Feeds

Google de-listing of BBC article 'broke UK and Euro public interest laws' - So WHY do it?

Stunt backfires on ad giant

Choosing a cloud hosting partner with confidence

Google's publicity stunt this week, in which it de-linked selected mass media articles and posts from its search results and informed the journalists in question it had done so, appears to have been illegal.

The gigantic advertising company now faces the prospect of having to re-link to articles it has de-linked in the UK in recent weeks.

Newswires suggest that Google has performed a U-turn on the de-linking. Yesterday we predicted the high-risk strategy might backfire.

Google was trying to cast the recent European "right to be forgotten" ruling in a bad light. The recent court decision permits citizens to request that old, out of date or irrelevant material be de-linked from a search - for instance of their name - if (and that's a big "if") there isn't a public interest. The beaks decided that the continuous re-publication of old and irrelevant material, in such a massive, pervasive medium as Google's search engine, could be a huge invasion of an individual's privacy.

Google isn't happy with the ruling, and now it has gone beyond its initial moves to turn public opinion against the decision. Earlier this week, Google tipped off selected journalists that their work had been "disappeared" from its searches in response to requests made based on the European ruling.

The Guardian's James Ball received one and predictably, he walked into the trap*. Ball warned of a grave and imminent threat to free expression, and opined that the burden of compliance with the ruling should fall on publishers - not on Google.

Robert Peston at the BBC didn't quite follow the script, however: he queried why Google was de-linking an article where there was clearly a public-interest justification for keeping it known. (Peston's article was about a banker who had been implicated in the crises leading to the recent economic downturn.)

Google was saying it had been forced to "break the internet" - but it wasn't Google's fault, it was the European judges'.

However, legal experts have told us that by de-linking, Google was not respecting its legal obligations. Specifically, Google was failing to comply with English (and EU) data protection obligations and weigh the public's right to freedom of expression to read those articles. Which is ironic, given how much time Google spends preening itself as a champion of the public's right to, er, free expression.


"Me? Comply with the law? Oh, Mum..."

How so? Serena Tierney of law firm Bircham Dyson Bell clarified the law for us:

"When Google receives a request to de-link, it must consider whether any damage to the person making the request is outweighed by a relevant public interest in keeping the link. In the case of [Merrill Lynch chairman] Stan O'Neal [original here], it's a no-brainer, there's a clear public interest in that information remaining available."

Google could have decided to take a simpler, cheaper course. It could decline some of the requests and bounce them up to the Information Commissioner, starting a long (but cheap to Google) legal process. "A simple refusal would entail Google telling the data subject they are not entitled to have the link taken down. It's then up to the subject to appeal to the Information Commissioner." That would almost certainly reduce the number of requests that are pursued.

Were it to decide to decline all the requests and bounce them up to the Information Commissioner, it would be legally risky because it is required to consider each request individually and not to apply a blanket policy of refusing them.

The risk to Google is that the Information Commissioner might choose to serve an enforcement notice on it, and ultimately issue a fine. However, the maximum fine is merely £500,000.

Tierney reminded us that the CJEU's ruling isn't the black letter law that citizens and data controllers must abide by: it's the implementation of the EU Data Protection Directive. Each EU member state has written its own data protection law but they must all be interpreted to comply with the CJEU ruling.

Yet all must include a mechanism to balance Freedom of Expression with the right to Privacy, they are both considered a "Fundamental Right" in Europe.

"We're still speaking to Google at the moment", the ICO told us. "We welcome the extent to which the judgement upholds data protection rights of individuals and confirms the powers of data protection authorities. We will be studying the judgment in detail and considering the practical implications for individuals, businesses and ourselves."

The commenter red herring

Peston speculated whether a commenter under his BBC blog post had made the de-linking request, not O'Neal. But this can't be right, Tierney thinks, because a commenter has no additional rights under the CJEU ruling. What constitutes an invasion of privacy is the snippets of the search results that Google displays - but with a blog post or newspaper article, these only ever show the headline and first paragraph.

No matter which way you slice it, Google has at best misinterpreted the law, and wrongly de-linked Peston's legitimate story. As this piece is written, it appears that the advertising monolith is now re-linking to articles it had de-listed: it may not be a coincidence that google.co.uk went down for approximately 10 minutes shortly before 11am UK time.

The price of this week's PR stunt is mounting. ®

Bootnote

*This is not the first time Ball has shot himself spectacularly in both feet. A rant last year entitled "Why are the LulzSec hackers being locked up?" talked about centrifuges as the key component of a nuclear reactor. Yes, James: the thing that spins round really fast, it makes all that nooclear power. Obviously.

Intelligent flash storage arrays

More from The Register

next story
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.