Setting Borders to Forgetfulness: AG Suggests Limiting the Scope of the Search Engine Operators’ Obligation to Dereference Personal Data

Abstract

Opinion of Advocate General Szpunar, Case C-507/17 Google LLC v Commission nationale de l’informatique et des libertés (CNIL), 10 January 2019 1. A search engine operator is not required to implement a request for dereferencing of personal data on all domain name extensions of its service. 2. However, a search engine operator must take any measure available in order to ensure full and effective dereferencing. This includes notably resort to geo-blocking, preventing access from users supposedly located in an EU Member State irrespective of the domain name extension of the search engine they use. Articles 12(b) and 14(a) of Directive 1995/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995] OJ L 281/31.