In the real world we all are territorially bound, nevertheless in the virtual world there are no boundaries, therefore the application of law of the land to the virtual world seems unjustified without any metes and bounds. The overboard extraterritorial extensions of local jurisdiction create unforeseeable and inescapable legal risks for any online commerce or any e-action. Internet is a global medium, which must be regulated on a global scale, is progressively more unconvinced in light of even more sophisticated geo-location technologies.
The geo-location technologies cannot be 100% precise. The application of international jurisdiction on geo-location technologies may exacerbate the emergence of global and diversified online market with all the potential economic and cultural benefits. The infringement jurisdiction in online cases is considered proper only if contested in the right circumstances of the case, therefore also having a substantial effect on local commerce. The geographical information is supposed to play an increasing role in society. The location services are used by the devices to serve all kinds of purposes. Here, we capture a bunch of privacy issues and data protection perspectives, and the General Data Protection Regulation (GDPR) (EU) 2016/679 on May 26, 2018, became appropriate throughout the entire European Union, majorly to impact on the data protection discussions worldwide. The compliance with the GDPR is mandatory for all the companies falling under its scope, but such compliances can also provide a key competitive advantage to the other companies. Also considering the complications, due to being vaguely worded, many times confusion and a difference in opinion arise regarding its implications. The regulation applies to EU-member countries as well as Canada, the US, or businesses and government anywhere in the world who deals with the European Market. GDPR also elucidates “Right to be forgotten”, which provides supplementary rights and freedoms to the public who don’t want their private data processed to have it deleted, providing there is no ground for retaining such data.
“Right to be forgotten” creates an unrestricted limitation on the search engines, therefore in the case of Google LLC v Commission nationale de l’informatique et des libertés (CNIL) [1] the ECJ clarified the Jurisdictional application of “Right to be Forgotten”. The decision in this case is a triumph for the “Big tech”.On 24 September 2019, the Court of Justice of the European Union (“ECJ”) in its landmark decision ruled that the “right to be forgotten” has a limited territorial application. the implementation in opposition to a controller with multinational or global operations, the right to be forgotten only concerns to those operations being undertaken within the member states of the European Union. The case was referred to the ECJ by the French Council of States as Google refused to make a payment of €100,000 fine imposed by the French data Regulator, to the Commission Nationale de l’informatique et des libertés (“CNIL“). The fine was imposed concerning the refusal by Google in removing the links to search listings, containing personal data which was detrimental to an individual, from google domain outside EU. Google even after receiving formal notice from CNIL to remove the personal data from all the versions of its search engines globally. Finding in support of Google the ECJ held that Google is supposed to delist search results from domains within the EU, but not globally. The ECJ emerged to distinguish, Google’s concerns that this would have had “serious chilling effects on the web” and also materialized potential of overbreadth of EU law, also underlining “many states do not recognize the right to de-referencing”.
[1] Google LLV v Commission nationale de l’informatique de et des libertes (CNIL), 1, All ER (Comm), 829, (2020)
-Shivantika
