Skip to main content

First Strike at Digital Permanence: Right to be Forgotten

 In 2020, the High Court of Orissa examined the right of a rape victim to be forgotten from the internet, where the court stated,

“…information in the public domain is like toothpaste, once it is out of the tube one can’t get it back in and once the information is in the public domain it will never go away”[1]

In a time driven by technology, where information about ‘everybody’ is at the tip of fingers, imagine having consent and control over ‘how much information’ and ‘what kind of information’ any third-party witness about you. In an era of digital permanence, having an unsaid gem in your fundamental right that helps you remove any trace, subject to restrictions, of you from the internet. That right is, RIGHT TO BE FORGOTTEN.

Right to be forgotten (RTBF) allows individuals (data subjects) to request that their personal information be removed from the Internet (not show up in search engine searches), and seeks to give individual’s increased control over their personal information stored online.[2]

Therefore, to put it in simple language, any person can ask any social media intermediary, such as Google, Meta or Twitter, to delete information from their server including search results, databases, websites or any other public platforms, once the personal information in question is no longer necessary, or relevant.

By this very nature, RTBF is also known as the ‘Right to Erasure’.

Legal Recognition:

Western Recognition:

The initial momentum of RTBF can be traced in a US District Court of Appeals judgement of Melvin v. Reid, where, the plaintiff, Gabrielle Darley Melvin, was a woman of unchaste character and was tried for murder, however, in 1918, all the charges against her were dropped. Further, in 1925, the defendants, without her knowledge or permission, made and released a film titled "The Red Kimono" which was advertised as a true story and the plaintiff's maiden name was used for promotion. In 1931, the court upheld the right of privacy of the plaintiff. The judges justified the ruling by stating the Constitution of California, [3]

“The right to pursue and obtain happiness is guaranteed to all by the fundamental law of our state. This right by its very nature includes the right to live free from the unwarranted attack of others upon one's liberty, property, and reputation. Any person living a life of rectitude has that right to happiness which includes freedom from unnecessary attacks on his character, social standing, or reputation.”

Article 8 of the Human Rights Act 1998 states, right to respect for your private life, your family life, your home and your correspondence (letters, telephone calls and emails) [4], which has been used by many common law countries as a medium to press for RTBF after the penetration of social media.

In 1995, the data protection directive of the European Union was passed with an aim to regulate personal data, although, this directive did not explicitly mention RTBF. However, in 2014, the European Parliament gave statutory recognition to the right to erasure via Article 17 of the UK General Data Protection Regulation (GDPR) [5] where individuals have the right to have personal data erased under certain circumstances. Hence, making this right not absolute.  

In 2010, Costeja González (Petitioner) brought a complaint before the Spain’s Data Protection Agency against La Vanguardia newspaper, Google Spain, and Google Inc where he demanded Google to remove the record of his 1998 proceedings which had been fully resolved for several years and therefore, they should no longer appear online. The proceedings escalated to the Court of Justice of the European Union (CJEU) where the court upheld RTBF of the petitioner by stating,

“…that Google must delete links to personal information from search results at the request of a data subject unless a strong public interest suggests otherwise.” [6]

This decision led to an explicit use of RTBF by any western court.

Indian Recognition:

In India, RTBF doesn’t have legislative sanction yet, however, the law relating to Personal Data Protection Bill 2019 is set to be tabled in parliament.

Under Section 20 of Personal Data Protection Bill 2019 [7], every person has the right to restrict or prevent continuing disclosure of personal data by any data fiduciary if such disclosure meets any one of the following conditions,

·         The disclosure served the purpose for which it was made or is no longer necessary

·         The disclosure was made with prior consent from the individual and such consent has since been withdrawn.

·         The disclosure was made contrary to the provisions of the new bill or any other law in force. [8]

Despite the lack of legislative statute, the Supreme Court of India in 2017, in the landmark judgement of Justice K.S. Puttaswamy (Retd) v. Union of India [9], held that the right to be let alone is a quintessential part of the autonomy and the privacy of an individual. The apex court also highlighted the importance of RTBF, and stated that if India were to recognize RTBF as it exists under the GDPR today, “it would only mean that an individual who is no longer desirous of his personal data to be processed or stored, should be able to remove it from the system where the personal data/information is no longer necessary, relevant, or is incorrect and serves no legitimate interest”. Subsequently, the court stated, right to be forgotten emerges from the right to privacy under Article 21 and partly from the right to dignity under Article 14.

Further, the Supreme Court also observed that this right was subject to certain limitations, i.e., “exercising the right of freedom of expression and information, for compliance with legal obligations, for the performance of a task carried out in public interest, on the grounds of public interest in the area of public health, for achieving purposes in the public interest, scientific or historical research purposes or statistical purposes, or for the establishment, exercise or defence of legal claims.”

