The Administrative Court of Stockholm on Monday 23-11-2020 rejected Google’s appeal against the decision of the Swedish data protection authority (Authority) and confirmed that Google has violated the provisions of the EU’s General Data Protection Regulation (GDPR).
The Authority had imposed a fine of 75 million Swedish kronor (approximately 7 million euros) on Google in March for violating the provisions of the “right to be forgotten” under the GDPR. They observed that Google did not handle individuals’ right to have search result listings with their names removed from the search engine and ordered the company to remove these search results. Google believed and argued that webmaster information is necessary for purposes relating to the fundamental right of search engine providers, webmasters and internet users to freedom of expression and information.
Google has a practice of informing webmasters before removing any search results from their search engine, and the court found that this practice was not permitted under the GDPR. The court also noted that the penalty imposed on Google by the Authority could be reduced and significantly brought it down from 75 million Swedish kronor to 52 million Swedish kronor (approximately 5 million euros).