Time seemed to have been too short on Thursday to discuss all the DPAs' concerns. Google, Yahoo and Microsoft were asked to answer additional questions in writing by July 31. By then, they should provide details about the proof of identify or authentication they demand from people who file take-down requests. They also were asked to describe what safeguards are in place to protect any personal data processed during the handling of delisting requests.
In addition, the search engines were asked whether they post notifications on search results pages letting users know when some results have been removed due to EU law -- which is something that Google does -- and asked what the legal basis is for showing that warning.
In particular, it appears that this notice is sometimes displayed even in the absence of removal requests by people, the DPAs said. They asked the search engines, "Can you confirm or exclude that this is actually the case and, if so, could you elaborate on the applicable criteria?"
The A29WP committee said that new guidelines would be issued in the autumn and that additional meetings on implementing the right to be forgotten rules may be organized with other stakeholders.
Sign up for CIO Asia eNewsletters.