A Spanish citizen has compelled Google to delete links to online newspaper articles that described the person’s debt problems in the 1990s. The European Court of Justice held that the information was ‘no longer relevant’ and it thus violated the man’s privacy for it to be available through an easy search. (A Spanish court had earlier refused to require the newspaper sites to take down the information, which was perfectly true.)
So: does this ruling make any sense at all, to impose the obligations of a ‘data controller’ on a search engine?
How can the search provider know for sure that people requesting the deletion of a link is who they say they are?
How can it judge whether the data sought to be erased could “appear to be inadequate, irrelevant or no longer relevant or excessive … in the light of the time that had elapsed”. The court said that even accurate data that had been lawfully published initially could “in the course of time become incompatible with the directive”.
The court said that there is a balancing public interest defence against deletion, especially if the individual is involved in public life – but how can the search provider know for sure?
The court also said that the existing EU directive on privacy from 1995 already contains a right to be forgotten. Do you think that Canadian law – PIPEDA or the provincial equivalents – also offers such a right?
Does it make a difference that the websites found through the Google links have not been required to delete the content that the plaintiff in this case found objectionable. Are we going back to ‘practical obscurity’? Or will people just have to find search providers not so subject to EU law (or Canadian, if the right is in our law too)?
Lots of opinions, pro and con, here. One commentator says that claims of impending disaster for search engines should be viewed with ‘icy scepticism’…
What would, or should, a Canadian court do?