Submitted by- Aathira Pillai

Abstract

The “Right to Be Forgotten” empowers individuals to request the removal of their personal information from internet searches, digital directories, and other publicly accessible platforms. It aims to allow individuals to move beyond their past actions or circumstances, ensuring they are not perpetually defined or stigmatized by outdated or irrelevant information. In the digital era, where data permanence can have lasting consequences, this right offers an essential layer of personal data control, complementing the broader “right to privacy.” While the right to privacy ensures that certain personal information remains confidential, the Right to Be Forgotten specifically addresses the removal of information already available in the public domain.

The concept has evolved through significant legislative and judicial developments, most notably in the European Union under the General Data Protection Regulation (GDPR). In India, it has been acknowledged as part of the right to privacy under Article 21 of the Constitution, with specific references in the draft Personal Data Protection Bill. However, its enforcement remains complex, involving a careful balance between privacy, public interest, freedom of expression, and the right to information. This paper examines the evolution of the Right to Be Forgotten globally and in India, analyses key judicial precedents, and considers its challenges and implications. The study concludes with recommendations for establishing a balanced framework that protects individual dignity while safeguarding democratic values.

Introduction

The rapid proliferation of the internet and digital technologies has revolutionized the way information is stored, accessed, and shared. While this has democratized access to knowledge and improved transparency, it has also resulted in unprecedented challenges to individual privacy and dignity. In an era where personal data can be permanently recorded, indexed, and retrieved within seconds, the question of whether individuals should have the right to erase or limit access to their personal information has gained global prominence. The “Right to Be Forgotten” (RTBF) emerges as a legal and moral response to these concerns, offering individuals the power to reclaim control over their digital identity.

This right allows a person to request the removal of personal data from publicly accessible platforms, ensuring that outdated, misleading, or irrelevant information does not define them indefinitely. It goes beyond the traditional “right to privacy” by addressing information that has already entered the public domain. Originating from European legal discourse and codified under the EU’s General Data Protection Regulation (GDPR), RTBF has triggered global debate on its scope, limitations, and compatibility with other rights, particularly the freedom of expression and the right to information.

In India, while the RTBF has been recognized under the broader umbrella of Article 21’s right to privacy, its operational framework remains incomplete and contested. This paper aims to examine the historical evolution, legal foundations, and judicial interpretations of the RTBF, both globally and within India, highlighting the need for a balanced approach that safeguards both personal dignity and public interest.

The Right to Be Forgotten represents an evolving intersection between privacy, digital governance, and fundamental freedoms. In today’s interconnected and data-driven world, where information once published can be replicated and disseminated endlessly, this right offers individuals a means to prevent perpetual digital branding based on past events. Its underlying philosophy is to restore autonomy over personal information, thereby enabling individuals to move forward without being constantly burdened by their past.

Globally, the European Union has set a benchmark through the GDPR, offering a structured legal mechanism for enforcing RTBF while balancing competing rights. However, even within the EU, challenges persist in defining the boundaries of this right, particularly in the context of journalistic freedom, public interest, and cross-border data jurisdiction. India’s recognition of RTBF as part of the right to privacy under Article 21 marks a significant step, but the absence of a dedicated, enforceable statutory framework leaves considerable uncertainty in its practical application. Judicial precedents in India indicate a willingness to consider RTBF claims, but courts remain cautious, often weighing them against the constitutional guarantees of free speech and access to information.

Moving forward, a comprehensive data protection law with clear provisions for RTBF is essential. Such a law must outline procedural safeguards, criteria for removal requests, and mechanisms for balancing individual rights with collective democratic interests. Without this, the RTBF risks remaining a theoretical construct rather than a practical remedy. Ultimately, the goal should be to protect personal dignity without undermining the foundational principles of transparency, accountability, and freedom of expression in a democratic society.

The right to be forgotten provides individuals with the ability to request that their personal information be removed from the Internet. When the right to be forgotten applies, personal information about a person may be removed from Internet searches and other directories. Rather than be branded indefinitely or continually based on prior behavior, people wanted to control their own lives, rather than be branded based on their past behaviour resulting in the evolution of the concept.

