Digital Policy Alert logo

Sweden: IMY fines Google for GDPR violations

Policy overview

Description

IMY fines Google for GDPR violations

On 10 March 2020, the Swedish Authority for Privacy Protection (IMY) concluded an investigation into the company Google for violating the GDPR on a number of counts. The dispute concerned firstly the removal of search results requested by data subjects, and secondly Google's practice of notifying webmasters of the removal such search results. IMY found that Google did not remove the search results in question without undue delay. In addition, IMY found that the practice of notifying webmasters constituted processing of personal data which violated the GDPR. As a result, IMY imposed an administrative penalty of SEK 75 million.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
search service provider
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2020-03-10
under investigation

On 10 March 2020, the Swedish Authority for Privacy Protection (IMY) concluded an investigation int…

2020-11-23
under investigation

On 23 November 2020, the Stockholm Administrative Court issued a ruling on Google LLC's appeal agai…

2021-11-30
under investigation

On 30 November 2021, the Gothenburg Court of Appeal issued a judgment in a case between Google LLC …

2022-12-20
in force

On 20 December 2022, the Swedish Supreme Administrative Court decided not to grant an appeal in the…