Europe’s “Right to Be Forgotten” in Latin America

Publication Type: 
Academic Writing
Publication Date: 
February 1, 2017

This article appeared as Chapter Five in "Towards an Internet Free of Censorship II Perspectives in Latin America".


Europe’s “Right to Be Forgotten” in Latin America

Daphne Keller[1]


Executive Summary

This article addresses tensions between the so-called “Right to Be Forgotten” (RTBF) and Internet users’ free expression and information rights, particularly as those rights are recognized in Latin America. It reviews troubling developments based on two European legal sources: the Court of Justice of the European Union’s (CJEU) 2014 Google Spain[2] case, which required the search engine to delist certain search results, and the EU’s pending General Data Protection Regulation (GDPR).       

The GDPR is a once-in-a-generation overhaul of EU Data Protection law. It will come into effect and displace previous Data Protection Law in 2018. Its new RTBF provisions tilt the playing field strongly in favor of erasing online speech, creating a serious imbalance between expression and privacy rights.

Latin American lawmakers and advocates have an opportunity to avoid this imbalance in their own laws. Indeed, there are strong arguments that the GDPR provisions could not pass legal and constitutional muster or comply with human rights commitments in the region. Lawmakers can robustly protect privacy and data protection rights without accepting the harm to speech from poorly designed RTBF laws.

The Article will (1) review the legal background of the RTBF in Europe, and its relationship to other notice and takedown regimes for online speech, (2) discuss the substantive and procedural restrictions to free expression under that law, with a focus on new provisions of the GDPR, and finally (3) identify important differences between relevant EU law and that of many Latin American countries.

The divergences between European and Latin American legal frameworks suggest the following possible approaches for policymakers grappling with RTBF proposals in legislation, litigation, or administrative enforcement:

• Not treating intermediaries as data controllers of speech posted by their users, or spelling out narrower controller obligations with respect to speech.

• Not emulating the removal process set forth in the GDPR, but instead drawing on intermediary liability law to identify any obligations and ensure procedural checks against over-removal.

• Vetting any RTBF proposals against Latin America’s unique and profree-expression human rights framework.

• Vetting any RTBF proposals against existing legal rights grounded in privacy, defamation, or other sources of law, then identifying whether RTBF would support claims not already covered in those laws, whether those new claims are desirable as a policy matter, and what carefully tailored free expression protections should apply to them.

[1] Daphne Keller is the Director of Intermediary Liability at the Stanford Center for Internet and Society. She was previously Associate General Counsel for Intermediary Liability and Free Speech issues at Google. In that role she focused primarily on legal and policy issues outside the U.S., including the E.U.’s evolving “Right to Be Forgotten.” Her earlier roles at Google included leading the core legal teams for Web Search, Copyright, and Open Source Software. Daphne has taught Internet law as a Lecturer at U.C. Berkeley’s School of Law, and has also taught courses at Berkeley’s School of Information and at Duke Law School. Her extensive public speaking in her field includes testifying before the UK’s Leveson Inquiry and Parliamentary Committee on Privacy and Injunctions. Daphne practiced in the Litigation group at Munger, Tolles & Olson and is a graduate of Yale Law School and Brown University.

[2] European Court of Justice, Google Spain SL v. Agencia Española de Protección de Datos (AEPD), Case C-131/12, May 13, 2014, at para. 94, available at