On the internet, data privacy reaches its peak when one is invisible. While perfect anonymity is unattainable, being able to control the amount of personal information (PI) that is visible to the public or used by online entities is. The balance frequently rests on whether the public interest or economic interest outweighs a person's right to expungement. Further, the "right to privacy" refers to the right to keep information private, whereas the "right to be forgotten" refers to the right to erase information already publicly available.

Evolution of Right To Be Forgotten

The European Commission's proposal to create a sweeping new privacy right the "right to be forgotten" was announced by Viviane Reding, the European Commissioner for Justice, Fundamental Rights, and Citizenship. As part of a broad proposed new data protection regulation, this right has finally been codified after being hotly debated in Europe for the past few years. International human rights advocates have questioned the viability of creating a right to be forgotten (with regards to access to information). Due to the ambiguity of current rulings that seek to grant such a right, this is a matter of some concern. Concerns also surround its impact on freedom of speech and privacy, as well as its impact on the quality of the Internet through censorship and the writing of history.

Various European concepts have been incorporated into the concept of "right to be forgotten". According to the Rehabilitation of Offenders Act, many criminal convictions in the United Kingdom are "spent" after a certain period of time. This means that information about the person should not be considered for insurance purposes or job applications. Similarly, France has recognized this right, which was given legal recognition in French law in 2010 as le droit à l'oubli (the right to be forgotten). There are quite a few differences between the rights to be forgotten in the United States and the European Union.

Right to Be Forgotten In India

An individual's right to be forgotten is part of their right to privacy, which is governed by the Personal Data Protection Bill, which Parliament has not yet adopted. As a result of the Supreme Court's landmark decision in 2017, privacy was recognized as a fundamental right. "The right to privacy is an integral aspect of the right to life and personal liberty as afforded by Article 21 of the Constitution as well as part of the freedoms granted by Part III of the Constitution," the court ruled.

The Lok Sabha introduced the Personal Data Protection Bill on December 11, 2019, with the objective of protecting individuals' personal information. The proposal Personal Data Protection Bill 2018 introduced by the Justice BN Srikrishna Committee includes a new right called the right to be forgotten, which refers to an individual's ability to limit, delink, delete, or correct the disclosure of personal information on the internet that is misleading, embarrassing, or irrelevant. In Chapter V of this draft bill, the "Right to Be Forgotten" is discussed in Section 20. This section specifies that "the data principal (the individual whose data is stored) must be entitled to restrict or cease the disclosure of his personal information.

In Section 27 of the Bill, a data principal has the right to restrict the data fiduciary from using such data or information if the disclosure of such data is no longer necessary, an agreement to use the data has been revoked, or the data is being used illegally. Additionally, section 27(2) provides that the adjudicating officer (Data Protection Authority) has the power to decide whether or not disclosure is permissible and in what circumstances it may override citizens' rights to freedom of speech and information.

Judicial Precedents

In the case of Jorawer Singh Mundy vs. Union of India & Ors., Hon'ble Justice Pratibha Singh granted interim protection to an American citizen, Jorwar Singh Mundy, who requested that the Delhi High Court's verdict in an NDPS Act case, in which the Plaintiff was the accused, be removed from Indian Kanoon, a law information and case law repository. Although he was acquitted of all charges in the contested case, he claimed that the public availability of the judgment had tarnished his reputation

Gujarat High Court dismissed a request for a permanent restriction on the public exhibition of judgments and orders on an online repository and Google indexing in the case of Dharamraj Bhanushankar Dave vs the State Of Gujarat, Special Civil Application No. 1854/2015. In this case, the petitioner had been acquitted of multiple charges by both the Sessions Court and the High Court, and that judgment was considered 'unreportable.'. Because there were no legal provisions that threatened the petitioner's life and liberty, and because the posting of a judgement on a website is not a "report" of that judgement, the petition was dismissed.

