On 13 April 2018, the High Court, in NT1 & NT2 v Google LLC  EWHC 799 (QB), ruled against Google, in favour of two businessmen advocating for the right to be forgotten. You can find the full judgment here, but in this blog we explore the reasoning behind the Court’s decision.
Right to be forgotten/right to erasure
The Court of Justice of the EU confirmed the right to be forgotten as an existing right under data protection laws, in Google Spain SL v Agencia Espanola de Protección de Datos Case of 2014: 317. The right to be forgotten is made explicit in the EU General Data Protection Regulation 2016/679 (GDPR) text. Essentially, in the GDPR the right is an enhanced right of erasure. The right is not absolute, which means that a controller does not need to comply with the request if there is a legitimate reason for continuing to process the personal data.
Two separate businessmen brought cases, which were consolidated. Each case centred on the reporting of business-related criminal convictions that were spent and over a decade old:
- NT1 was convicted of conspiracy to commit false accounting and tax evasion; and
- NT2 pleaded guilty to conspiracy to tap phones and hack computers of environmental activists who had made threats against him and his business.