The Practice of General Data Protection Regulations Fine and Penalty on Google Inc. vs CNIL Case

  • Rian Nugraha
  • Maskun
Keywords: CNIL, Data Protection, Right to be Forgotten

Abstract

The development of technology on this era is bringing two side on the humanity which is the positive and negative side. On the positive side, the technology could help human to finding information easily from their device (e.g smartphone), while on the other side this techonology could bring harm on privacy side. There fore, with those harm, the concept of privacy is vital. On European Union where they have concern toward the personal data with General Data Protection Regulation (GDPR). On the GDPR, European Union have their own rule about the right of erasure, it also known as the right to be forgotten (RTBF) which written on Article 17. This article has it own problem due to the scope of application. On may 2015 the French Commission Nationale de l’informatique et libertés (CNIL) served a formal notice on google if individual asking about the remvoval of links to web page from the list of result displayed following a search performed on that individual name etc. Google have to apply that removal on all google domain (google.com) and not remove it just in the google local domain (google.fr). Due to the difference of perspective toward the Article 17 of General Data Protection Regulation, google wont remove it on the google main domain (google.com), and so on march 2016 (CNIL) found that google failed to comply the formal notice and imposed a penalty of €100.000 and so google sought to have the adjudication annulled. 11 September 2018, the European Court of Justice hearing this case where it is about the territorial scope of European data protection law. But then on 24 September 2019, Court of Justice held that the right to be forgotten on the article 17 doesn’t require google to de-list search result on all of its domains, however google still required to de-list the result on the all of the European Union domain. The purpose of this study to analyze wether the court opinion and decision toward the google.inc v CNIL case. On other side it will also determine wether the European Union data protection law could be applied outside the European Union or not.

Downloads

Download data is not yet available.

Author Biographies

Rian Nugraha

Faculty of Law, Hasanuddin University. Indonesia.

Maskun

Faculty of Law, Hasanuddin University. Indonesia.

This is an open access article, licensed under CC-BY-SA

Creative Commons License
Published
        Views : 614
2020-03-23
    Downloads : 444
How to Cite
[1]
R. Nugraha and Maskun, “The Practice of General Data Protection Regulations Fine and Penalty on Google Inc. vs CNIL Case”, International Journal of Law and Public Policy, vol. 2, no. 1, pp. 1-10, Mar. 2020.
Section
Articles

References

M. Maskun, Perkembangan Hukum Telematika: Prospek dan Tantangan. 2017. [Online]. Available: https:// www.researchgate.net/publication/318520006_Perkembangan_Hukum_Tele matikaProspek_dan_Tantangan. [Accessed: October. 5, 2019].

P. Voigt and A. V. D. Bussche, The EU General Data Protection Regulation (GDPR). Springer, Switzerland. pp. 1-2, 2017.

N. Kramer, “Blockchain, Personal Data and the GDPR Right to be forgotten”, 2018. [Online]. Available: https:// www. natlawreview.com/article/blockchain-personal-data-and-gdpr-right-to-be-forgotten. [Accessed: October. 6, 2019].

The Society for Computers and Law. “Google only has to remove de-referenced search results from searches made in the EU: Advocate General’s Opinion in Case C-507/17 Google v CNIL”, 2019. [Online]. Available: https:// www.scl.org/news/10393-google-only-has-to-remove-de-referenced-search-results-from-searches-made-in-the-eu-advocate-general-s-opinion-in-case-c-507-17-google-v-cnil. [Accessed: October. 5, 2019].

M. Finck, “Google v CNIL: Defining the Territorial Scope of European Data Protection Law”, 2018. [Online]. Available: https:// www.law.ox.ac.uk/business-law-blog/blog/2018/11/google-v-cnil-defining-territorial-scope-european-data-protection-law. [Accessed: October. 5, 2019].

S. Wong, “Google v. CNIL: EU Rules that Right to be Forgotten Does Not Apply Globally”, 2019. [Online]. Available: https:// jolt.law.harvard.edu/digest/google-v-cnil-eu-rules-that-right-to-be-forgotten-does-not-apply globally. [Accessed: Desember. 9, 2019].

E. S. Dove, “The EU General Data Protection Regulation: Implications for International Scientific Research in the Digital Era,” the Journal of Law, Medicine & Ethics, vol. 46, no. 4, pp. 1014, 2018.

P. Voigt and A. V. D. Bussche, GDPR. Springer, Switzerland, 2019.

The Organization for Economic Co-Operation and Development, “Guidelines on the Protection of Privacy and Transborder Flows of Personal Data”, [Online]. Available: https:// www. oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm#scope. [Accessed: October. 15, 2019].

