• Courses
      • Executive Management Courses
      • Global Series of National Privacy Laws
      • Netherlands Privacy Academy (in Dutch)
      • Caribbean Data Protection Academy
    • Resources
    • Join GADPPRO ACADEMY
      • Join GADPPRO Academy as an Official Partner
      • Become an Official GADPPRO Training Entity
      • Join the GADPPRO Business Academy
      • Secretariat & International Training Centre
      • Contact Us
    •  
      • RegisterLog in
    Privacad GADPPRO Academy
      • Courses
        • Executive Management Courses
        • Global Series of National Privacy Laws
        • Netherlands Privacy Academy (in Dutch)
        • Caribbean Data Protection Academy
      • Resources
      • Join GADPPRO ACADEMY
        • Join GADPPRO Academy as an Official Partner
        • Become an Official GADPPRO Training Entity
        • Join the GADPPRO Business Academy
        • Secretariat & International Training Centre
        • Contact Us
      •  
        • RegisterLog in

      Blog

      Criteria of the Right to be Forgotten in the search engines

      • Categories Blog, Business, Design / Branding, Free Data Protection Resources, Uncategorized
      • Date October 23, 2020

      Guidelines 05/2019 on criteria of the Right to be Forgotten in search engines

      1.3 Ground 3:  The Right to request delisting when the data subject has exercised his or her Right to object to the processing of his or her personal data (Article 17.1.c)

      26. Pursuantto Article 17.1.c GDPR, a data subject can obtain from the search engine provider the erasure of personal data concerning him or her where he or she objects to the processing according to Article 21.1 GDPR and where there are no overriding legitimate grounds for the processing by the data controller.

      27. The Right to object affords stronger safeguards to data subjects since it does not restrict the grounds according to which data subjects may request delisting as under Article 17.1 GDPR.

      28. The Right to object to the processing was provided for by Article 14 of the Directive and constituted a ground to request the delisting since the Costeja judgement. However, the differences in the wording of Article 21 GDPR and Article 14 of the Directive suggest that there may also be differences in their application.

      29. Under the Directive, the data subject had to base his or her request “on compelling legitimate grounds relating to his [or her] particular situation”. In respect of the GDPR, a data subject can object to a processing “on grounds relating to his or her particular situation”. He or she thus no longer has to demonstrate “compelling legitimate grounds”.

      30. The GDPR therefore changes the burden of proof, providing a presumption in favour of the data subjectby obliging on the contrary the controller to demonstrate “compelling legitimate grounds for the processing” (Article 21.1). As a result, when a search engine provider receives a request to delist based on the data subject’s particular situation, it must now erase the personal data, pursuant to Article 17.1.c GDPR, unless it can demonstrate “overriding legitimate grounds” for the listing of the specific search result, which read in conjunction with Article 21.1 are “compelling legitimate grounds (…)which override the interests, rights and freedoms of the data subject”. The search engine provider can establish any “overriding legitimate grounds”, including any exemption provided for under Article 17.3 GDPR. Nonetheless, if the search engine provider fails to demonstrate the existence of overriding legitimate grounds, the data subject is entitled to obtain the delisting pursuant to Article 17.1.c GDPR. As a matter of fact, delisting requests now imply to make the balance between the reasons related to the particular situation of the data subject and the compelling legitimate grounds of the search engine provider. The balance between the protection of privacy and the interests of Internet users in accessing to the information as ruled by the CJEU in the Costeja judgement can be relevant to conduct such assessment, as well as the balance operated by the European Court of Human Rights (ECHR) in pressmatters.

      31. Therefore, the criteria of delisting developed by the Article 29 Working Party in guidelines on the implementation of the Court of Justice of the European Union judgment on “ Google Spain and Inc v. Agencia Española de Protección de Datos (AEPD) and Mario Costeja González” C-131/12 can still be used by search engine providers and Supervisory Authorities to assess a delisting request based on the Right to object (Article 17.1.c GDPR).

      32. In this regard, the “particular situation” of the data subject will underlie the delisting request (for example, a search result creates detriment for a data subject when applying for jobs, or undermines his or her reputation in personal life) and will be taken into account when undertaking the balance between personal rights and right to information, in addition to the classic criteria for handling delisting requests, such as:

      • he or she does not play a role in public life;

      • the information at stake is not related to his or her professional life but affects his or herprivacy;

      • the information constitutes hate speech, slander, libel or similar offences in the area of expression against him or her pursuant to a court order;

      • the data appears to be a verified fact but is factually inaccurate;

      • the data relates to a relatively minor criminal offence that happened a long time ago and causes prejudice to the data subject.

      33. Nonetheless, these criteria won’t have to be examined in the absence of proof of compelling legitimate grounds to refuse the request.

      • Share:
      User Avatar
      Richard V

      Previous post

      Criteria of the Right to be Forgotten in the search engines
      October 23, 2020

      Next post

      Criteria of the Right to be Forgotten in the search engines
      October 23, 2020

      You may also like

      Children Safety Encryption www.privacad.com
      Apple’s New Step to Protect Child Abuse via Encryption Feature
      20 August, 2021
      DNA Technology and Privacy www.privacad.com
      DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
      19 August, 2021
      www.privacad.com
      India accuses Twitter of not complying with new IT rules
      18 August, 2021

      Search

      Categories

      • Blog
      • Business
      • Design / Branding
      • Free Data Protection Resources
      • Nederlandse Privacy Academie
      • Uncategorized
      Facebook-f Linkedin-in

      © Privacad 2020

      For all your questions about courses

      students@privacad.com

      For all your questions about Privacad for business

      info@privacad.com

      Links

      • Courses
      • Become a GADPPRO Academy Official Training Entity
      • Resources
      • Free Data Protection Resources
      • Blog
      • Profile
      • Students Stewards Network (SSN)

      Support

      • Privacy Policy
      • Terms of Use
      • FAQs
      • Contact

      © GADPPRO Academy | Privacad 2023

      GADPPRO Academy 2023

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account

      Are you a member? Login now