Last week the European Union’s Court of Justice ordered Google to grant people the right to be forgotten, giving people the ability to have themselves removed from search results that are “inadequate, irrelevant, or no longer relevant, or excessive in relation to the purposes for which they were processed.”
People living, or doing business in Europe, are likely the primary beneficiaries of the current ruling; Americans, however, may benefit indirectly as discussion reignites about privacy laws on our side of the Atlantic.
The ruling should also serve as a serious wake up call to everyone about the privacy of his or her information. People should realize that many privacy protections that Americans believe that they enjoy – even some guaranteed by law – have, in fact, been eroded or even obliterated by technological advances. The following are some examples, but in no way form a comprehensive list. Hopefully they will serve as “food for thought” inspiring conversations and discussions, as well as a catalyst for people to consider adjusting their behavior to improve their own privacy:
1 . Many people rely on the protections of the Fair Credit Reporting Act. They understand that if they fail to pay creditors on time that information will appear on their credit reports and their credit scores will drop. But, they also know that, by law, adverse information comes off of reports – and is ignored when calculating scores – after a period of time. So, someone not looking to purchase a home or car for some time may not be terribly scared of being late on a few payments, and someone considering foreclosure or bankruptcy in order to “start over” understands that the law pretty much assures him that after several years of fiscal responsibility (and certainly no more than a decade) he will be able to borrow once again.
These beliefs, however, may not be correct, as Google and other online information providers have changed the game. While adverse information may not appear on credit reports after several years of “improved behavior,” it could exist forever within the context of news articles, blog posts, or other materials. In fact, the incident that spurred the EU ruling was the 1998 auction of a repossessed property on which the owner could not make payments, and which still appeared in search results many years later. Laws regulating how long adverse credit information “hangs around” may be next to meaningless if potential lenders can perpetually obtain negative information in seconds by performing a simple Google search.
2. In the past, many people have benefited from laws that keep minor offenses off of permanent criminal records, or from the sealing of files or the expunging of information from them. But laws and court orders lose their potency if a perspective employer can find the supposedly purged information within seconds of entering a candidate’s name into a Google search. Unless something is changed, minor offenses committed today may, in some cases, cause people more ongoing professional harm than much more serious crimes committed before the advent of Internet-based (and recorded) news.
3. Various emails sent to member-only mailing lists, which were intended to be read only by members of those lists, have, somehow, over time, found their way into search engine databases. People sending emails to closed groups might want to consider that the groups may not, actually, end up being as closed as their sponsors or moderators promise.
4. Codes included in books for purchasers to access “add ons” have been disclosed in Google’s book previews. One example of this problem is the book Stella’s Dance, written in 2007 by Rachel Thill to help her young daughter cope with the sudden loss of her father. The book contains a code on the back cover that allows purchasers to download the audio-book version for free. For years that page was offered as part of the free preview by Google – meaning that Google was providing information to everyone on the Internet how to download the audio book for free – something that the publisher clearly would not want shared in such a fashion. The problem was recently corrected for this specific book (I waited until this information was removed from the preview before running this article so as not to facilitate theft), but, it seems possible, if not likely, that with a large number of books including information about accompanying downloads that this problem may persist for the foreseeable future.
5. Pirated movies, music, and books are indexed by search engines. This impacts a huge number of people in a large number of industries. I have even found a pirated version of one of my own books this way; while it may be flattering that someone actually took the time to scan the book page by page to make it available to others, clearly I am not happy about the piracy, nor about search engines assisting people to steal from me. It should not be difficult for Google and other search engines to block many searches for pirated materials; eliminating from data stores and search results pages that include red-flags such as the combination of the names of works along with file extensions or distribution mechanisms (e.g., “torrent”) commonly used for disseminating pirated versions, but rarely legitimate ones, could be a good start. It is true that search engine providers typically remove links to pirated products if requested to do so by copyright owners, but that process puts the onus on owners, when the providers should probably be doing more proactively.
6. Information related to Social Security Numbers, mothers’ maiden names, and other “ostensibly private” data can appear in search engine results, regardless of any privacy rules. I recently demonstrated for a former colleague how I could pull up social-security-number related information for both him and mutual acquaintances by crafting the right type of searches. While it is bad practice to use the aforementioned types of information for authentication questions, the reality is that many organizations still do; whenever possible, parties that do should change their practices in this regard.
7. It should be obvious that any information that appears in search results is available to government bodies without the need to obtain any form of warrant. This includes confidential information that might have inadvertently been placed on a server crawled by Google or another engine’s spiders. Be careful where you put files – even temporarily.
Some have argued that the “right to be forgotten” undermines the right to free speech, and can destroy the credibility of online information by transforming the Internet into a strictly-positive, censored environment. If the “right” is overextended, they will be correct. But, if this right is implemented properly in order to protect people’s privacy when appropriate, and done in a fashion that does not compromise true public interest, no harm will befall the First Amendment. After all, we already have laws that require the removal of adverse information from credit reports and from criminal records, laws that prohibit piracy, and laws that disallow the disclosure of trade secrets and confidential information. We just need to apply these laws to 21st Century communications media in a fair, organized, and open fashion that preserves liberties and the public interest while respecting all of our rights to privacy.
The current ruling should be a catalyst for us to start that discussion.
Want to be notified of great articles that can benefit you?
Follow me on Twitter at @JosephSteinberg