In our hyperconnected world, where every click, share, and post is archived and indexed, the permanence of online information has become a pressing concern. The internet’s ability to immortalize data has led to a growing debate about privacy and digital rights. This is particularly evident in India, where the Right to Be Forgotten (RTBF) has become a focal point of legal battles. Individuals seeking to remove outdated or sensitive information from online platforms are challenging the status quo and sparking a crucial discourse on privacy in the digital age.
Indian Cases Highlighting the Right to Be Forgotten
The quest for the Right to Be Forgotten in India has made its way to the highest courts, illustrating the profound impact of digital permanence on personal lives. In several high-profile cases, individuals have petitioned the Supreme Court to erase or delete personal data from search engines and online databases.
Consider the case of Zulfiqar Ahman Khan v. M/S Quintillion Business Media Pvt. Ltd. and others, Zulfiqar Ahman Khan sought the removal of articles published about him on the news website The Quint. The Delhi High Court recognized the Right to be Forgotten and the right to privacy as fundamental aspects of an individual’s autonomy. Even in State of Punjab v. Gurmeet Singh and Ors (1996), the Supreme Court has held that anonymity can help protect victims of sexual offences from social ostracism. These cases underscore a critical issue: the long-lasting impact of digital records on individuals’ lives. While the internet provides an invaluable resource for information and connectivity, it also poses challenges in managing one’s digital footprint. The discussions surrounding the RTBF reveal the delicate balance between safeguarding individual privacy and preserving public access to information.
Understanding the Right to Be Forgotten
1. What is the Right to Be Forgotten?
The Right to Be Forgotten empowers individuals to request the removal or delisting of personal information from search engines and online databases when that information is outdated, irrelevant, or harmful. This right aims to give individuals more control over their digital identities and protect them from the adverse effects of persistent online content.
2. Constitutional Elements and Legal Remedies in India
In India, while the Right to Be Forgotten is not explicitly codified, it is rooted in the fundamental right to privacy. The Supreme Court of India recognized privacy as a fundamental right under Article 21 of the Indian Constitution in the landmark case of Justice K.S. Puttaswamy (Retd.) vs. Union of India (2017). This decision laid the groundwork for discussions on digital privacy and the RTBF.
- Judicial Recourse: Individuals can seek relief through the High Courts or the Supreme Court for privacy violations. The remedy can be availed to exercise the fundamental ‘Right to Life and Personal Liberty’ guaranteed by Article 21 of the constitution of India, which through various judicial proceedings has been recognized as a part of it. Courts may issue orders to de-index or remove specific information from search results based on the circumstances of each case.
- Digital Personal Data Protection Act (DPDPA), 2023: In the act under certain situations, an individual can request that an organization erase their personal data. The act has provision to withdraw consent which was previously given to store data. Empowering individuals to regulate their presence online.
- Information Technology Act, 2000: While the IT Act addresses data privacy and security issues, it does not specifically cover the Right to Be Forgotten. Sections 66E and 72 pertain to privacy violations and data misuse but do not provide explicit RTBF provisions.
- IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011: These rules mandate data protection practices but lack explicit RTBF provisions.
- National Cyber Security Policy, 2013: While primarily focused on cybersecurity, this policy highlights the importance of data protection and privacy, indirectly contributing to the RTBF discourse.
Challenges Persist:
The right to be forgotten is not as linear as it sounds. An ongoing debate between the “right to be forgotten” and the public’s “right to be informed is being scrutinized by a senior bench of the Supreme Court, led by Chief Justice DY Chandrachud and includes Justices JB Pardiwala and Manoj Misra. The bench stayed the Madras High Court’s order directing a law portal to remove a verdict acquitting a man in a sexual assault case. Chief Justice Chandrachud voiced initial concerns about the High Court’s decision.
The removal of such information from public access can be a serious concern for safety, transparency and accountability in the legal system. Additionally, potential ramifications for legal practitioners, researchers, and journalists who rely on accessible court records.
Global Scan
1. European Union: The Global Leader
The European Union has been at the forefront of implementing the Right to Be Forgotten. The GDPR, effective from May 2018, enshrines RTBF under Article 17. This regulation allows individuals to request the removal of personal data when it is no longer necessary, when consent is withdrawn, or when it is unlawfully processed. The landmark case of Google Spain SL, Google Inc. v. Agencia Española de Protección de Datos (2014) established that search engines must remove links to outdated or irrelevant information upon request, setting a global precedent for data privacy.
2. United States: A Different Perspective
In contrast, the United States does not have a comprehensive federal data protection law like the GDPR. Instead, data privacy rights are governed by sector-specific regulations. The California Consumer Privacy Act (CCPA) offers some rights related to data access and deletion but does not explicitly address RTBF. The US approach often prioritizes freedom of information and emphasizes less restrictive measures compared to European standards.
3. Asia: Diverse Approaches
In Asia, countries are adopting various approaches to data privacy. South Korea and Japan have developed robust data protection laws similar to GDPR, providing similar rights to data erasure. Conversely, China focuses more on state control over data and offers limited individual rights for managing online information.
Conclusion: The Evolving Landscape of Digital Privacy
Globally, the approach to RTBF varies, with the EU leading with comprehensive regulations, while other regions adopt more partial measures. As digital footprints become increasingly significant, balancing privacy with public access to information remains a key challenge. The RTBF marks a significant shift in how personal data is managed in the digital age. In India, the drive for RTBF is fueled by individual cases illustrating how persistent online information affects personal and professional lives. While Indian law does not yet explicitly address RTBF, constitutional privacy rights and emerging legislation like the DPDPA offer a basis for addressing these issues. Addressing this balance requires thoughtful legal frameworks that protect individual privacy without undermining public information needs.
