In a landmark ruling, the European Court of Justice—Europe’s highest court—dealt Google a clear win by placing a territorial limit on the “right to be forgotten” in the EU. The court’s holding in Google v. Commission nationale de l’informatique et des libertés (CNIL) clarifies that a search engine operator that is obligated to honor an individual’s request for erasure by “de-referencing” links to his or her personal data (i.e., removing links to web pages containing that personal data from search results) is only required, under the GDPR, to de-reference results on its EU domains (e.g., google.fr in France and google.it in Italy), and not on all of its domains globally.

However, in the same ruling, the Court also stated that the GDPR applies to Google’s data processing on all of its domains globally (by virtue of such processing comprising “a single act of processing”). Therefore, an EU Member State’s supervisory authority and courts are free to treat the ECJ’s EU-wide de-referencing requirement as a “floor” and go one step further, requiring search engines to implement the right to be forgotten on all of its domains worldwide, including those outside the EU.

Background – The Right to Be Forgotten

The right to be forgotten—codified at Article 17 of the GDPR—grants individuals the right to obtain erasure of their personal data without undue delay, where, for example, the data are no longer necessary for the purpose for which they were collected or processed. However, the right is not unlimited; exceptions apply if the processing is deemed necessary for the exercise of freedom of expression, compliance with a legal obligation, public interests such as public health, scientific or historic research, or the establishment or defense of legal claims.
Continue Reading Forget Me…or Not: Europe’s High Court Limits Territorial Reach of Right to Be Forgotten, But Not of GDPR

The government in Indonesia has warned the world’s biggest social media providers that they risk being banned in that country if they don’t block pornography and other content deemed obscene.

A member of the House of Lords has proposed an amendment to the U.K.’s data protection bill that would subject technology companies to “minimum standards

Live Webinar: June 6, 2017 at 12:00 PM (ET) / 9:00 AM (PT)

The May 2018 compliance deadline for the EU’s new General Data Protection Regulation (GDPR) is fast approaching and—with non-compliance penalties of up to €20 million or 4% of annual global turnover at stake—you cannot afford to miss the deadline.

Please join Socially

Google unveiled a new tool designed to combat toxic speech online by assessing the language commenters use, as opposed to the ideas they express.

Is a state law banning sex offenders from social media unconstitutional? Based on their comments during oral arguments in Packingham v. North Carolina, some U.S. Supreme Court justices may think

Over 30 workers at a Japanese insurance company are losing their jobs following the company’s adoption of IBM’s Watson Explorer, an artificial intelligence system that will perform an important back office function at the company.

Medium laid off a big chunk of its team despite reporting impressive growth last year.

Snapchat is being sued

CaptureThe latest issue of our Socially Aware newsletter is now available here.

In this issue of Socially Aware, our Burton Award winning guide to the law and business of social media, we discuss the impact online trolls are having on social media marketing; we revisit whether hashtags should be afforded trademark protection; we