Europeans are increasingly asserting control over their online identities, turning to legal and regulatory tools to defend their privacy and reputation in the digital sphere. New data suggests that what was once a niche legal mechanism—the “right to be forgotten”—is rapidly becoming a cornerstone of personal data governance across the continent.
Since the beginning of 2026, Europeans have filed more than 230,000 requests to Google seeking the removal of personal data under GDPR provisions. Notably, nearly one in five requests (19.2%) concerns the deletion of personal information, underscoring a growing awareness of digital reputation management. According to Google’s Transparency Report, majority of these requests relate not to social media posts but to content published by online media outlets—often involving allegedly false or misleading information.
Yet the process remains far from straightforward. Google continues to reject more than half of all requests (50.1 per cent), highlighting the tension between privacy rights and freedom of information. The figures point to a structural challenge: while citizens are increasingly aware of their rights, enforcement mechanisms remain uneven.
The trend is unfolding against the backdrop of broader European regulatory ambition. The EU has significantly expanded its digital governance framework, most notably through the Digital Services Act (DSA), which imposes stricter accountability on large online platforms such as Facebook, Google, Amazon and TikTok. Since its launch in September 2023, the DSA Transparency Database has recorded approximately 3.6 billion “statements of reasons”—decisions by platforms to remove or restrict access to content—illustrating the sheer scale of content moderation in Europe.
At the same time, European courts are reinforcing these regulatory shifts. A 2025 ruling by Poland’s Supreme Administrative Court (NSA) aligned national jurisprudence with EU directives, strengthening the legal basis for removing harmful or inaccurate information that persists online over time.
Robert Szustkowski’ EU initiative to strengthen individual rights
Amid this evolving legal landscape, the EU wide initiative led by Robert Szustkowski is gaining traction in Brussels and beyond. Backed by recommendations from the European Commission in 2025, the proposal seeks to expand the scope of personal data protection—particularly in relation to media content.
The initiative calls for the creation of a central register of personal rights violations and the appointment of a “Reader’s Rights Ombudsman”, who would assist individuals harmed by false or misleading publications. The goal is to simplify and standardise the process of reporting harmful content, reducing reliance on lengthy and costly court proceedings.
“Proposed changes are intended to prevent the spread of disinformation and build public awareness of tools available to protect personal reputation,” Szustkowski argues. “Everyone, regardless of financial means, should have the right to defend their reputation without engaging in years-long legal battles.”
The initiative reflects a broader shift in public expectations. Across Europe, citizens are no longer passive subjects of digital exposure but increasingly active participants in shaping how their data is used and displayed. In 2025 alone, the UK led in the number of removal requests (103,000), followed by France (85,000), Germany (71,000) and Italy (53,500). Poland, with over 24,000 requests, ranks among the more engaged countries, signalling growing awareness even in markets where digital rights activism has historically been less prominent.
Driving this shift is not only regulation but also technology itself. The rise of generative AI has introduced new reputational risks, blurring the line between truth and manipulation. As Wojciech Głażewski, country manager at Check Point Poland, notes “today, the probability of encountering AI-generated content—especially on social media—is nearly 100 per cent. These systems can quickly produce emotionally engaging material that spreads easily. The issue is not limited to disinformation. Increasingly, we see content that subtly associates a person or company with certain ideas—positive or negative—without making explicitly false claims. This can unjustly damage reputation.”
Such dynamics are reshaping the debate around digital rights. The challenge is no longer confined to removing clearly false statements but extends to addressing more nuanced forms of reputational harm—content that operates in the grey zone between fact and implication.
Europe’s response is evolving accordingly. Alongside regulatory instruments like GDPR and the DSA, new institutions such as the European Digital Media Observatory (EDMO) are tasked with monitoring disinformation and strengthening resilience against online manipulation.
Taken together, these developments suggest that Europe is moving towards a more assertive model of digital sovereignty—one in which individuals, not platforms, play a central role in determining the boundaries of their online presence.
The growing prominence of initiatives like Szustkowski’s indicates that this transformation is not driven solely by regulators but increasingly by civil society actors seeking to rebalance power in the digital ecosystem. As awareness rises and legal frameworks mature, the question is no longer whether Europeans will demand control over their digital identity—but how far that control will ultimately extend.
