Google sheds more light on Right To Be Forgotten requests

Since May 2014, Europeans have been given the right to request that information about themselves be delisted from search engine results. The European Court of Justice established the “right to be forgotten (RTBF)” as a means for individuals to ask search engines, such as Google, to remove links to pages deemed to be private from their search results, even if that page itself remains on the internet. However, the search engine is not necessarily obliged to satisfy that request, and so we get a typically grey area of internet regulation and policy enforcement. In an attempt to bring greater clarity to this, Google is updating its Transparency Report to include more information on how it handles RTBF requests, and who is making them.

 

Tell me more about this Right To Be Forgotten

 

Forming part of the General Data Protection Regulation (GDPR), the RTBF applies to any data controller and in the context of search engines it gives European users the right to request that certain results for queries on the basis of a person’s name be delisted. The search engine must comply if the results in question are “inadequate, irrelevant or no longer relevant, or excessive” whilst taking into account that person’s role in public life. At Google, there is no automated process for evaluating these requests and they are done so based on criteria including how sensitive the information is, the source of the information, who the requester is and whether or not the information is of interest to the public. If the request is approved, the URLs are then delisted from only European search results on Google.

 

So who submits these requests and how many are granted

 

Google has updated its Transparency Report by providing more information about these RTBF requests which gives us a really interesting insight into how the search giant copes with this regulation. Looking at data from 2014 to 2017, Google has provided insight on over requests for over 2.4 million URLs to be delisted, including information on the requesters, the content of the requests, the content of the site being requested for delisting and rate at which Google grants these requests.

 

 

The large majority of requesters are private individuals – which is probably what you would expect as the very function of this regulation is to help people control their personal data – with the remainder being made up of minors, government officials, celebrities and corporate entities. In Google’s report, it shows that around 43% of requested URLs have been delisted – meaning they will no longer appear for searches related to those requesters’ names and in search results in European countries.

 

 

The most common type of content being requested to be delisted is professional information – defined as containing a requester’s work address, contact information, or general information about their business activities. My interpretation of this is that many people are trying to protect their professional lives by removing potentially damaging information visible on Google when their name is searched by prospecting employers, clients, or business partners. Perhaps surprisingly, sensitive personal information only accounts for 2% of requests, although it is worth remembering that these requests do not remove any content from the internet, only from appearing in search results.

 

This is all super interesting, what does it all mean and where can I read more

 

The full details of search removals under European Law are made available in Google’s Transparency Report which includes some interesting interactive graphs and tables. But, aside from the report giving more information about who is using this new regulation to control their online data, this reveals perhaps a more promising story. I see two things here, firstly: Google adhering quite effectively to a relatively stringent personal data regulation in what appears quite a costly manner – these 2.4 million requests are having to be reviewed manually and individually! The whole cost of this is shouldered by Google – but then again, they aren’t short on cash and at the end of the day it is the law. Secondly, this transparency report shows a willingness on Google’s part to be quite open about their handling of a data protection regulation – an area where they have often been accused of being quite obscure. I think that the big tech giants are recognising that openness and transparency is key to retaining user trust and ultimately these companies wouldn’t exist with their vast numbers of users. Perhaps tech giants are starting to throw off their cloaks of ambiguity. If only Google could be more transparent about its search algorithms…

 

HCW.