Feeds

Google NOT REQUIRED to wipe 'sensitive' search results after all

But MUST adhere to EU data law, says Court of Justice advocate general

Top three mobile application threats

The European Union's Court of Justice has agreed with Google by saying that search engine providers should not be held responsible for the type of personal data that appears on web pages it processes.

Even though Google is required to comply with European privacy law, the company is not obliged to remove sensitive legal content from its search index, the EU's advocate general Niilo Jääskinen said in a court opinion today.

The court explained Jääskinen's opinion (PDF, 3 pages), which is likely to be adopted by the EU:

It is possible that the secondary liability of the search engine service providers under national law may lead to duties amounting to blocking access to third party websites with illegal content such as web pages infringing intellectual property rights or displaying libellous or criminal information.

In contrast, requesting search engine service providers to suppress legitimate and legal information that has entered the public domain would entail an interference with the freedom of expression of the publisher of the web page.

In his view, it would amount to censorship of his published content by a private party.

Judges in the Court of Justice are not required to be bound by the advocate general's views. They will deliberate the case before passing judgment.

Jääskinen's opinion followed a man complaining to Google's Spain office in 2010 about search results that showed a link to a newspaper article which was first printed in 1998, reporting on a real-estate auction connected with attachment proceedings prompted by social security debts.

The man had asked Google to kill the links to the story after he discovered it returned links directly to the article when his "name and surnames" were entered into the search engine.

He later lodged a complaint with Spain's data authority against both the newspaper publisher and Google, which was partially upheld by the watchdog.

Google was told to delete the data from its search index and to prevent any future access to the newspaper article. However, the complaint against the publisher was rejected on the grounds that the story's appearance in the press was "legally justified".

Since then, Google has appealed against the Spanish regulator's decision on two separate occasions. All of which led to that country's court referring a number of questions to the EU's advocate general.

The outcome of the Court of Justice's ruling will set a precedent for many similar cases currently wading their way through various judicial systems in the 27-member bloc.

One such high-profile case involves the former Fédération Internationale de l'Automobile boss Max Mosley, who is suing Google in a Hamburg court, claiming that Mountain View is breaking German privacy laws by continuing to host a video which shows him engaging in a thrash'n'tickle session with a group of prostitutes.

However, the opinion was not all good news for Google, given that Jääskinen said that the US company was bound by data legislation in Europe. That's because Google - which is, after all, an advertising giant - processes ads within the EU.

Here's how the Court of Justice explained the advocate general's position on the matter:

The entity in charge of keyword advertising is linked to the internet search engine. This entity needs a presence on national advertising markets and that is why Google has established subsidiaries in many Member States.

Hence, in his view, it must be considered that an establishment processes personal data if it is linked to a service involved in selling targeted advertising to inhabitants of a Member State, even if the technical data processing operations are situated in other Member States or third countries.

All of which means the screws are slowly being tightened on tech companies from outside the EU who process European citizens' data.

Google, meanwhile, is also having to face off data protection authorities in the UK, France, Germany, Italy and the Netherlands over the ad giant's decision to change its privacy policy in March 2012 - which the French watchdog has already said breaches its data law. ®

SANS - Survey on application security programs

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
Reprieve for Weev: Court disowns AT&T hacker's conviction
Appeals court strikes down landmark sentence
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.