In 1998, a Spanish lawyer named Mario Costeja González was, like many middle-aged men, occasionally Googling his own name. On one of these searches, he found that the first results led to old newspaper notices about a real-estate auction held sixteen years earlier to cover debts he had since paid. The matter had been resolved for over a decade. His life had moved on. But the notices, digitised and indexed, still dominated what anyone searching his name would find.
Costeja asked Google to remove the links. Google refused. He took them to the Spanish data-protection authority, then to the European courts, and in 2014 — sixteen years after he had first noticed the problem — the European Court of Justice issued a ruling that would come to be called the right to be forgotten.
The ruling, narrow in its legal application and enormous in its cultural implications, established that European citizens have some legitimate interest in not being permanently defined by old information about themselves, and that search engines operating in Europe have some obligation to respect that interest. The actual information wasn’t ordered removed from the world; only its discoverability through searches of a specific person’s name was affected. But the principle — that there are conditions under which individuals should be able to escape their own digital pasts — was established in law for the first time.
What the ruling actually requires
The specific rules, developed through subsequent cases and European Union regulation, are more limited than the popular framing sometimes suggests.
A person can request delisting of search results linking their name to information that is “inadequate, irrelevant, no longer relevant, or excessive.” The criteria are not automatic. Search engines evaluate requests case by case, weighing the individual’s interest in being forgotten against the public’s interest in the information being available. Public figures have less protection than private individuals. Information relating to serious crimes or professional misconduct remains findable. And the underlying content isn’t removed from the websites where it originally appeared — only the specific link between the person’s name and that content, when served to European users, is affected.
Still, the practical effect has been significant. Google alone has received millions of delisting requests since the ruling, approving roughly half and rejecting the others. European citizens have gained at least some capacity to move past specific kinds of old information. The rest of the world has mostly not.
Outside Europe, the principle has limited force. In the United States, the First Amendment tradition strongly favours free access to information, and courts have generally sided with publication over privacy where the two conflict. Canada, Australia, the UK (which has partially diverged from the EU framework post-Brexit), and most of Asia have varied frameworks — some borrowing elements of the European approach, most leaving the question largely unaddressed.
This means that a person’s digital past is treated very differently depending on where they live and where the information is hosted. For most of the world, what’s available on the internet about you will remain available, largely regardless of how old it is, how irrelevant it has become, or how much your life has moved on.
The counter-tradition
Before endorsing the European approach, it’s worth understanding the objections — which are serious, held in good faith, and come from genuine values.
The strongest objection comes from the journalism and free-speech traditions. A right to be forgotten, applied broadly, can be used to suppress legitimate investigative journalism — reporting on corruption, misconduct, or patterns of behaviour that the subject would prefer to leave behind. Criminals convicted of serious offences have attempted to use European delisting procedures to remove coverage of their trials. Business executives with histories of fraud have tried to erase the reporting that might warn future investors. Politicians have sought to hide inconvenient votes and statements.
The courts and search engines handling these requests have generally rejected them, using the public-interest criterion. But the cases reveal a real tension. Transparency and accountability depend, in part, on the durability of the record. A society in which every actor could simply remove their past from general findability would lose something important — the mechanism by which patterns of behaviour can be identified, by which voters can make informed decisions, by which victims can bring old harms to light.
A related concern comes from the public-interest records tradition. Sex-offender registries exist in many jurisdictions precisely to make certain information about specific individuals permanently findable, on the grounds that the protection of potential future victims outweighs the rehabilitation interest of the offenders. A general right to be forgotten would conflict directly with these registries. Even if sex-offender registries are excluded by carve-out, similar logic applies to court records, regulatory findings, and other categories of information that someone might reasonably prefer forgotten but that the public has a legitimate interest in preserving.
The legal scholar Jonathan Zittrain at Harvard has written thoughtfully about how to navigate these tensions. His broader argument is that the internet’s early architecture assumed that information would naturally decay — unpopular pages would disappear, old pages would fall out of search indexes, attention would move on. This assumption has largely failed; in practice, digital information persists indefinitely, and the mechanisms that were supposed to produce natural forgetting haven’t worked. The right-to-be-forgotten frameworks are, in Zittrain’s framing, attempts to recreate — through deliberate intervention — the decay that earlier information systems produced automatically.
What people actually want
An interesting empirical angle on this comes from research on what people actually request when given the option to remove information about themselves.
