• by Sean Hargrave , Staff Writer, September 27, 2019

It was always an odd ruling from the French data watchdog, CNIL. Back in 2014 it claimed that the EU's "right to be forgotten" should extend around the entire globe.

Nobody with any common sense thought that its strong line on the law would ever stand up in court. Thus, it was no great surprise that Google won its landmark case this week at the European Court of Justice. 

There were just so many problems with the case against Google, but let's start with plain, old-fashioned common sense. The question arises of how on earth an EU regulator would think an EU law extends beyond the EU.

I had this conversation with a bunch of bankers before GDPR was introduced a year ago. Their point, which they could not speak about openly, was as follows: How can the EU tell an American business what to do with an EU citizen's data that has been willingly given and is being processed in New York for transactions that take place in New York? 

While that may one day be the subject of another case, if we stick with the Google decision, it is hard to see what on earth CNIL thought it was doing. An EU citizen has the right to be forgotten under EU law, but therein lies the rub. The internet is global, and a French regulator has no right to tell a US tech giant what information and links it publishes outside the EU. 

One would imagine it was such an obvious point that a legal wrangle was unnecessary. There is also the freedom-of-information angle that got many campaigners hot under the proverbial collar. It is one thing to allow someone to wipe away a search record of what they have done in the past, and what has been written about those actions, but to extend that around the globe could be disastrous.

One can imagine that a long line of dictators and dangerous criminals requesting coverage of their odious misdemeanours should be erased in the EU, and then around the entire globe. 

So far, it is hard to get to the bottom of who is using the new law and why. The Telegraph has details of a couple of cases, but the first to be approved in the UK cannot be named because, of course, he has the right to be forgotten. However, it is worth pointing out that it was a business person who wanted a previous conviction for fraud removed from their record because it was several years ago and carried out in a different industry from the one they were currently working in.

I'm not sure about you, but I'm wondering who the law serves there -- people who want to do a background check on someone they may want to invest in or someone who broke the law and doesn't want people to know about it?

The EU is right to tackle Google on data privacy, anti-competitive behaviour and tax accounting. When it comes to applying a law outside the EU, it is hard to wonder where it is coming from. 

We may disagree on whether people should have the right to be forgotten, and typically have references to past convictions removed from search results. However, I think most people would agree that an EU law only applies to the EU.