The Right to be Forgotten and GDPR in the UK
Your Right to be Forgotten is part of the UK’s General Data Protection Regulation (GDPR) laws. This legislation was passed by the EU in 2016 and came into force two years later in 2018. With the Brexit transition, GDPR was adopted in British law.
Internet Erasure’s privacy lawyers are experts in GDPR. Our knowledge of the Right to be Forgotten means we can help people rebuild their reputation following negative and defamatory press reports. Also known as the ‘Right to Erasure’, it gives you the legal entitlement to request link removal from Google and other search engines.
In this post, you’ll gain insight into GDPR as a whole, the rights it gives you, and how Internet Erasure can help you exercise your ‘Right to be Forgotten’.
Internet Erasure’s privacy lawyers are experts in GDPR. Our knowledge of the Right to be Forgotten means we can help people rebuild their reputation following negative and defamatory press reports. Also known as the ‘Right to Erasure’, it gives you the legal entitlement to request link removal from Google and other search engines.
In this post, you’ll gain insight into GDPR as a whole, the rights it gives you, and how Internet Erasure can help you exercise your ‘Right to be Forgotten’.
What is GDPR?
The General Data Protection Regulation (GDPR) forms the basis of the UK’s Data Protection Act 2018. It mirrors the equivalent EU legislation and gives individuals a host of rights when it comes to their personal data. This includes the Right to be Forgotten. As well as protecting people’s privacy, GDPR also regulates data collection in organisations. The main purpose of GDPR is to give individuals control over their personal data and how it’s used. It also seeks to simplify and streamline regulations for businesses.
Who has to comply with GDPR?
All UK businesses and organisations must follow GDPR. The legislation also applies to overseas businesses that offer goods and services to people within the country. This includes companies worldwide that collect data from residents in the UK. As for individuals, GDPR only applies if they are collecting data for commercial reasons.
What was in place before GDPR?
Within the EU, the 1995 Data Protection Directive preceded 2016’s GDPR laws. This directive gave member countries the right to pass their own privacy legislation. With many different laws, this led to inconsistent data protection rules across the EU. The new regulations aimed to standardise privacy laws and give citizens the same rights across the block. In the UK, GDPR replaced the Data Protection Act 1998.
How GDPR changed the Data Protection Act 1998
- Greater individual rights. This includes the "Right to be Forgotten."
- Need for explicit consent. Businesses now have to ask for your permission to collect, process, and store your personal data.
- Global reach. Non-UK businesses must adhere to GDPR when dealing with UK-based customers.
- More responsibilities for businesses. It enforces stricter requirements for collecting and storing data.
- Privacy-first approach. Implements the "data protection by design and default” philosophy.
- Obligatory Data Protection Officers. Organisations must have a designated person responsible for data and privacy protection.
- Unified regulatory framework. Streamlines all privacy and data laws into one.
- Stricter penalties. Imposes harsher fines on non-compliant businesses.
- Updated to the digital age. In 1998, data collection was still largely offline.
What rights does GDPR give you in the UK?
Here is a summary of your rights. For more information, you can follow the link to the Information Commissioner’s Office website.
- Right of access. You’re legally able to access your personal data and obtain a copy of it. This is also known as the right to data subject access.
- Right to rectification. If your personal data is inaccurate or incomplete, you’re entitled to get it corrected.
- Right to erasure. This allows you to request your personal data be removed when it's incorrect, defamatory, and/or outdated. This is often referred to as the Right to be Forgotten.
- Right to restrict processing. You can block your data from being used under certain conditions.
- Right to data portability. This right allows you to transfer your data between different service providers.
- Right to object. You have the right to object to your data being processed in certain circumstances. This includes for direct marketing and market research.
- Rights for automated decision-making and profiling. You have the right to not be subject to an automated decision. An example of this is being denied a loan based on an automated credit assessment. You’re legally entitled to request a human to review such decisions.
- Right to complain. You have the legal right to complain if you feel that a business violates your privacy. In most cases, complaints go to the Information Officer’s Commission.
How has GDPR changed in the UK following Brexit?
When the UK left the EU, it adapted GDPR to UK GDPR. This now sits alongside the updated Data Protection Act 2018. The provisions remained largely unchanged, with only a few subtle differences. These are:
- Adapting legal frameworks. The UK adapted the EU regulations to its own legal system. A few tweaks were made, such as removing references to the EU and setting a minimum age of consent.
- International data transfer. The UK made changes to the way your data is transferred to other countries. The new rules are designed to keep your data safe when shared overseas.
- Local representation. After Brexit, any overseas company that handles data from UK residents must have a representative in the UK.
- Regulatory oversight. The Information Commissioner’s Office (ICO) was specified as the relevant authority for GDPR.
The Right to Be Forgotten in the UK
One of the main rights that GDPR gives you is the Right to be Forgotten. This is also known as the Right to Erasure. It’s your legal entitlement to request organisations delete any data they hold about you. These include ex-employers, businesses, and online news websites. You can read more in our article about the Right to be Forgotten.
The Right to be Forgotten lets you control your digital footprint and protect your online reputation. Under certain circumstances, you can request your personal data be deleted from websites and databases. This includes removing links from Google and other search engines, too.
It’s important to note that the Right to be Forgotten is complex and full of nuances. This is because an individual’s right to privacy often clashes with the public’s right to know. You can read our article for more information about when the Right to be Forgotten applies in the UK.
The Right to be Forgotten lets you control your digital footprint and protect your online reputation. Under certain circumstances, you can request your personal data be deleted from websites and databases. This includes removing links from Google and other search engines, too.
It’s important to note that the Right to be Forgotten is complex and full of nuances. This is because an individual’s right to privacy often clashes with the public’s right to know. You can read our article for more information about when the Right to be Forgotten applies in the UK.
How Internet Erasure helps you remove links from Google
GDPR gives you the right you protect your online reputation. Sadly, many people fail to remove links from Google due to complex laws. That’s where Internet Erasure can help. Our team of privacy lawyers knows the ins and outs of GDPR and the Right to be Forgotten.
Over the years, we’ve removed 40,000+ damaging links from search engines for more than 850 clients. We’re the UK’s only reputation management company with an excellent rating on TrustPilot. If there’s a link worrying you, exercise your GDPR rights and contact us today.
Over the years, we’ve removed 40,000+ damaging links from search engines for more than 850 clients. We’re the UK’s only reputation management company with an excellent rating on TrustPilot. If there’s a link worrying you, exercise your GDPR rights and contact us today.