Studies by researchers including Julia Angwin and others have found that the rhetoric around the right to be forgotten often runs ahead of the practice. When people are given actual opportunities to remove information about themselves, they request less than their stated concerns would suggest. Most people, when asked about privacy, express serious concerns about digital permanence. But when presented with specific opportunities to act — submitting delisting requests, opting out of data brokers, deleting old social-media accounts — most people don’t take the opportunities.
Part of this is friction: the actions required are complex, the outcomes uncertain, and the benefits diffuse. Part of it is habituation: people have come to accept digital permanence as a condition of modern life, whether or not they like it. Part of it is the gap between abstract concern and specific motivation: the general worry about digital privacy doesn’t translate, reliably, into the specific effort of requesting removal of specific information.
This doesn’t mean people don’t care about privacy. It means that the revealed preferences are more complicated than the stated ones. The institutional infrastructure for protecting privacy has to be designed around what people will actually use, not what they say they want.
The generational asymmetry
A dimension of this issue that matters particularly for readers in their late teens: the costs of digital permanence fall unevenly across generations.
People who were adults before roughly 2005 have mostly not left digital trails from their adolescence. Their teenage selves — the bad ideas, the embarrassing phases, the political views they’ve since moved past — live only in the memories of people who knew them then. Those memories fade, those witnesses disperse, those phases become private.
People who have been adolescents since the rise of social media have left trails that are often substantial, easily searchable, and — in practice — permanent. The teenage political stance expressed at fifteen in a public post is still there at twenty-five, available for contextualisation by anyone who cares to look. The photo from an embarrassing phase is still there. The earnest half-formed thinking is still there.
This means that younger generations are, in a literal sense, more accountable to their own pasts than older generations ever had to be. They’re also, correspondingly, less free to move past those pasts in the way their parents could. The developmental exploration of identity — the normal human process of trying things and discarding them, covered in earlier articles in this series — has become structurally more difficult because the trying is, now, recorded.
The right-to-be-forgotten framework is, among other things, an attempt to partially restore the forgetting that happened naturally for earlier generations. Whether this is the right response, whether it goes far enough, whether it goes too far — these are open questions. What’s clear is that the problem the framework is trying to address is real.
The practical situation
For most readers of this article — in Australia, or most places outside the EU — the legal right to be forgotten doesn’t exist in the European form. This has practical implications.
You can ask platforms to remove content you posted, and most will comply. What you can’t easily do is remove content that others posted about you, or archived copies of your own posts held by third parties, or screenshots and reposts that have since spread. The half-life of a genuinely embarrassing piece of digital content is long.
This means that the responsibility for managing your own digital trail falls substantially on prevention rather than correction. What doesn’t get posted in a public, permanent way doesn’t need to be unposted later. The earlier article in this series on your teenage self, preserved forever went into this in more detail; the right-to-be-forgotten angle adds an institutional layer to the personal one. For most people, most of the time, the main tool for managing digital permanence is still the decision not to post, rather than the ability to unpost.
If you find yourself with material you’d like to remove, and you’re not in the EU, the practical options are limited but real. Platforms’ own removal processes work for content you posted. Google does accept certain kinds of removal requests outside the EU — non-consensual intimate imagery, certain financial information, some categories of personal information — though the bar is higher than under EU rules. Contacting the original publisher directly sometimes works for older content. None of these are guaranteed, and the overall effect is modest compared to what would be possible with genuinely robust legal backing.
The question that remains
The deep philosophical question the right-to-be-forgotten debate raises is a genuinely hard one. How much should an individual be defined by their past? Which elements of that past should be available to others, and which should be private, and who decides? These questions don’t have clean answers, and different legal systems have arrived at different positions in good faith.
What’s clear is that the earlier assumption — that these questions would mostly take care of themselves, because information would naturally fade with time — no longer holds. The decisions about what is findable about whom have moved from the realm of natural processes into the realm of deliberate design. Someone has to decide. Whether that someone is a government, a search engine, or the individual whose name is being searched, the design choice is being made, whether or not it’s being made thoughtfully.
The question to carry, about your own relationship to the permanence of your digital life:
What information about yourself would you most want to be able to move past — and how much of the responsibility for managing that is on the systems around you, how much is on you now, and how much was on you before any of this was posted in the first place?
Key research referenced: the 2014 European Court of Justice ruling in Google Spain SL v AEPD and Mario Costeja González; subsequent EU General Data Protection Regulation (2018); Jonathan Zittrain’s writing on internet memory (The Future of the Internet, 2008, and later essays); Julia Angwin’s research on revealed privacy preferences.