By: David Quinn, Junior Editor
Photo Courtesy of Unsplash
The Internet as we know it is extensively documented and monitored, as many of the connections computers have to make between each other are tied into a cloud system that stores data beyond the reach of their creators; furthermore, search engines continually comb the Internet for content and compete with each other to rank that content.[1] The form of this monitoring is facilitated by tools like cookies, which can grant access to location, income, shopping, and health information in real time (sometimes even if they are actively deleted by their users).[2] In light of such pervasive information gathering, authorities in the European Union (EU) have taken steps to acknowledge a so-called “right to be forgotten,” a right that allows people to seek the erasure of their personal data from any third party (with special attention given to online third parties like Internet search engines).[3]
The EU considers freedom of speech to be a fundamental right.[4] However, as noted in Google LLC C-460/20 (2022), balancing the rights of free speech and privacy is an important priority of the EU.[5] Part of this right to privacy is the right to be forgotten, which was firmly solidified into EU law though Google Spain v. AEPD and Mario Costeja González, also known as the “Google Spain case,” and the development of the General Data Protection Regulation (GDPR).
In the Google Spain case, the Court granted the request of an EU citizen to Google’s Spanish subsidiary, Google Spain, that they remove mentions that he had previously been forced to sell his property to pay off social security debts.[6] The Court ruled that data protection authorities could impose requirements on a search engine operator to withdraw items published by a third party, as had happened in this case, without letting the third party know in advance, and that this could be done even if the information had been lawfully published.[7] Furthermore, they ruled that the right of a “data subject” override those of a search engine to their economic interests and the general public’s rights to find information relating to the data subject, baring certain exceptions related to the public interest (such as in the case of public figures).[8] Though this decision was made before the passage of the GDPR, the EU’s most recent framework for data protection, the decision still remains applicable into the present day.[9]
When the GDPR was established, it further clarified that a data subject, limited to identifiable natural persons, had rights over any information relating to them, a broad standard well beyond the regulation of private information.[10] Furthermore, they had the right to “obtain from the [data] controller the erasure of personal data concerning him or her without undue delay.”[11] This right is not unlimited, as it is restrained to a select number of grounds; moreover, a number of exemptions to the right exists, including for reasons of free speech or public interest.[12] However, given the EU’s concern with balancing its fundamental rights, the right to be forgotten is still a powerful tool in the hands of data subjects against those of Internet search engines.
The United States (US), in contrast to the EU, maintains a more skeptical approach to the right to be forgotten and its underlying justification. While the US respects privacy as a right, as seen in places like the Fourth Amendment of the US Constitution, the free speech rights outlined in the First Amendment have been adopted, both culturally and legally, in such a way as to override concerns over privacy and dignity that are upheld more strongly in the EU.[13] According to Kristie Byrum, there are four reasons for the US’s reluctance to adopt a right to be forgotten: first, the right “inserts government intervention into the free flow of information;” second, the right “damages transparency by creating holes in the availability of retrievable data;” third, the right “harms historical accuracy and clarity;” and fourth, the right “endorses censorship, devaluing society’s interest in valid political information.”[14]
US jurisprudence has undermined key reasons for adopting a right to be forgotten. For example, unlike what was shown in the Google Spain case, US law is willing to uphold the right to truthful fact-telling above a right to remove embarrassing information. An example can be seen in Smith v. Daily Mail Publishing Co, where the Supreme Court held that “the State cannot…punish the truthful publication of an alleged juvenile delinquent’s name lawfully obtained by a newspaper.”[15] The US also recognizes limits to privacy that run against the rationale for the right to be forgotten. This is seen in cases like Martin v. Hearst, where the Court deemed that past crimes were not private information even when the records of an arrest and prosecution had already been erased in accordance with a state statute.[16]
Underlying US jurisprudence on these questions is a concern over whether such a right would be a form of compelled speech, something US law has long opposed. Cases like Miami Herald Pub. v. Tornillo, where the Court ruled that it was unconstitutional to force a newspaper to print a political candidate’s rebuttal to hostile editorials, show that there is a predisposition against forcing people to allow other people’s speech to be associated with them in the name of fairness or the public’s access to information.[17] Similarly, one can imagine that forcing someone to remove truthful information about another party for reasons of privacy would be a situation of compelling someone to say something (or rather, not say something) for the sake of created fairness in what information the public has access to.
