Netherlands

[NL] Court refuses request to order Google to remove search results concerning an individual investigated for fraud

IRIS 2017-4:1/29

Max Rozendaal

Institute for Information Law (IViR), University of Amsterdam

On 12 January 2017, The Hague District Court refused an applicant’s request to order Google Inc. to remove ten hyperlinks from its search engine results. The search results concerned the applicant, a real-estate entrepreneur against whom a criminal investigation had been conducted in 2005 for mortgage fraud.

Of the ten search results which were allegedly shown when the applicant’s name was entered in Google Search, two had already been removed by Google. A further five search results had not been obtained by entering the applicant’s name; therefore the Court only considered the three remaining URLs which were shown when the applicant’s name was entered in Google Search. These URLs contained news articles on claims for damages which the applicant had brought against the municipality of Rotterdam concerning the criminal investigation that had been conducted against the applicant.

The applicant based his request primarily on the grounds of unlawful processing of personal data on criminal offences, and on the grounds that none of the exceptions to the prohibition to process personal data on criminal offences apply (Articles 16, 22 and 23 of the Dutch Data Protection Act). Google argued that only the search results themselves should be considered, and not the source pages to which they link. Google also argued that it did not process personal data on criminal offences. The Court accepted this defence and stated that the search results should be assessed, and not the content of the source pages to which Google linked.

The Court considered that Google did not process personal data on criminal offences as the three search results did not contain information which gave rise to a presumption more serious than a reasonable suspicion of committing a criminal offence. The Court refused to grant the request on the applicant’s primary claim.

The applicant’s subsidiary claim was that the processing by Google was incompatible with the Dutch Data Protection Act and the Privacy Directive. The applicant stated that the processing by Google violated Articles 7 and 8 of the EU Charter of Fundamental Rights, the right to private life and data protection, whilst referring to the Court of Justice of the European Union (CJEU) judgment in Google Spain (see IRIS 2014-6/3).

The Court considered that Google’s right to freedom of expression and information, as well as that of its users (Articles 11 EU Charter, 10 ECHR, 7 Dutch Constitution), weighed more heavily than the applicant’s “right-to-be-forgotten” since the news articles to which Google linked were caused by the applicant’s own behaviour. Furthermore, the Court stated that the real-estate sector and developments concerning fraud are part of a public debate. As a result, the Court refused to grant the request on the applicant’s subsidiary claim.