Since the highly influential ruling of the Court of Justice of the European Union in the Google Spain case was published, numerous practical issues on the way it will be enforced have arisen. Its effective enforcement makes it necessary to revisit the traditional data protection perceptions. This article first argues that the regulatory structure and the interpretation of the obligations regarding data controllers must change in a more flexible direction. Secondly, that the practice of data controllers and other parties acting online must be readjusted to maximize data protection within the boundaries of the current legislation. Thirdly, it suggests a presumption of anonymity when courts or administrative authorities handle erasure requests. K E Y W O R D S : data protection, Google Spain, search engines, data controller, extraterritorial application, enforcement I N T R O D U C T I O N In May 2014 the Court of Justice of the European Union (EU) (CJEU) issued its judgment on a request for a preliminary ruling by the Audencia National, ie the Spanish High Court, on the case of Google Spain SL, Google Inc v Agencia Espa~nola de Protecci on de Datos (AEPD), Mario Costeja Gonz alez (Google Spain). This ruling changed the way the application of data protection legislation was perceived and spurred intense academic debate about the correct application of the DPD and the * LLB Candidate, Democritus University of Thrace, E-mail: emmanouilbougiakiotis@gmail.com. I would like to thank Brendan Van Alsenoy for his input on the issues of extraterritoriality examined in this article and Dr Fereniki Panagopoulou-Koutnatzi for her overall input. It goes without saying that I am solely responsible for the opinions expressed and any possible fallacies. 1 Case C –131/12, Google Spain SL, Google Inc v Agencia Espa~nola de Protecci on de Datos (AEPD), Mario Costeja Gonz alez [2014]. 2 The legislation currently in power in Europe is Council Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, [1995] OJ L281/355 [hereafter mentioned as Data Protection Directive-DPD]. Recently, the European Parliament and the Council finally adopted the Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2016] OJ L 119/1 [hereinafter mentioned as GDPR]. According to art 99 para 2 its application shall begin on 25

中文翻译：

---

Google西班牙裁定的执行

自欧盟法院在Google西班牙一案中发表极富影响力的裁决以来，就其执行方式出现了许多实际问题。它的有效执行使得有必要重新审视传统的数据保护观念。本文首先提出，监管结构和有关数据控制者义务的解释必须朝着更加灵活的方向变化。其次，必须重新调整数据控制者和其他在线行为的惯例，以在当前法规范围内最大限度地保护数据。第三，它建议在法院或行政机关处理删除请求时推定匿名性。关键字：数据保护，Google西班牙，搜索引擎，数据控制器，引言2014年5月，欧洲法院（CJEU）对奥登西亚国民法院（即西班牙高等法院）对Google Spain SL案作出的初步裁决的请求发布判决，Google Inc诉Datos的Agencia Espa〜nola de Protecci（AEPD），Mario Costeja Gonz alez（Google西班牙）。该裁决改变了人们对数据保护立法的应用的认识，并引发了关于DPD和* LLB候选人的正确应用的激烈学术辩论，色雷斯的德Demo克利特大学，电子邮件：emmanouilbougiakiotiotis@gmail.com。我要感谢布伦丹·范·阿尔塞诺伊（Brendan Van Alsenoy）对本文研究的域外性问题提供的投入，以及费雷尼基·潘纳古普洛·库特纳兹（Fereniki Panagopoulou-Koutnatzi）博士的总体投入。不用说，我对所表达的观点和任何可能的谬误承担全部责任。1案例C –131 / 12，Google Spain SL，Google Inc诉达托斯土地保护法（AEPD），Mario Costeja Gonz alez [2014]。2欧洲现行有效的立法是1995年10月24日关于在处理个人数据和自由移动个人数据方面保护个人的理事会指令95/46 / EC，[1995] OJ L281 / 355 [以下简称为“数据保护指令-DPD”。最近，欧洲议会和理事会最终通过了2016年4月27日的理事会条例（EU）2016/679，该条例关于在处理个人数据和此类数据自由流动方面保护自然人，并废除指令95/46 / EC（通用数据保护条例）[2016] OJ L 119/1 [以下简称GDPR]。根据第99条第2款，其适用应从25开始