The story began when the European Union Court decided that data must be preserved for future reference. Under the regulation, all websites and other things online had to keep a copy of data even if it was removed or altered online. Then what is the right to be forgotten, and how does it work in the light of EU data protection law?
Things were fine until someone in Spain filed a case against Spanish Newspaper for showing him in poor light. The fact was that person made a foreclosure of a loan, and years later, this information appeared in the newspaper as a reference (probably in a press release by a third party). The Spanish court handed over the case to the EU court as it felt that such information from the past, which had been fixed long ago, could affect the present and future of people. It also asked to examine the law in light of the Data Protection Law by the same EU court.
EU Court Ruling: Right To Be Forgotten
After brainstorming with Google and Microsoft, the EU court concluded that the data which is no longer needed could be removed – under Data Protection Act. It further concluded that people could opt for images, events, and news to be forgotten after they are of no relevance.
In simple words, the ruling has two main parts:
- Data Protection Act had to include a clause that a piece of information be deleted forever if it is no longer required or if the authorities are sure that the information will not be necessary for legal proceedings in the future.
- The Right to be Forgotten was granted where people can request search engines to remove references to their information that these requesters feel are spoiling their image for no-fault.
The Right to be Forgotten has specific important clauses. First of all, if the search engine removes the information from its servers, the third party hosting the information too has to erase the data from the Internet so that it is not re-indexed by search engines. It also says that search engines operating using servers based out of the EU too need to comply with the decision in which the complainant resides and is a citizen of the European Union.
It further adds that each request to be forgotten has to be reviewed separately. The request to be forgotten has to see if the URLs and/or stories being asked to be removed are not of public importance anymore. If the applicant has had a criminal past, the records cannot be removed as people need to know about the person, even if the person has mended his ways. Likewise, suppose the applicant has had a public life as a celebrity or a politician, and the story being asked to be removed related to that public life. The Data Protection Act will protect it, and the Right to be Forgotten will not apply here.
How To Apply To Be Forgotten
As of now, both Google and Bing are offering special forms. A person willing to remove a piece from Internet has to fill up the form and submit it along with documents (if any are requested).
Removal of material from search engines is not new. There were already provisions to remove personal information etc., from search engines. But with the EU ruling, the matter has to be taken up on a priority basis, and ALSO, the third party hosting the objectionable content has to erase that data from its site(s).
It is better to apply both Bing and Google when you want to be forgotten, as that would ensure you are forgotten. Using the special forms and methods provided and asked by these search engines also facilitates the erasure of third-party websites’ data so that they are not indexed again.
- Google’ Form for Right To Be Forgotten: Click here.
- Bing’s Form for Removal of Content and to be Forgotten: Click here.
NOTE: In both forms, you will have to provide digital identification proof so that they know it is the same person and not some imposter.
Remember that submitting the forms does not guarantee that the information will be removed. It will be studied by experts who have to decide that the information is indeed useless and not relevant anymore before it goes for deletion with a request to erase the contents on the third-party websites.
Is the UK still part of EU data protection?
As of January 1, 2021, the United Kingdom officially left the European Union. Under the EU’s GDPR, the United Kingdom is now considered to be a “third country.” Because of this, the EU-GDPR is an EU regulation and it no longer applies to the UK.
What is the difference between Data Protection Act and GDPR?
A GDPR law broadens the scope of what the Data Protection Act covers to account for online identification markers, location data, and genetic information, among others