It was the Orissa High Court that examined the right to be forgotten in the Subhranshu Rout case, as previously mentioned. The Hon'ble High Court was hearing a bail case under section 439 of the Cr.P.C. where the petitioner's photos of the complainant had been published on Facebook without her permission. Although the Act provides criminal penalties for those who committed such offenses, the rights of victims, especially their right to privacy, which is inextricably linked to the removal of these unpleasant images, remain unresolved.

Recognition of the Right to Be Forgotten Globally

The European Union (EU) allows its citizens to have their data erased, meaning that they can ask enterprises to delete their records. General Data Protection Regulation (GDPR), which was passed by Union members in 2018, facilitates this process.

According to the EU GDPR website, the right to be forgotten is mentioned in Recitals 65 and 66 of the regulation, as well as in Article 17 of the regulation, which states, "The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay" (if certain conditions are adhered to).

EU law on the 'right to be forgotten' does not extend beyond the borders of EU member states, according to a landmark ruling in 2019. The European Court of Justice ruled in favor of Google, which was appealing a French regulatory authority's decision to remove site addresses from its global database. This ruling supported Google since it established that the EU's electronic privacy law cannot apply to nations such as India on the internet.

Conclusion 

The Right to Be Forgotten represents an evolving intersection between privacy, digital governance, and fundamental freedoms. In today’s interconnected and data-driven world, where information once published can be replicated and disseminated endlessly, this right offers individuals a means to prevent perpetual digital branding based on past events. Its underlying philosophy is to restore autonomy over personal information, thereby enabling individuals to move forward without being constantly burdened by their past.

Globally, the European Union has set a benchmark through the GDPR, offering a structured legal mechanism for enforcing RTBF while balancing competing rights. However, even within the EU, challenges persist in defining the boundaries of this right, particularly in the context of journalistic freedom, public interest, and cross-border data jurisdiction. India’s recognition of RTBF as part of the right to privacy under Article 21 marks a significant step, but the absence of a dedicated, enforceable statutory framework leaves considerable uncertainty in its practical application. Judicial precedents in India indicate a willingness to consider RTBF claims, but courts remain cautious, often weighing them against the constitutional guarantees of free speech and access to information.

Moving forward, a comprehensive data protection law with clear provisions for RTBF is essential. Such a law must outline procedural safeguards, criteria for removal requests, and mechanisms for balancing individual rights with collective democratic interests. Without this, the RTBF risks remaining a theoretical construct rather than a practical remedy. Ultimately, the goal should be to protect personal dignity without undermining the foundational principles of transparency, accountability, and freedom of expression in a democratic society.

References

1. Reding, V. (2012). The EU Data Protection Reform and the Right to Be Forgotten. European Data Protection Law Review, 1(1), 3–6.

2. Rosen, J. (2012). The Right to Be Forgotten. Stanford Law Review Online, 64, 88–92.

3. Kuner, C. (2017). The Internet and the Right to Be Forgotten: Balancing Privacy and Freedom of Expression. International Data Privacy Law, 7(4), 308–317.

4. European Parliament and Council. (2016). General Data Protection Regulation (EU) 2016/679. Official Journal of the European Union, L119, 1–88.

5. Sharma, R. (2021). Right to Privacy and the Digital Era: Analysing the Right to Be Forgotten in India. Indian Journal of Law and Technology, 17(2), 145–170.

6. Justice B.N. Srikrishna Committee. (2018). A Free and Fair Digital Economy: Protecting Privacy, Empowering Indians. Government of India.

7. Mundy, J.S. v. Union of India & Ors., W.P.(C) 3918/2021, Delhi High Court.

8. Dharamraj Bhanushankar Dave v. State of Gujarat, Special Civil Application No. 1854/2015, Gujarat High Court.

9. Subhranshu Rout v. State of Odisha, BLAPL No. 4592/2020, Orissa High Court.

Note: Views and opinions as expressed in this article are solely of the author and Indian Legal Wing is not liable for the same. The information contained in this article is for general information purposes only. We endeavor to keep all the information up to date and try our level best to avoid any misinformation or any kind of objectionable content. If you found any misinformation or objectionable contents in this website please report us at indianlegalwing@gmail.com