The rule of law online: treating data like the sale of goods: lessons for the internet from OECD and CISG and sacking Google as the regulator

The decision of the Court of Justice of the European Union (“CJEU”) in the case of Google Spain SL v Agencia Española de Protección de Datos (AEPD)2 [“the Google decision”] to require Google to enforce a right to be forgotten has caused a furore and sets a dangerous precedent in internet regulation.3 It is setting up the search engine as a form of Internet Government and fracturing the balance between privacy and freedom of information in the connected world. In a world where we have become attuned to full exposure by routinely signing over access to information, privacy is no longer the issue – the real concern is control. This paper seeks to address the issues of whether we have a right to privacy anymore, who should be making decisions about what is available and where and how a global convention on access to information might be achieved