, such as the laws that govern how the government can access users' personal e-mail in investigations and how companies should react to data breaches. While the White House report did address questions of how the rights of U.S. and non-U.S. citizens are affected by large-scale, private-sector, data collection, it did not specifically address whether the United States should enact legislation to protect that privacy.
The American government's reluctance to enact broad privacy legislation has been a point of contention between it and European governments, particularly in light of revelations from former National Security Agency contractor Edward Snowden about the relationship between the U.S. government and private, U.S.-based tech firms.
But these issues have also been controversial within Europe. In an opinion ahead of the ruling, Advocate General of the European Court Niilo Jääskinen said that individuals should not be able to petition search engines to have information on themselves removed if the information was published legally.
Consequently, Tuesday's ruling came as a bit of a surprise to Google, which said that it is evaluating how the ruling will affect its business.
"This is a disappointing ruling for search engines and online publishers in general," Google said in a statement. "We are very surprised that it differs so dramatically from the Advocate General's opinion and the warnings and consequences that he spelled out. We now need to take time to analyse the implications."