France’s data protection watchdog, the Commission Nationale de l’Informatique et des Libertés (CNIL), has rejected Google’s appeal against the global enforcement of the ‘right to be forgotten’ rule.
In May this year, the CNIL ordered Google to apply the right to be forgotten rule – which lets people ask search engines to not display certain unflattering links resulting from a search on their name – to its google.com global domain and not just European domains such as google.fr or google.co.uk.
Google filed an informal appeal against the order in July, claiming it would restrict the public’s right to information, was a form of censorship, and was attempting to extend French law outside the country’s borders. The president of the CNIL, Isabelle Falque-Pierrotin, rejected the appeal on Monday, saying that delistings must be applied across all extensions of the search engine and that not doing so would mean the RTBF ruling could be easily circumvented. The CNIL added that it just wanted non-European companies to respect European laws when offering their services in the continent - rejecting Google’s claims it was going beyond its jurisdiction.
"The President of the CNIL rejects Google's informal appeal against the formal notice requesting it to apply delisting on all of the search engine's domain names […] Contrary to what Google has stated, this decision does not show any willingness on the part of the CNIL to apply French law extraterritorially. It simply requests full observance of European legislation by non European players offering their services in Europe," it said in a statement.
Under French law, Google has no legal possibility of appealing the order at this stage. If the company refuses to remove the tens of thousands of delistings from its non-European domains for named searches, then the CNIL will likely look at imposing sanctions - including the possibility of a fine up to 5 percent of its worldwide revenue - against the internet giant.
A Google spokesman said: “We’ve worked hard to implement the ‘right to be forgotten’ ruling thoughtfully and comprehensively in Europe, and we’ll continue to do so. But as a matter of principle, we respectfully disagree with the idea that one national data protection authority can assert global authority to control the content that people can access around the world.”