In a current ongoing case in Delhi High Court, the Ministry of Electronics and Information Technology (MeitY) in its affidavit stated, “the right to privacy is a fundamental right and it also includes the right to be forgotten.”[10] This is the first instance in which recognition to RTBF has been given by a Ministry.

 

Right to be Forgotten V. Right to Privacy:

Right to be forgotten is distinct from the Right to Privacy. Right to Privacy constitutes information that is not publicly known, whereas RTBF involves removing information that was publicly known at a certain time and not allowing third parties to access the information. RTBF allows the individuals to have certain information or data about themselves in the form of documents, photographs, videos etc. to be deleted from the internet, so that it may not be accessed by internet search engines any further.[11]

Right to Privacy can be located in the following legislatures via the corresponding sections:

·         Juvenile Justice Act, 2015[12], section 3(11)

·         Indian Penal Code, 1860, section 228A[13]

·         The Protection of Children from Sexual Offences Act, 2012, Section 23, 24 and Section 33 etc.[14]

Primarily, the legislature for the right to privacy has been enacted for protecting the identity of rape or any other sexual assault victims, therefore, their names, address or any personal details are not reflected in any order passed by a Court. Hence, sufficiently protecting the right to privacy of that person.

Indian Legal Precedents:

Right to be Forgotten was denied:

The first case in India to deal with the concept of the right to be forgotten was the case of Dharmaraj Bhanushankar Dave v. the State of Gujarat[15] in the Gujarat High Court. The petitioner had filed a case for the removal of a published judgment in which he had been acquitted. However, the court did not grant an order for the removal of the judgement, as the petitioner had not been able to point out specific provisions of law that had been violated.

Right to be Forgotten was upheld:

In Sri Vasunathan v. The Registrar General[16], a woman had filed an FIR against a man, involving crimes of grave nature such as forgery, compelling to get married and extortion. She also filed a civil suit for the annulment of her marriage with him. She requested an injunction to restrain the man from claiming any marital rights. Later, both reached an out-of-court settlement and the cases were closed. Subsequently, the woman got married. Later, her father filed another petition realizing that an online search would reveal his daughters’ connections to all the legal disputes. This could result in affecting her daughter’s personal life and her public image. The father pleaded to the court to mask her daughter’s name in the cause title of the cases and prayed the same for any other copy available at online portals.

The Karnataka High Court approved the father's request, stating that she had a RTBF. Hon'ble Justice Anand Byrareddy, the author of the judgment the ruling would align with western states’ decisions, which typically approve of the right to be forgotten when dealing with cases “involving women in general and highly sensitive cases involving rape or affecting the modesty and reputation of the person concerned.” Thus, while RTBF was upheld it was not based on the Fundamental Right to Privacy, but instead on the idea of modesty and reputation of women.

In Civil Writ Petition No. 9478 of 201640[17], the name of the case is no longer available on Legal Databases owing to a Kerala High Court order dated February 23, 2017, the Kerala High Court ruled in favour of Right to be forgotten by asking the online Legal database Indian Kanoon to remove the name of the rape victim from a previous judgment in an interim order until further orders were issued.

Concerns regarding Right to be Forgotten:

Right to be forgotten suffers from many constitutional inconsistencies which make its grounding principles not coherent with the other Fundamental Rights. Article 19 of the Constitution protects the right to expression of the citizens and allows an individual to post content online about another person, as long it is not restricted by a statutory legislation, under Article 19(2). Thus, the broad conception of personal data would infringe the right to freedom of expression. Furthermore, it impedes with the public’s right to information due to decrease in the quality of the internet searches because of unwarranted requests for removal of personal information by data subjects.

Conclusion:

Internet footprints can be unforgiving, and removal of content from the internet is often a technical impossibility. However, the approach taken by different High Court’s suggests that it will endeavour to recognize and uphold individual privacy rights. RTBF is an important empowering tool in the hands of data subjects, the absence of which would highly diminish the right to privacy. However, due to the lack of statutory legislature, the edges of RTBF seem too sharp, threatening the right to information and right to freedom of expression under Article 19. While the Personal Data Protection Bill 2019 is yet to be given the effect of an Act by the parliament, the judiciary plays a crucial role in striking a balancing act between the other rights of Indian Citizens and bounds and stretches of the right to be forgotten.

About the Author

Sanchita Gupta is a Second Year student at Law Center 2, Faculty of Law, University of Delhi. She has completed her graduation in Commerce and has worked as a Regulatory and Compliance Analyst. Her interest lies in Corporate Law and Alternate Dispute Resolution. 


