Google and EU Privacy Ruling

So first I need to apologize to everyone here that we’ve been a bit busy this last two or so quarters in our respective businesses. Some being start-ups, some being employment changes, and some also being due to travel schedules being so hectic before the summer/holiday season kicks up.

For this post, we wanted to just speak freely about viewpoints on the recent decision by the Court of Justice of the European Union (ECJ

My Trusty GavelThe balance between privacy and freedom of information has been a hot topic in Europe, whose citizens enjoy some of the world’s strictest data protection laws, especially after last y

ear’s revelations about the extensive global surveillance programs run by the United States. We know that this decision by the Court of Justice of the EU places Google in a tricky position.  Google must strive to interpret the EU’s broad criteria for objectionable links in search results, and to remove certain content from its search engine while preserving its popularity as a resource for users to find all manner of information.

What we don’t know, and yet we fear is a concern, is how impactful this will be on other digital channels.  In other words – this isn’t just about Google. It is far from clear which demands for information removal companies like Google will have to comply with. For now, that decision is seemingly left to national courts and regulators.  Fine, however these bodies may not have clear criteria and otherwise straight answers for some time yet.  The future application of this ruling is very unclear – in particular with other open court cases against data processors (yes “processor” since in most cases Google isn’t the controller of the other websites it indexes).

We’ve heard from some that they aren’t worried because this judgement specifically calls out Google and is only search engine based, but we’re thinking a bit differently here. Data protection isn’t something new in the EU. It’s been around since the 1970’s on a country-by-country basis and explicitly in the EU since 1995. We all know the base concept that “data protection” in the EU is a fundamental human right. So in this light, this ruling came as no surprise – it was somewhat inevitable.  One has to wonder, however, was this ruling even necessary to motivate Google to add a process to allow CHOICE for those who it processed data on? Part of me wants to say no. For us, privacy is one of a businesses normal processes like finance or sales is that HAS to occur or be there. If your building a process for sales to keep up with leads you might as well do one for privacy requests.

What’s also interesting is the position that some have taken that this will KILL the economy and start-up community in the EU. I find big falter in those conversations. I mean, what will change that prevents business from doing the things they need today and they did yesterday? Or the day before the ruling went into effect? I mean, already in the EU you had to obtain permission to process someone’s data including emailing marketing materials to them. As a start-up, you still had to protect the data just the same as you built out the platform. And not to be a “meany head” we know that many start-ups end up working in the United States due to the availability of seed/venture capital, the openness of the marketplace,  the easy of registering a business, tax breaks, and many other items. It’s NOT simply about data protection that is causing them to move or not complete the business there. I’m not saying that there aren’t successful business in the EU, but depending on your market and needs, it can be easier outside the EU for reasons other than privacy.

Anyways, my point being here is that he sky isn’t falling, yet. There is no Doomsday. I mean, all of this does create technical challenges as well as potential extra costs for companies in this situation. In fact, it also creates challenges for them to spend the proper amount of time to determine what is a valid request and what isn’t. In the first two (2) days along Google received 12,000 request for deletion of information. Think Google is going to do this for free for long? I bet not and I’m unsure if legally they can be stopped for asking people to cover their costs of such requests and research. Heck, we charged the RIAA in 2003/2004 when they asked us at Verizon Online to process tons of information requests for Jon Doe’s subpoena’s and search warrants and the court upheld our reasonable request for such. Will the Internet be as free as we expected it to be in the future? who knows, but the control was already there in the EU, even if Google was in the United States. You can’t hide behind your servers.

-Dennis and crew

photo by: steakpinball

Leave a Reply

Your email address will not be published. Required fields are marked *