In a recent decision from the European Court of Justice, a Spanish man won a ruling against Google, after arguing that Google infringed his right of privacy when sensitive information from a newspaper about a former repossession of his home appeared in search results. He took his case originally to the Spanish Data Protection Agency, which ordered Google to remove the links. Google subsequently appealed. (See a full article here from NPR and an NPR interview with Meg Ambrose, a professor of communication, culture and technology at Georgetown University.)
A news release issued by the Court summarized the opinion by stating that one could request the removal of links to personal data that appear in search results if such data seem
"inadequate, irrelevant or no longer relevant, or excessive in relation
to the purposes for which they were processed." Importantly, the court determined that under the applicable EU Directive, a "search engine operator is responsible for the processing
that it carries out of personal data which appear on Web pages
published by third parties" and that a search engine operator is a "controller" with respect to that processing.
The decision interprets the EU's Directive on the protection of individuals with regard to the processing of personal data, and does not affect Google's operations in the United States. However, some efforts are being made in the U.S. with regard to the so-called "right to be forgotten." Meg Ambrose, in her interview with NPR, references a recent California law giving minors a recourse to remove content that they posted online.
On a related note, the first week of May was Choose Privacy Week, an ongoing program of the American Library Association (ALA). More information and resources are available from the ALA's Choose Privacy Week website here. The McKusick Law Library also offers resources related to online privacy. See our previous post here from Data Privacy Day (Jan. 28, 2014).
No comments:
Post a Comment