[1] Subhranshu Rout v. State of Odisha, 2020 SCC OnLine Ori 878. https://indiankanoon.org/doc/6266786/

[2] Vidhi Centre for Legal Policy, “Why the Recent Ruling on the Right to Be Forgotten Is a Gamechanger for

India’s Data Laws”, February 2021. https://www.thebetterindia.com/87149/how-right-to-be-forgotten-ruling-overhaul-india-privacy/

[3] “Torts: The Right to Privacy and the Pursuit of Happiness”, Vol. 20 No.1, CLR 100-102 (1931). https://www.jstor.org/stable/3475941?origin=crossref

[5] General Data Protection Regulation, 2016, Article 17. https://gdpr-info.eu/art-17-gdpr/

[6] Case C-131/12, Google Spain SL v. Agencia Española de Protección de Datos (May 13, 2014). https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-05/cp140070en.pdf

[7] The Personal Data Protection Bill, 2019, Section 20. http://164.100.47.4/BillsTexts/LSBillTexts/Asintroduced/373_2019_LS_Eng.pdf

[8] Jithendra Palepu, “The Personal Data Protection Bill 2019: Do you have the Right to be Forgotten from the Internet?”, The Leaflet, Sept. 18, 2020. https://www.theleaflet.in/the-personal-data-protection-bill-2018-do-you-have-the-right-to-be-forgotten-from-the-internet/

[9] Justice K.S. Puttaswamy (Retd) v. Union of India, 2017 SCC OnLine SC 1462. https://main.sci.gov.in/supremecourt/2012/35071/35071_2012_Judgement_24-Aug-2017.pdf

[11] R&S Law Associates, Right to be Forgotten: Indian Perspective (2020). https://rslawassociates.co.in/right-to-be-forgotten-indian-perspective/

[12] The Juvenile Justice (Care And Protection Of Children) Act, 2015, Section 3. https://legislative.gov.in/sites/default/files/A2016-2_0.pdf

[13] The Indian Penal Code, 1860, Section 228A. https://legislative.gov.in/sites/default/files/A1860-45.pdf

[15] Dharmaraj Bhanushankar Dave v. the State of Gujar, 2015 SCC OnLineGuj 2019. https://indiankanoon.org/doc/156866860/

[16] Sri Vasunathan v. The Registrar General, 2017 SCC OnLine Kar 424. https://indiankanoon.org/doc/12577154/

[17] Global Freedom of Expression, The Case of the Rape Survivor’s Right to Be Forgotten (India), (University of Colombia, New York, 2017). https://globalfreedomofexpression.columbia.edu/cases/the-case-of-the-rape-survivors-right-to-be-forgotten-india/

Comments

Popular posts from this blog

DECODING THE FURORE OVER DATA PROTECTION BILL

  Introduction The collection of information is the base of any program or business and this is the base on which upcoming strategies are designed. Nowadays when we even go to the super market and purchase anything we are asked to register our contact number, birth details etc. However not every piece of information is necessary but we do not care much about it. The data if not used properly can be very dangerous for privacy of an individual. The protection of data is of utmost importance because it contains your personal information and if it goes into wrong hand it can lead to trouble. For example: - if someone is a journalist then the information related to him is so crucial because if his personal information gets leaked he might not be able to cover the news freely. Thus, the data protection is very important. Indian government in year 2019 came up with personal data protection bill to protect the data but because of few objections, it got referred to the Joint parliamentary c...

AN OVERVIEW OF THE INFORMATION TECHNOLOGY (INTERMEDIARY GUIDELINES AND DIGITAL MEDIA ETHICS CODE) RULES, 2021

  ABSTRACT As society is advancing and progressing towards the advancement of technology, we are dwelling upon different kinds of new technologies. With the coming of new technologies, there have been various concerns about the usage of these technologies in accordance with the laws of the land, the misuse of these technologies and its attempt by law to check such kind of arbitrary use. In this era of surveillance, there are many issues concerning privacy because of the technology that we use. The Indian Government has laid down the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, especially in the backdrop of recent controversies that have erupted concerning OTT platforms to check the arbitrary use of cyber technology and establish a mechanism to deal with the cyber issues. The OTT platforms were not covered under the old legislation. The amended rule includes both social media platforms and OTT platforms under the ambit of the Ministry...

EVOLUTION OF THE RIGHT TO PRIVACY AND EXPLAINING THE NATIONAL SECURITY IMPLICATIONS OF THE SAME

  INTRODUCTION The term ‘Privacy’ has a multi-faced connotation and is much complex a problem to be reduced to a single essence. Privacy is the right to be let alone, the right to be free from unwarranted public intervention. [1] The concept of privacy was inextricably linked with that of house or property sanctity in the late nineteenth and early twentieth centuries. [2] The Right to Privacy has received considerable attention recently, since it is being considered as an important component of the fundamental right of 'right to life and personal liberty' under Article 21 of the Constitution, together with the freedoms granted by Part III. There has almost been an evolution of the subject as a result of various landmark decisions made over time by the Indian Judiciary. However, since fundamental rights are not absolute in nature [3] , it is necessary to understand that the infringement of Right to Privacy is justified by a compelling state interest [4] . Any topic of publi...