Google’s latest Transparency Report reveals that of the 2.4 million requests made since 2014 to remove certain URLs from its search results, Google has only complied with less than half.
The removal requests relate to a ruling by the European Union's Court of Justice in May 2014 which said that Google and other search engines can be held responsible for personal data that appears in its search engine results pages - they are considered to be ‘Data Controllers’. Google and other search engines can, therefore, be asked to remove links to some web pages that are published by third parties, and any EU citizen can ask Google to remove information about them from their search results.
Doesn’t Have To Comply
The problem with the ruling for individuals who want their data removed is that Google doesn’t actually have to comply with the request, and can refuse to take links down if can demonstrate that there is a public interest in the information remaining in the search results. Google can also re-instate links that it has already taken down in a previous request if it can show that it has grounds to do so.
One example highlighted in Google’s Transparency Report concerns the UK man who managed to get Google to delist 239 (of 300) URLs that linked him to a fraud conviction where he was later found to be innocent. Following a 2nd request by the same man to remove pages relating to a benefits case linked to him, Google refused this request AND re-instated the previously de-listed URLs because it said that he provided forged documents with his 2nd request.
Two Main Reasons
The statistics appear to indicate that the two most likely reasons why Google would be asked to consider de-listing URLs are when they relate to personal information being shown in social media and directory services, and when aspects of a requester's legal history from news outlets and government websites are shown in the search engine results.
What If Google Refuses Your Request?
Examples of why Google may refuse to take URLs down include when they give business information that might be useful for potential customers, or if the content about a violent crime could be of interest to the general public.
If Google refuses your request to take down certain URLs, you can then still take your complaint to the national data watchdog. This, of course, takes time.
Less Than Half Of Requests
The Transparency Report shows that, since May 2014, Google has not delisted 56.7% of URLs, and in the UK, 60.2% of requests to remove certain URLs were not complied with by Google.
What Does This Mean For Your Business?
This story appears to show that despite an EU ruling, Google is still really in charge of making the decision about whether your personal details appear in its search engine results, based on its own research rather than your reasons in your request. For businesses wanting to hide certain information from public view, this is clearly an obstacle. Many businesses and individuals may have arguably suffered a much longer lasting punishment for any wrongs or from any bad publicity simply because they now operate in the age of the Internet, where things take a long time to be forgotten.
It will be interesting to see what difference GDPR makes to this situation because with GDPR, any EU citizen has the ‘right to be forgotten’ (all data held about them is to be removed), and GDPR can be enforced with the help of substantial fines for companies failing to comply with requests from individuals.
Google has long appeared to take the position that it sees some requests to remove certain URLs from its search engine results as a kind of censorship, and it remains to be seen just how much influence individuals will be able to exert over the big internet companies in the coming years.