Many countries are adopting regulations that allow data subjects to request search engines and other data controllers to delete links to information that is outdated or irrelevant. Even with the “right to be forgotten” spreading around the world, it hasn’t been adopted in the U.S. or Canada.

Consumers have been quite pleased with the popular regulation but companies have been a bit hesitant to follow suit. Alphabet Inc.’s Google has even established a panel to advise it on implementing the law. Further, it has waged war against France’s data protection authority (CNIL) over extending such requests to all global Google domains. 

However, recent developments may give credence to search engines’ pessimism over the extension of the regulation. According to a recent New York University study, hackers are able to find personal information using basic coding methods despite requests to have the data removed from the search engines. 

If removed data can’t be permanently deleted, companies will have a stronger argument against DPA’s who attempt to extend the reach of the right to be forgotten outside of its borders. 

The new development will not slow down Google’s attempts to limit regulation but highlights that the debate between privacy and censorship rages on. 

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.