In a phenomenon known as “the Brussels effect,” the influence of the EU on the world stage has led many countries around the world to adopt elements of the GDPR.[18] However, there is reason to believe that the US will put up resistance to attempts to enact similar privacy protections. Yahoo! Inc. v. La Ligue Contre Le Racisme shows us an example of the EU and US jurisdictions coming into conflict over freedom of speech. In this case, the Court agreed with Yahoo!’s claims that it was unable to block French citizens from viewing pro-Nazi material available on a website without blocking that material altogether in a manner that would infringe on the First Amendment.[19] This prevented Yahoo! from complying with a French court order to “take all necessary measures to dissuade and render impossible any access” to the material, showing the limits of EU law on the regulation of the global Internet.[20] In a similar way, the EU’s right to be forgotten may be undermined by US free speech protections.
Regardless of individual and even international concerns over privacy, the US seems unlikely to adopt an EU-style right to be forgotten anytime soon.
[1] Meg Leta Jones, Ctrl + Z: The Right to Be Forgotten 6 (2016).
[2] Id, 7-8.
[3] European Union. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). Official Journal of the European Union L 119 (May 4, 2016): Article 17; Kyu Ho Youm and Ahran Park, The Right to Be Forgotten: Google Spain as a Benchmark for Free Speech versus Privacy? 24 Chi. J. Int’l L., 167, 169 (2023), https://cjil.uchicago.edu/print-archive/right-be-forgotten-google-spain-benchmark-free-speech-versus-privacy.
[4] European Union, Charter of Fundamental Rights of the European Union, Article 11.
[5] Lex – 62020CJ0460 – En – EUR-Lex, EUR, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62020CJ0460. (last visited Nov. 20, 2025).
[6] George Brock, The Right to Be Forgotten: Privacy and the Media in the Digital Age 38 (2016).
[7] Lex – 62012CJ0131 – En – EUR-Lex, EUR, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A62012CJ0131., (last visited Nov. 20, 2025);” Melissa Stock, The Right to Be Forgotten: The Law and Practical Issues 45-51 (2020).
[8] Lex – 62012CJ0131 – En – EUR-Lex; Stock, 50-51.
[9] Lex – 62012CJ0131 – En – EUR-Lex; Stock, 52.
[10] EU, Regulation 2016/679, Article 4 ; Stock 17.
[11] EU, Regulation 2016/679, Article 17(1).
[12] EU, Regulation 2016/679, Article 17(1)(a-f), (3)(a, d).
[13] Antani Ravi, The Resistance of Memory: Could the European Union’s Right to Be Forgotten Exist in the United States? 30 Berkleley Technol. L.J., 1173, 1183 (2015), https://www.jstor.org/stable/26377751.
[14] Kristie Byrum, The European Right to Be Forgotten: The First Amendment Enemy 11 (2018), quoted in David Quinn, “Forget Me Not? The Right to be Forgotten in the European Union and the United States of America” (April 30, 2025) (unpublished student paper, Laws 565, Duquesne University) (on file with author).
[15] Smith v. Daily Mail Pub. Co., 443 U.S. 97 (1979)
[16] Martin v. Hearst Corp., 777 F.3d 546, 548 (2d Cir. 2015).
[17] Miami Herald Pub. Co. v. Tornillo, 418 U.S. 241 (1974).
[18] Ronan Murphy, Mapping the Brussels Effect: The GDPR Goes Global, CEPA, (September 13, 2025), https://cepa.org/comprehensive-reports/mapping-the-brussels-effect-the-gdpr-goes-global/.
[19] Yahoo! Inc. v. La Ligue Contre Le Racisme, 169 F. Supp. 2d 1181, 1185-1186 (N.D. Cal. 2001), quoted in David Quinn, “Forget Me Not? The Right to be Forgotten in the European Union and the United States of America” (April 30, 2025) (unpublished student paper, Laws 565, Duquesne University) (on file with author).
[20] Id.