Their online phone number, their postal address, even a copy of an ID… So much information that is published more often on the internet, often without the permission of their owners. In an effort to better protect Internet users from misuse of this sensitive data, Google this week expanded the ability to remove certain pages. An initiative that will be useful to some Internet users. But Google warns: it won’t grant all requests by far.
The idea is simple: remove certain links from the search engine. So it’s by no means a question of removing the pages and websites that contain information about us – Google obviously doesn’t have the authority to do that anyway – but to ensure that they no longer appear in the search results. This does not concern the darknet, where Google’s search engine does not work.
Fight against “doxxing”
The general idea is set out by the multinational company as follows: “Google may delete personal information if it exposes the data subject to the risk of identity theft, financial fraud or harmful direct contact, or other harm, including the doxxingwhich consists of sharing your data for a malicious purpose.
As of this week, Google allows web users to remove pages containing this information: confidential official identification numbers (such as social security numbers in the United States), bank account numbers, credit card numbers, images of handwritten signatures, images of IDs, sensitive and restricted official documents (such as medical records) , personal contact details (physical addresses, telephone numbers and e-mail addresses), as well as confidential identifiers.
Also read: Cookies: Google bows dramatically to Europe
Also for photos
It was already possible to remove pages containing some of the above information, and Google has expanded the list, especially in terms of personal contact information. People who find photos uploaded to the Internet without their knowledge, intimate photos, faked photos, images of minors or even names that are falsely associated with pornography can take action.
Then you need to be able to justify two things to Google so that the company accepts the request. First prove that your data is there. You must then be able to prove that one of the following two elements is present: either that there are explicit or implicit threats to you on the website in question, or that according to Google there are “incitements, explicit or implicit, to harm another or to bother”.
So it is not enough that people find it unpleasant that their e-mail address appears on a site. It will also have to be demonstrated that this publication can cause damage. Google offers an online form to fill out. The company then sends an email confirmation, reviews the request and reserves the right to request additional information. The whole thing can take several days. It is not surprising that Google suggests its users to first contact the website in question to have the content removed before contacting its services – you can already do that, for example on Facebook.
And there is no guarantee that Google will accept every request. So far, the multinational has accepted only 13% of the requests, Michelle Chang, chief of data management at Google Search, told Reuters this week. She expects this share to increase with the expansion to new data, but won’t say why. Google receives tens of thousands of takedown requests every year. It’s unclear whether machines or humans, or a combination of both, are assessing all of these requests.
It should also be noted that Google makes a distinction between internet users who are located in the European Union and those in the rest of the world. Those in Europe – and the Swiss are certainly associated with them – must a priori have lower requirements to obtain delisting of pages.