It came as serendipitous when on Tuesday the Guardian newspaper uncovered hidden source code in Google’s own transparency report that revealed the true nature of the tech giant’s “right to be forgotten” requests, a concept that has garnered a lot of controversy over the past year.
After refusing to make public any details about these requests, Google have come away red-faced after leaking information it sought to conceal. According to the Guardian’s findings, the source code indicates the types of requests submitted as well as details about the individuals who made requests. The vast majority of requests have been made by citizens out to protect their personal and private data, rather than by criminals and terrorists, an argument that that was often peddled by British politicians, including culture secretary Sajid Javid.
Out of a total of 220,000 requests, less than 5% concerned criminals, terrorists, and high-profile public figures, with over 95% of the requests coming from individual members of the public. The data covers more than three-quarters of all requests to date.
Right To Be Forgotten
The right to be forgotten has been in place in the European Union and Argentina since 2006. The right falls under the EU’s data protection laws, which seek to protect individuals from potentially damaging and/or private information being readily available online. Essentially, the right allows individuals to request that outdated, inaccurate, or irrelevant information be removed from Google search results, particularly information that is damaging to an individual’s reputation. In 1995 the EU introduced the European Data Protection Directive to regulate the processing of personal data and the right is now considered an integral component of human rights law. The right has a longstanding tradition in the UK and France, though it has been treated with suspicion in the US where critics are concerned that the right will impede the freedom of information, which is embodied in the First Amendment of the US constitution; “Congress shall make no law… abridging the freedom of speech”.
Whether or not the right is accepted in the US remains to be seen. A longstanding critic of Google’s privacy record, the Santa Monica-based advocacy group Consumer Watchdog, has asked the Federal Trade Commission to make Google recognize the right to be forgotten in the US. However, staunch supporters of the status quo argue that search engines provide an indispensable and indelible catalog of human behavior, and that Google and other search engine operators shouldn’t be required to use their power to edit that record. What’s more, critics have argued that the right to be forgotten could be used to misinform people about malicious or dangerous individuals, though as this leak demonstrates, the right serves an important purpose for non-threatening individuals who seek to protect their privacy.
The right has and continues to be a controversial issue, since it is difficult to establish it as an international human right due to its discord with already established rights, including the freedom of expression and the right to privacy, as well as issues concerning online censorship. There have also been concerns about the right to be forgotten leading to vengeful attacks on those who have exercised the right, including so called “revenge porn sites” in search engine listings under a person’s name, or references to petty crimes committed many years ago, attacks which could indelibly stain a person’s reputation or social status.
González Versus Google
In May last year Google Spain faced court proceedings when a Spanish man, Mario Costeja González, sued a Spanish newspaper’s website for publications concerning a government-backed real estate auction following attachment proceedings to recover social security debts that the man owed. The information was originally published in print in 1998 though it was later republished on the newspaper’s website.
González argued that the newspaper’s website and Google should remove the information about the auction, which showed up in searches on his name, because it infringed upon his right to privacy and because it was no longer relevant to his current situation. The Court of Justice of the European Union ruled in favour of the newspaper, allowing them to keep the information on its website, while Google were ordered to remove the links to those pages from its index.
Under European data protection laws, newspapers and other media sources are exempt from the right to be forgotten since they adhere to journalistic standards and serve a distinct purpose for distributing fact and opinion. Google on the other hand are considered a “data controller” under EU law, not a media entity, which obligates them to remove data that is considered inadequate or irrelevant.
Following the leak, critics are calling for greater transparency from data controllers, especially Google who have assumed the role of judge, jury, and executioner when it comes to common data rights. The issue of transparency is also pressing because of Google’s track record regarding privacy, which leaves a lot to be desired.