Privacy in Europe After Regulation (EU) No 2016/679: What Will Remain of the Right to Be Forgotten?

Regulation (EU) no 2016/679 (hereinafter ‘GDPR’), which will become applicable throughout the EU from next May and will replace Directive 95/46/EC, contains the first legislative embodiment of the right to be forgotten. In other words, the personal right that, thanks also to the well known Google Spain case, has captured the attention of operators and academics alike. However, from a close examination of the new legislation it is arguable that the right to be forgotten could well end up being somewhat diminished once the GDPR takes effect. Indeed, many issues concerning the right in question have not been addressed, despite the fact that both case law and scholars in various Member States have much contributed in this debate recently. This work seeks to analyse the impact that the new legislation will have on the right to be forgotten, in particular having regard to how that right has been conceived in the Italian legal system in light of the Personal Data Protection Code and the most significant case law on the matter. The goal of the research is to demonstrate that even after the entry into force of the GDPR a crucial role in the actual definition of the concept of the right to be forgotten and the mechanics of protecting it will necessarily have to be played by the courts.