The European Union’s (EU) General Data Protection Regulation (GDPR) makes important changes to the “Right to Be Forgotten” established by the Court of Justice of the European Union’s landmark 2014 Google Spain ruling. The GDPR introduces new notice-andtakedown rules for “Right to Be Forgotten” requests that will make deliberate or accidental over-removal of online information far too likely. The new rules give private Internet platforms powerful incentives to erase or delist user-generated content—whether or not that content, or the intermediaries’ processing of the content, actually violates the law. These problems could be mitigated, without threatening the important privacy protections established by the GDPR, through procedural checks and balances in the platforms’ removal operations.

READ MORE