OneTrust_Square Banner_300x250_DD_ROS_01_19

It’s been almost a week since the Court of Justice of the EU made history by ruling Google would have to provide its users, in specific circumstances, with the option of having links to information about them deleted. As my colleague Jedidiah Bracy, CIPP/US, CIPP/E, noted in his initial report on the decision on May 13, “An individual’s fundamental rights, the court also ruled, override ‘the economic interest of the operator of the search engine but also the interest of the general public’ in having that information. The exception would be the role played by the subject in public life and if the general public’s right to access the information is justified.”

In the days since, publications from across the globe featured headline after headline on the implications of this decision and the questions that remain.

A USA Today feature from Friday evening, May 16, quotes IAPP Europe Managing Director Rita Di Antonio, CIPP/E, who responded to the question of how the requirement will be put into practice.

"That's the question that everybody is asking themselves at this point," she told USA Today.

The article also quotes a statement from Google that “this is logistically complicated—not least because of the many languages involved and the need for careful review. As soon as we have thought through exactly how this will work, which may take several weeks, we will let our users know.”

Three days later, BloombergBusinessweek reported French data protection authority (DPA), the CNIL, indicated “more citizens are asking for help getting their personal information removed from search engines,” with CNIL President Isabelle Falque-Pierrotin commenting on how EU DPAs will enforce the ruling.

Amidst reports of some 1,000 takedown requests in the first days following the ruling, PC World reports, “In order to deal with these requests Google plans to release an online tool to implement a procedure for a right to be forgotten, or rather for the right not to be found, said Johannes Caspar, Hamburg’s Commissioner for Data Protection. The system will include an authentication mechanism to prevent unauthorized takedown requests, he added."

The report notes a Google spokesman would not comment on how the system would work, and highlights reactions from various EU DPAs.

Falque-Pierrotin is quoted by Bloomberg as saying, “The idea that companies like Google are too powerful to respect European rules—we’ve proven that idea wrong. It’s prompting citizen reactions.”

In an op-ed for The Guardian, however, Mark Stephens of the Global Network Initiative shares a very different perspective on the implications of the ruling.

“Last week's judgment by the European court of justice allowing anyone to demand that a search engine should remove unwanted information from its index—even if it is accurate, lawful and publicly available elsewhere—is a dangerous step in the wrong direction,” he writes, adding, “Since the ruling an ex-politician seeking re-election, a man convicted of possessing child abuse images and a doctor seeking to remove negative reviews from patients, are reported to be among the first to send takedown notices to Google. Privacy is a universal right that must be protected, but this overreaching judgment is far more likely to aid the powerful in attempts to rewrite history, than afford individuals more influence over their online identities.”

Prof. John Naughton, author of From Gutenberg to Zuckerberg: What You Really Need to Know About the Internet, writes for The Guardian on the question, “So, is the judgment the thin edge of a censorship wedge?” He continues, “We'll have to see how it pans out. After all, the ruling does not preclude anyone from publishing anything on a website (subject to the usual restrictions about libel, hate speech, Holocaust denial, etc.): It just makes that information harder to find. Why? Because if Google can't (or chooses not to) find a website, then for practical purposes that website doesn't exist.”

And a Forbes report takes a look at the clash between this “right to be forgotten” or “right not to be found,” as some are calling it, and the “right to know” in the U.S. In the report, journalist Daniel Fisher asks, "Will it create yet another World Wide Web, censored, like in China, to protect users from knowing too much? Or will it prove unworkable, as did Europe’s generally toothless regulations on the long-term storage of personal data?”

Meanwhile, Zeynep Tufekci writes for Medium on another potential ramification of the ruling, questioning, “Is there a right to forget a genocide? Or at least the ethnic divisions upon which a society fractured and bled? It may seem like an extreme jump, from drunken adolescent photos to genocide and ethnic cleansing, but the shape, and filters, of a society’s memory is always more than just about individual embarrassment or advancement. What we know about people, and how easily we can identify or classify them, is consequential far beyond jobs and dates, and in some contexts may make the difference between life and death.”

Without question, the questions around this decision and its implications are not going away.

Editor’s Note: The IAPP will host a web conference, “The European Court of Justice Google DecisionWhat Will the Impacts Be?” on Friday, May 30, to delve deeper into the ramifications of the decision and its implications going forward. The expert panel will include National Constitution Center President and CEO and George Washington University Law Prof. Jeffrey Rosen, European University Institute and University of Bologna Professor of Legal Informatics and Legal Theory Giovanni Sartor and Hogan Lovells Partner and Global Privacy Practice Head Christopher Wolf.

Written By

Jennifer Saunders, CIPP/US


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

The Privacy Core™ Library Has Evolved

Privacy Core™ e-learning essentials just expanded to include seven new units for marketers. Keep your data safe and your staff in the know!

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

Let’s Get You DPO Ready

There’s no better time to train than right now! We have all the resources you need to meet the challenges of the GDPR.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.


The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for DPO readiness. Learn more today.

Learn more about IAPP certification »

Are You Ready for the GDPR?

Check out the IAPP's EU Data Protection Reform page for all the tools and resources you need.

IAPP-OneTrust PIA Platform

New U.S. Government Agency privacy impact assessments - free to IAPP members!

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

Privacy Vendor List

Find a privacy vendor to meet your needs with our filterable list of global service providers.

More Resources »

Europe Data Protection Intensive 2017

The Intensive is sold out! But cancellations do happen—so hurry and get on the wait list in case more seats become available.

Global Privacy Summit 2017

The world’s premier privacy conference returns with the sharpest minds, unparalleled programs and preeminent networking opportunities.

Canada Privacy Symposium 2017

The Symposium returns to Toronto this spring and registration has opened! Take advantage of Early Bird rates and join your fellow privacy pros for another stellar program.

The Privacy Bar Section Forum 2017

The Privacy Bar Section Forum is sold out! But you can still add your name to the wait list, and we'll keep in touch about your status. Good luck!

Asia Privacy Forum 2017

Call for Speakers open! Join the Forum in Singapore for exclusive networking and intensive education on data protection trends and challenges in the Asia Pacific region.

Privacy. Security. Risk. 2017

We're bringing the best of the best in privacy and infosecurity to sunny San Diego. Early registration for P.S.R. opens May 1.

Europe Data Protection Congress 2017

Call for Speakers open! The Congress is your source for European policy debate, multi-level strategic thinking and thought-provoking discussion. Submit a proposal by March 19.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»