Google may be headed for victory in EU right-to-be-forgotten indexing appeal
The top legal advisor for the European Court of Justice has recommended that delisting under RTBF not extend outside the EU.
Google appears poised to win an appeal of a 2015 decision of French privacy watchdog decision that data to be removed from Google’s EU index under the “right to be forgotten” (RTBF) could not remain in Google’s index anywhere. The case has global significance.
Global delisting demanded by France. The Commission Nationale de l’informatique et des Libertés (CNIL), the French data-protection authority, had demanded global delisting, saying that it was easy for individuals to circumvent removal from Google.fr by simply going to Google.com. While that position was logical, CNIL was effectively extending the reach of its authority to other countries beyond the boundaries of the EU — beyond its legal jurisdiction.
Google resisted the global delisting order and appealed to the Court of Justice of the European Union (ECJ), one of Europe’s two highest courts. In the interim, CNIL fined Google roughly €100,000 for non-compliance with its directive.
Court legal advisor agrees with Google. Yesterday, however, the ECJ’s top legal advisor, Advocate General Maciej Szpunar, issued an opinion that agrees with Google. It takes the position that the company should not be compelled to enforce RTBF beyond the EU. The opinion recommends that the ECJ “should limit the scope of the de-referencing that search engine operators are required to carry out.” The decision would apply equally to Microsoft’s Bing and search engines.
While this is a preliminary opinion, the ECJ typically follows the recommendations of the Advocate General according to European legal experts. A formal ruling from ECJ is expected later this year.
Why you should care. RTBF had limited marketing implications for brand reputation management. However if the ECJ were to side with CNIL it would have created a complex situation where EU authorities would potentially have been able to extend their jurisdictional and regulatory reach outside of Europe to other countries globally. That has already happened to some degree with GDPR.