Insights Advocate General opines that the scope of “de-referencing” that search engines have to do should be limited to the EU

In May 2015 the defendant, the French data protection authority (the CNIL), served formal notice on the claimant, Google LLC, that when acceding to a request to remove links to web pages mentioning a person’s name from the list of search results, it should remove all of its search engine’s domain name extensions.

Google removed the links in relation to EU Member States domain names only. Google did, however, propose preventing internet users from accessing the results in question from an IP address located in the state of residence of the person concerned, no matter which version of the search engine they used. The CNIL said this was insufficient and fined Google €100,000.

Google appealed to the Conseil d’Etat, which referred several questions to the CJEU.

The Advocate General opined that the Data Protection Directive (95/46/EC) does not expressly govern the territorial scope of de-referencing. He said that a distinction must be made depending on the location from which the search is performed. Therefore, search requests made outside the EU should not be affected by de-referencing. In other words, the Advocate General said that EU law should not be interpreted so broadly as to have effects beyond the borders of the 28 Member States. The Advocate General therefore underlined that, even though extraterritorial effects are possible in certain, clearly defined cases affecting the internal market, such as in competition law or trade mark law, because of the worldwide nature of the internet the situation was not comparable.

According to the Advocate General, the fundamental “right to be forgotten” must be balanced against other fundamental rights, such as the right to data protection and the right to privacy, as well as the legitimate public interest in accessing the information sought. If worldwide de-referencing were permitted, he said, EU authorities would not be able to define and determine a right to receive information, let alone balance it against the other fundamental rights to data protection and privacy. This is all the more so since the public interest in accessing information will necessarily vary from one country to another depending on its geographic location. There would be a risk that people in third countries would be prevented from accessing information and, in turn, that third country would be preventing people in EU Member States from accessing the information.

However, the Advocate General did not completely rule out the possibility that, in certain situations, a search engine operator may be required to take de-referencing action on a worldwide level, although the situation in this case did not justify this.

The Advocate General therefore said that the CJEU should hold that a search engine operator is not required to de-reference all domain names in its search engine in such a way that the links in question no longer appear irrespective of the location from which the search of the requesting party’s name is performed.

However, the Advocate General underlined that, once a right to de-referencing within the EU has been established, the search engine operator must take every measure available to ensure full and effective de-referencing within the EU, including by using “geoblocking” techniques, in relation to an IP address located in one of the Member States, irrespective of the domain name used by the internet user who performs the search.

The Opinion is, at present, only available in French. This report is therefore based on the press release, which is available in English. (Case C-507/17 Google LLC v CNIL EU:C:2019:15 (Advocate General Opinion) (10 January 2019) — to access the Opinion in full and the press release, go to the curia search form, type in the case number and follow the link).

Expertise