N. Lord, “What is the Data Protection Directive? The Predecessor to the GDPR”, 2019. [Online]. Available: https:// digitalguardian.com/blog/what-data-proction-directive-predesor-gdpr. [Accessed: October. 20, 2019].

P. Hustinx, “EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation,” New Technologies and EU Law, Oxford University Press, 2017.

E. Council, Data Protection Reform, 2019. [Online]. Available: https:// consilium.europa.eu/en/policies/ data-protection-reform/. [Accessed: October. 17, 2019].

V. Reding, “The European Data Protection Framework for the Twenty-First Century,” International Data Privacy Law, vol. 2, no. 3, 2012.

P. Hustinx, Op. Cit. pp. 148-149, 2019.

M. Kedzior, “GDPR and beyond—a year of changes in the data protection landscape of the European Union,” ERA Forum, vol 19, no. 4, 2019.

H. Li, L. Yu, and W. He, “The Impact of GDPR on Global Technology Development,” Journal of Global Information Technology Management, vol. 22, no. 1, pp. 4, 2018.

J. Holvast, “History of Privacy, the Future of Identity in the Information Society. Privacy and Identity,” IFIP Advances in Information and Communication Technology, Springer, Berlin, Heidelberg, vol. 298, 2008.

T. Christopher and J. D. Anglim, J. D, Privacy Right in the Digital Age. Grey House Publishing, 2015.

Anggara, “Menyeimbangkan Hak: Tantangan Perlindungan Privasi dan Menjamin Akses Keterbukaan Informasi dan Data di Indonesia,” Institute for Criminal Justice Reform: Jakarta, 2018.

W. T. DeVries, “Protecting Privacy in the Digital Age,” Berkeley Technology Law Journal, vol. 18, no. 283, 2018.

J. Holvast, “History of Privacy, the Future of Identity in the Information Society,” Privacy and Identity, IFIP Advances in Information and Communication Technology, Springer, Berlin, Heidelberg, 2017.

Privacy Europe, About the Network. 2019. [Online]. Available: https:// www.privacy-europe.com/european-privacy-framework.html. [Accessed: November. 14, 2019].

H. P. Yuwinanto, “Privasi Online dan Keamanan Data,” Jurnal Palimpsest, vol. 2, no. 2, 2011.

Intersoft Computing, GDPR: Right to be forgotten. 2019. [Online]. Available: https:// gdpr-info.eu/issues/right-to-be-forgotten/. [Accessed: November. 4, 2019].

L. M. Jones, “The Right to be forgotten,” Proc. Assoc. Info. Sci. Tech, vol. 52, no.1, 2019.

G. Sartor, “The Right to be forgotten in the Draft Data Protection Regulation,” International Data Privacy Law, vol. 5, no. 1, 2019.

Google Inc., Google Transparency Report. [Online]. Available: https:// transparencyreport. google.com/eu-privacy/overview. [Accessed: January. 23, 2020].

Google Inc., European privacy requests Search removals FAQs. 2020. [Online]. Available: from https:// support. google.com/transparencyreport/answer/7347822. [Accessed: January. 23, 2020].

Y. H. Sirait, “General Data Protection Regulation (GDPR) dan Kedaulatan Negara Non-Uni Eropa,” Gorontalo Law Review, vol. 2, no. 2, 2019.

European Commission, Binding Corporate Rules (BCR). 2020. [Online]. Available: https:// ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/binding-corporate-rules-bcr_en. [Accessed: January. 28, 2020].

D. F. Masoch, Why Should Companies Invest in Binding Corporate Rules?. ICLG: Data Protection, 6th Edition, 2019.

GDPR EU.ORG. (2020). Fines and Penalties. 2020. [Online]. Available: https:// www.gdpreu.org/ compliance/fines-and-penalties/. [Accessed: January. 28, 2020].

M. Foulsham, GDPR: How to Achieve and Maintain Compliance. London: Routledge, 2019.

Anonymus, “General Data Protection Regulations,” Art, vol. 83, no. 2, 2018.

M. Samonte, “Google v. CNIL: The Territorial Scope of The Right to be forgotten under EU Law,” European Papers, 2020.

D. Erdos, Google v CNIL – The EU Court of Justice Seeks a Via Media on Global Internet Publication and European Data Protection. Faculty of Law and Trinity Hall, University of Cambridge, 2020.