 Good afternoon everybody. So this session is about the changing landscape for search engines. So let me lower the intellectual tone that you've put sky high Julia by making it simple. In very simple terms, search engines are now subject to take down requests as a result of on the basis of the right of erasure. That's it. Okay. That's that those are the that's the changing landscape for search engines and I think that's the main conclusion. Since I have a few more minutes to talk, I would like to explore a little bit some of the perhaps some of the finest point going back to the decision. Some of those finest points that were made by the court. Because for example, the court narrowly skimmed through critical concepts like personal data and processing. When you when you read the judgment, there are seven paragraphs of about an average four lines each covering personal data and processing. Which if you print it is about it's less than half. It's about half a page. So this there were assumptions of course that that were made. But for example in relation to personal data, the view that the court took was that the data that was being indexed by Google and of course any other search engines in this case qualified as information relating to an identifier or identifiable individual which of course is a definition personal data in the directive. But once the working party devoted a sort of 40 page document to simply dissect that sentence of information related to an identifier or identifiable natural person or individual. The court just took the view that because this information does relate to people and therefore that's been indexed, then that's personal data. The question is, is it personal data to the search engine? And that was not looked at. The other, just looking at the definition of processing, of course what the court said that the oldest organizing and again indexing and making information available that squarely fits the definition of processing because processing as we know covers pretty much anything you can ever do with data digitally at least. And the court went on to say that that was the case despite the fact or regardless of the fact that search engines do not distinguish what they actually do with that information, do not distinguish the nature of the information. They just do that technologically or algorithmically or however you want to describe that with all the information that crosses the internet. But that is processing of personal data. And in line with this thinking of course the court did in a little bit more detail was to expand or to interpret the concept of controller, which of course is defined in the data protection directive. And I can see that personal data and processing can be an absolute concept. So it's either personal data or it isn't. It's either personal or it isn't. But controller when you look at the definition in the directive is down to that subject, that entity making decisions. There is an intention in being a controller. That's the whole point. It is the terminating, the purposes and the terminating, the termination. The termination involves decision making, my understanding of the word. But it's not an absolute concept. It's a concept that involves some thinking. This is what we're going to do with the data. That's what the controller does. They do the thinking. They do the decision making. And the court of course took the purpose of interpretation of this definition to say, but the objective, and they use this word, the objective of the definition in the directive is precisely to make it really broad so that it covers any activity dealing with data. So when you add all this, of course, the interpretation of personal data, the interpretation of processing, the interpretation of controller, after the implication, this changing landscape for certain changes is very clear. Not only certain changes are not an intermediary in the sense of an intermediary is not really responding somewhere in between. No, the search changes are the super controllers. There is no controller in the world that I can think of that processes more personal data than a search engine. If you think about it, is the biggest controller ever applying this criteria? It is the super controller and there is no one that processes more personal data there. I'm not excited. This has to be the implication, which means that all the obligations that apply to controllers would apply to a search engine. All the obligations, and then you look at all the principles and all the conditions for processing personal data. And of course, personal data, we know has a category of sensitive personal data. So if you add that dimension to certain grounds for processing of sensitive personal data, then you start thinking, this is just much more than the right to be forgotten then. But then you start thinking, but I was saying, no one has said, or maybe no one has been heard saying it, that the implications of this are such that basically this search engine model is simply non-compliant. And the reason why that's not being publicly said, or at least the regulators, I don't think have said it, is because it's seen as going to be too far. And the reason why it's seen as going to be too far is because it has unintended consequences. And here is what we see sometimes with a decision that can only be taken so far, because if it's really taken all the way in terms of implications, it should really have technically speaking, it has unintended consequences. Is this a weakness? Is this a reality of life, of an imperfect world? Maybe it's a bit of both, but this is an issue that is started to be raised by this decision, an imperfect decision for an imperfect world. But there's even a great implication to all of this, at least from a legal perspective, because it doesn't affect just certain changes, it affects everybody else. Is that the determination of the applicability of the law, which is also addressed by the case? And this is what has really messed things up for everybody, because the way in which the law or the directive was interpreted in terms of the applicability of the law, we know when we look at the directive, the criteria are relatively straightforward. We have article 418, applicability determined on the basis of the establishment of the control in the EU. 417, applicability determined on the basis of what the equipment is located. And when the controller is, of course, elsewhere, the controller outside the EU, but equipment in the EU. Here, we've seen a mixture of the two. It's a, I don't know, 4-1-C+, or however you want it, because the interpretation that was given is, let's take the controller is really outside the EU, everybody acknowledged that, but the establishment is in, an establishment is just in the EU. And the kind of the link of the two is what determined the applicability of the law. So, this seems to have been accepted, but of course, regulators in Europe are now looking at this and are applying this local establishment criterion to situations where the controller is in the EU, not necessarily in that country, but somewhere in the EU, not outside the EU, in Mountain View, in the EU, somewhere in one of the 28 member states, but the applicability of the law is being interpreted as EU-wide. So, where, until now, until very recently, we had the certainty that an EU-based data controller was only subject to the law of the country where it was established. Now we are seeing the law being interpreted in such a way that an EU-based controller is subject to the law of that country where it is established and everywhere else in the EU, wherever there is some form of presence, even if the controller is not based there. So, to conclude, to conclude, I think this, sometimes we talk about the European Commission being very ambitious in their policymaking, and where about a year away from seeing a law that is probably the most ambitious data protection law we will ever see in the world. We don't even need to wait for that. The Court of Justice of the European Union, in just one judgment, a 20-page judgment has extended and created the greatest extension of European data protection law ever attempted. And that's why this case is so, so massive. And that's the change in landscape for certain changes and everyone else. Thank you.