Not long ago I wrote about how few Right to Be Forgotten requests are actually approved. In EU, people can file RTBF requests to make information about them disappear from search results if it is inaccurate, outdated or irrelevant. But it turned out that only 2 out of 3 of those requests were denied on average. Is that rate too high? It turns out the answer is no, according to Europe’s own RTBF regulators.
Originally, the 67 percent denial rate was unearthed by a watchdog group. The message was that Google wasn’t really going its job and that people’s privacy still wasn’t being protected. That sparked outrage across the EU and led to even more pressure on Google and regulators to change how they operate.
But the agency tasked with monitoring and enforcing the RTBF process has done its own review, and says that Google is actually doing a great job.
Watching the Watcher
Although Europe has in general been very strict with search engines, the RTBF law actually allows search companies to decide for themselves which requests to honor and which ones to turn down. In other words, you don’t file your request with the government in Europe, you file it directly with search providers.
That is certainly the most efficient method, especially since government regulators don’t always have a clear understanding of search technology. But it also leads to public distrust. After all, isn’t letting the search engines self-police sort of like letting the wolf guard the henhouse? Or to put it another way, who’s watching the watcher?
The answer is WP29, an obscure government task force charged with enforcing RTBF. (The name stands for Article 29 Working Party, referring to the article that established RTBF.) Although Google and other search engines can manage their own request process, denials to those requests can be appealed and ultimately it’s WP29 that oversees the whole thing. And in response to a surge of complaints, WP29 sprang into action.
WP29 launched an exhaustive review of complaints against search engines, mainly Google. This review included surveying national-level regulators in EU member states and a detailed investigation into 2,000 of the individual complaints.
The results? Most of the complaints were misplaced, and most of Google’s denials were a good call. In other words, people were making requests that exceed their privacy rights.
WP29 also determined that the RTBF process has mostly been working efficiently, but it did identify areas that need to be addressed:
- Clearer guidelines for a person’s “role in public life.” Public figures are excluded from RTBF protection in the EU.
- A clear guideline on how old information needs to be in order to be considered “outdated.”
- Improved system for assessing whether a complaint is well founded.
Clearly the system isn’t perfect, but all in all it seems to be working well. There’s been a lot of controversy lately over the effort to enforce RTBF worldwide, but if the EU can accept that it is a Europe-only law, it seems that it will function smoothly and do what it set out to do.