MOSCOW, May 13 (RAPSI) - IT companies operating search engines are responsible for dissemination of personal data that appear on third party websites and therefore must act upon requests to delete such data, the Court of Justice of the European Union ruled on Tuesday.
The ruling by the EU court followed a claim filed in Spain by Mario Costeja González against La Vanguardia Ediciones SL, publisher of a popular daily, and the Google search engine.
In 2010, the Spanish national lodged a complaint with the Spanish Data Protection Agency (AEPD) after it was discovered that entering his name in Google yielded links to La Vanguardia’s newspaper from 1998. Particularly, the pages contained data on Gonzalez’s debts and attachment proceedings. The claimant requested that the publisher delete the data as outdated and that Google conceal his personal data from the search results and remove the link to the newspaper.
In response, the data protection agency explained that the data was lawfully published in the newspaper. However, the agency supported the request for Google. The search engine company appealed to the National High Court of Spain claiming that the AEPD’s decision should be annulled. The court referred the issue to the Court of Justice.
The CJEU found that, in protection of personal data, the balanced interests of Internet users must be considered regarding the nature of the information in question. The data subject may address a request directly to the controller of the search engine and bring the matter before a supervisory authority or court if not granted the request.