The ‘right to be forgotten’ has gained relevance since a matter regarding the same was referred to the Court of Justice of European Union (CJEU) in 2014 by a Spanish court. In that matter, the plaintiff Mario Costeja González wanted the Google search of his name that displayed results leading to an auction notice of his reposed home to be removed. The fact that Google continued to make available in its search results, an event that was his personal matter, was claimed by him as a breach of privacy. In a landmark judgement, CJEU held that where the information is ‘inaccurate, inadequate, irrelevant or excessive,’ individuals have the right to ask search engines to remove links with personal information about them. The court also ruled that even if the physical servers of the search engine provider are located outside the jurisdiction of the relevant member state of European Union (EU), these rules would apply if they have branch office or subsidiary in the Member State.
The ‘right to be forgotten’ is a misnomer, and essentially when we speak of it in the context of the proposed laws in EU, we refer to the rights of individuals to seek erasure of certain data that concerns them. Critical to our understanding of the rationale for how the ‘right to be forgotten’ is being framed in the EU is an appreciation of how European laws perceive privacy of individuals. Unlike the United States (US), where privacy may be seen as a corollary of personal liberty protecting against unreasonable state intrusions, European laws view privacy as an aspect of personal dignity, and are more concerned with protection from third parties, particularly the media.
Since the advent of the Internet, both the nature and quantity of information existing about individuals has changed dramatically. This personal information is no longer limited to newspaper reports and official or government records either. Our use of social media, micro-discussions on Twitter, photographs and videos uploaded by us or others tagging us, every page or event we click like, favourite or share—all contribute to our digital footprint. On top of that, there is information about using that has been created by both public as well as private bodies and the same has been stored in databases. One needs to realize at this point that our digital shadows far exceed the data that we create ourselves. It is abundantly clear that we exist in a world of Big Data, which relies on algorithms tracking repeated behaviour by our digital selves. It is in this context that a mechanism which enables the purging of some of this digital shadow makes sense.
The primary arguments made against the ‘right to be forgotten’ have come from its conflict with the right to freedom of speech. Jonathan Zittrain has argued against the rationale that the right to be forgotten merely alters results on search engines without deleting the actual source, thus, not curtailing the freedom of expression. He has compared this altering of search results to letting a book remain in the library but making the catalogue unavailable. According to Zittrain, a better approach would be to allow data subjects to provide their side of the story and more context to the information about them, rather than allowing any kind of erasure. (Powles, J., “Right to be forgotten: Swiss Cheese Internet, or database of ruin?”, The Guardian, August 1 2015) Unlike in the US, the European approach is to balance free speech against other concerns. As per the position of the US Supreme Court in Florida Star v. B.J.F., lawfully obtained information may be restricted from publishing only in cases involving a ‘state interest of the highest order’. This position would allow any potential right to be forgotten to be exercised in the most limited of circumstances and privacy and reputational harm would not satisfy the standard. For these reasons the rights to be forgotten as it exists in Article 17 may be unworkable in the US.
The Two Indian Judgments
In the first case, the petitioner entered a plea for “permanent restraint on free public exhibition of the judgment and order.” The judgment in question concerned proceeding against the petitioner for a number of offences, including culpable homicide amounting to murder. However, the petitioner was acquitted by both the Sessions’ Court as well as the Gujarat High Court. The petitioner’s primary contention was that despite the judgment being classified as ‘unreportable’, it was published by an online repository of judgments and was also indexed by Google search. The decision of the High Court to dismiss the petition, rest of the following factors: a) failure on the part of the petitioner to show any provisions in law which are attracted, or threat to the constitutional right to life and liberty, b) publication on a website does not amount to ‘reporting’, as reporting only refers to that by law reports.
The second point of reasoning made by the courts is problematic in terms of the function of precedent served by the reported judgments, and the basis for reducing the scope of ‘reporting’ to only law reports. The first point is of direct relevance to our current discussion. The lack of available legal provisions points to the absence of data protection legislation in India. Had there been a privacy legislation which addressed the issues of how personal information may be dealt with, it is possible that it may have had instructive provisions to address situation like these. In the absence of such law, the only recourse that an individual has is to seek constitutional protection under one of the fundamental rights, most notably Article 21, which over the years, has emerged as the infinite repository of unenumerated rights. However, typically rights under Article 21 are of a vertical nature, i.e., available only against the state. Their application in cases where a private party is involved remains questionable, at best.
In contrast, in the second case, the Karnataka High Court ruled in favour of the petitioner. In this case, the petitioner’s daughter instituted both criminal and civil proceedings against a person. However, later they arrived at a compromise and one of the conditions was quashing all the proceedings which had been initiated. The petitioner had raised concerns about the appearance of his daughter’s name in the case title and the same was easily searchable online. The court observed that in western countries, the “right to be forgotten” is applied in sensitive cases involving women in general and highly sensitive cases involving rape or affecting the modesty and reputation of the person concerned, held in the petitioner’s favour, and ordered that the name be redacted from the case title and the body of the. The second judgment is all the more problematic for while it makes a reference to jurisprudence in other countries, yet it does not base it on the fundamental right to privacy, but to the idea of modesty and reputation of women, which has no clear legal basis on either Indian or comparative jurisprudence.
The above two cases demonstrate the problem of lack of a clear legal basis being employed by the judiciary in interpreting the right to be forgotten. Not only were no clear legal provisions in Indian law taken refuge of while ruling on the existence of this right, since there were none, the court also did not engage in any analysis of comparative jurisprudence such as the General Data Protection Regulation or the Costeja judgment. Such ad-hoc style of jurisprudence underlines the need for a data protection legislation, as in its absence, it is likely that divergent views are taken upon this issue, without a clear legal direction. Once such legislation is present, the entire legal process will become more streamlined and reliance on the fundamental rights in data protection cases will drastically come down. It is likely that most matters concerning the right to erasure concern private parties as data controllers. In such cases, the existing jurisprudence on the right to privacy as interpreted under Article 21 may also be of limited value. Further, as has been pointed out above, the right to be forgotten needs to be a right qualified by conditions very clearly, and its conflict with the right to freedom of expression under Article 19. Therefore, it is imperative that a comprehensive data protection law addresses these issues.
- Zittrain J., “Don’t Force Google to ‘Forget’” The New York Times, May 14, 2014.
- Pozen D., “Privacy-Privacy Tradeoffs.” The University of Chicago Law Review, vol. 83, no. 1.
- Ward S., “Hoist Your Mug: Websites Will Post Your Name and Photo; Others Will Charge You to Remove Them.” ABA Journal, vol. 98, no. 8.
- Sen S. & Badkur V., “Compromising Privacy for National Interest: A Fair Trade-Off?” Journal on Contemporary Issues of Law, vol. 3, issue 10, Available at http://jcil.lsyndicate.com/wp-content/uploads/2017/11/Syamantak-Vivek.pdf
Subscribe to our weekly newsletters.
Get all our posts, blogs and video content via e-mail.