You search your name, and something you would rather leave behind still appears.
An outdated article. A past mistake. A version of yourself that no longer reflects who you are.
The information is not unlawful. It may not even be inaccurate. Yet it persists, accessible within seconds, detached from context and resistant to time.
At that point, the question becomes less practical and more normative:
To what extent should the law allow individuals to detach themselves from their digital past?
A legal starting point: data should not exist without justification
European data protection law rests on a structured premise: personal data must be processed for specified purposes and should not be retained indefinitely without reason.
This principle is codified in Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR), particularly through the principles of purpose limitation and storage limitation under Article 5.
Within this framework, Article 17 establishes the so-called right to erasure, granting individuals the ability to request deletion of personal data under defined conditions. These include situations where the data is no longer necessary for its original purpose, where consent is withdrawn, or where processing is unlawful.
The right is therefore not an abstract entitlement to disappearance.
It is a structured legal claim grounded in necessity, proportionality, and legitimacy of processing.
The right is conditional: a built-in balancing exercise
Article 17 does not operate in isolation. It is explicitly limited by competing legal interests.
Most notably, Article 17(3) GDPR provides exceptions where processing remains necessary, including for the exercise of the right to freedom of expression and information, compliance with legal obligations, or reasons of public interest.
This reflects a broader constitutional tension within EU law, particularly as shaped by the Charter of Fundamental Rights of the European Union.
On one side stands Article 7 (respect for private life) and Article 8 (protection of personal data).
On the other stands Article 11, which protects freedom of expression and information.
The right to be forgotten emerges at the intersection of these provisions. It does not override them. It requires them to be reconciled.
The result is not a rule of automatic erasure, but a case-by-case assessment, in which the continued availability of information must be justified.
Visibility, not existence, is the central issue
The practical significance of the right was shaped decisively by the Court of Justice of the European Union in Google Spain SL and Google Inc v AEPD and Mario Costeja González (C-131/12).
The Court recognised that search engines play a distinct role in structuring access to information. By aggregating and presenting results based on a person’s name, they enable the creation of a detailed profile that would otherwise require significant effort to assemble.
The legal intervention was therefore targeted.
The Court did not require the deletion of the original content.
It required, under certain conditions, the removal of links from search results associated with an individual’s name.
This distinction is essential.
The law does not eliminate information from the internet. It regulates how easily it can be retrieved.
In doing so, it shifts the focus from existence to visibility and accessibility.
Jurisdictional limits and the problem of global data flows
The effectiveness of this mechanism is shaped by the territorial scope of EU law.
In Google v CNIL (C-507/17), the Court clarified that EU law does not require global de-referencing. Search engines must remove links within EU domains, but are not, as a matter of EU law, obliged to do so worldwide.
This reflects a structural constraint.
Data flows across borders. Platforms operate transnationally. Legal authority, however, remains largely territorial.
As a result, the right to be forgotten operates within a fragmented enforcement landscape. Information removed in one jurisdiction may remain accessible in another.
The legal right is therefore bounded not only by competing interests, but by the architecture of the internet itself.
The deeper tension: permanence versus evolving identity
Beyond doctrine, the right to be forgotten addresses a more fundamental dissonance.
Legal systems have long recognised that individuals are not fixed in time. Concepts such as rehabilitation, limitation periods, and expungement mechanisms all reflect an understanding that past events should not indefinitely determine present status.
Digital systems operate differently.
They preserve information with minimal cost, detach it from its original context, and make it persistently accessible.
The result is a form of temporal rigidity: past events remain continuously present.
The right to erasure can be understood as an attempt to reintroduce temporal proportionality into this environment. It seeks to ensure that the continued availability of personal data remains justified over time, rather than assumed.
Conclusion: a right not to erase, but to contest persistence
The right to be forgotten does not grant individuals the power to delete their past in any absolute sense.
It does something more precise.
It creates a legal mechanism through which individuals can challenge the continued relevance and accessibility of personal data.
In doing so, it redefines the relationship between memory and law.
The past is no longer immutable simply because it is recorded.
But neither is it disposable simply because it is personal.
Instead, its persistence becomes subject to justification.
And that may be the most significant shift.
Not that the law enables forgetting, but that it recognises, for the first time in a digital context, that remembering is itself a decision—one that can be questioned, and in some cases, limited.
Leave a comment