Feeds

Google NOT REQUIRED to wipe 'sensitive' search results after all

But MUST adhere to EU data law, says Court of Justice advocate general

Intelligent flash storage arrays

The European Union's Court of Justice has agreed with Google by saying that search engine providers should not be held responsible for the type of personal data that appears on web pages it processes.

Even though Google is required to comply with European privacy law, the company is not obliged to remove sensitive legal content from its search index, the EU's advocate general Niilo Jääskinen said in a court opinion today.

The court explained Jääskinen's opinion (PDF, 3 pages), which is likely to be adopted by the EU:

It is possible that the secondary liability of the search engine service providers under national law may lead to duties amounting to blocking access to third party websites with illegal content such as web pages infringing intellectual property rights or displaying libellous or criminal information.

In contrast, requesting search engine service providers to suppress legitimate and legal information that has entered the public domain would entail an interference with the freedom of expression of the publisher of the web page.

In his view, it would amount to censorship of his published content by a private party.

Judges in the Court of Justice are not required to be bound by the advocate general's views. They will deliberate the case before passing judgment.

Jääskinen's opinion followed a man complaining to Google's Spain office in 2010 about search results that showed a link to a newspaper article which was first printed in 1998, reporting on a real-estate auction connected with attachment proceedings prompted by social security debts.

The man had asked Google to kill the links to the story after he discovered it returned links directly to the article when his "name and surnames" were entered into the search engine.

He later lodged a complaint with Spain's data authority against both the newspaper publisher and Google, which was partially upheld by the watchdog.

Google was told to delete the data from its search index and to prevent any future access to the newspaper article. However, the complaint against the publisher was rejected on the grounds that the story's appearance in the press was "legally justified".

Since then, Google has appealed against the Spanish regulator's decision on two separate occasions. All of which led to that country's court referring a number of questions to the EU's advocate general.

The outcome of the Court of Justice's ruling will set a precedent for many similar cases currently wading their way through various judicial systems in the 27-member bloc.

One such high-profile case involves the former Fédération Internationale de l'Automobile boss Max Mosley, who is suing Google in a Hamburg court, claiming that Mountain View is breaking German privacy laws by continuing to host a video which shows him engaging in a thrash'n'tickle session with a group of prostitutes.

However, the opinion was not all good news for Google, given that Jääskinen said that the US company was bound by data legislation in Europe. That's because Google - which is, after all, an advertising giant - processes ads within the EU.

Here's how the Court of Justice explained the advocate general's position on the matter:

The entity in charge of keyword advertising is linked to the internet search engine. This entity needs a presence on national advertising markets and that is why Google has established subsidiaries in many Member States.

Hence, in his view, it must be considered that an establishment processes personal data if it is linked to a service involved in selling targeted advertising to inhabitants of a Member State, even if the technical data processing operations are situated in other Member States or third countries.

All of which means the screws are slowly being tightened on tech companies from outside the EU who process European citizens' data.

Google, meanwhile, is also having to face off data protection authorities in the UK, France, Germany, Italy and the Netherlands over the ad giant's decision to change its privacy policy in March 2012 - which the French watchdog has already said breaches its data law. ®

Internet Security Threat Report 2014

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.