Google rejected 57% of 2.4 million “right to be forgotten” privacy requests
Google has played by the European Union’s “right to be forgotten” rules since 2014, when the European Court of Justice introduced a law that allowed European citizens to request that search engines erase information about them from search results. In its latest annual Transparency Report, Google reveals that it was asked to delist 2.4 million URLs from 2014 to 2017. Of those requests, Google denied 57% of the requests and green-lighted just 43%.
Google’s criteria for removing links usually has to do with whether information is in the public interest. The language of the “right to be forgotten” ruling states that European citizens can request that “inaccurate, in- adequate, irrelevant or excessive” information be taken down, in defense of their right to privacy.
That explains why an overwhelming number of requests—nearly 85%—come from private individuals, according to a draft of Three Years of the Right to be Forgotten, a paper authored by Google-affiliated researchers. (That number refers to requests since January 2016; between 2014 and 2017, Google says 89% of total requests stemmed from private individuals.) Along with requests from minors (about 5% of all requests), those from private individuals are most likely to be granted.
The paper also makes clear that a handful of people are making a significant portion of the requests. Just 1,000 people (0.25% of the people who filed requests) accounted for 15% of the URLs submitted for delisting. In all, 51% of total requests came from the U.K., France, or Germany. The folks who most frequently issue requests unsurprisingly hail from law firms and reputation management companies—think fixers in the image of Olivia Pope.
Google disclosed that the research paper has yet to be peer reviewed, though it has been submitted to the Privacy Enhancing Technologies Symposium. Read it in full here.