Last week, the Court of Justice of the European Union issued an important ruling that will oblige Google to from now on delete the personal data of those whose privacy is considered vulnerable. This decision ends the lawsuit filed by a Spanish citizen who requested that Google delete compromised data that had been indexed in its search engine for 16 years.
The origin of the lawsuit
In 1998 Mario Costeja, an expert calligrapher of Galician origin, ran ads in a national paper about the auction of a property that had been foreclosed upon by Social Security. This information remained registered online to the present, a fact that the plaintiff considered might damage his reputation given the information’s relationship with his divorce (despite the fact that he later paid off those debts). After the newspaper declined to remove the ads, in 2011 he turned to the Spanish Data Protection Agency to sue Google.
After passing through the National Tribunal and Google’s refusal to remove the content, the suit was brought before the Court of Justice of the European Union, which ruled against all expectations that from hereon out any user may directly petition the search engine for the removal from search results of content that involves them and negatively affects them.
What can you do to get your data removed?
Let’s be clear on one thing: Google does not store content related to you; it simply indexes it in its search engine, so that even if your name never appears in Google’s results, the URL that stores that information will remain live and will depend for its removal on the owner of the site. We’ve already talked here before the impossibility of trying to censor content given the immensity of the Internet, as shown by countries that have tried to dampen political confict using Internet censorship.
Although not the case in the Mario Costeja decision, most of the compromising information that appears on the Internet is likely to have arrived there due to user carelessness in sharing content indiscriminately on the web. Be that as it may, the competent authority has the final word. In this case Spain, since it has Google offices in the country, is obliged to comply with national regulations, in this case those of the mentioned Spanish Data Protection Agency. Although this is a public entity not related to the governing administration, it is unclear who will determine what can or cannot be censored.
What are the consequences of the ruling?
Now comes the truly worrying part, since we’ve already begun to see the first users who want to get their history deleted. According to the BBC, Google has already received petitions from a pedophile who wants his involvement and sentencing for child abuse removed from the Internet, a politician who wants to remove traces of his poor record and a doctor who wants to remove negative reviews from some of his patients.
Are we really talking here about private information or about burying dirt? There is no sense or validity in having the power to erase the remains of your past once it’s made its way into the public domain, in the same way that you can’t fix past mistakes. The real problem arises when petitions are made by massive numbers of people and Google has no choice but to either validate every petition or send all of them to the competent local authority.