About the Author
Adhithya ML
Nawal Nabeesu AS
Adithya ML and Nawal Nabeesu AS are 4th semester 5-year Integrated BA LLB students from Government Law College, Thiruvananthapuram.
The Right to Privacy and the Right to be Forgotten in India: Legal Developments and Challenges
While humans are commonly characterized as social creatures, there are certain aspects of life that individuals prefer to keep to themselves or share selectively. Privacy is regarded as a fundamental component of personal freedom, stemming from the Latin term ‘privatus‘, which conveys the notion of something being private, secret, or personal, distinct from what is public or state-owned. Consequently, privacy encompasses the idea of ownership over one’s personal affairs, those aspects one may choose not to divulge to others. The right to privacy is recognized as a basic human right under Article 12 of the Universal Declaration of Human Rights Act of 1948.
In India, the right to privacy is a fundamental right safeguarded under Article 21 of the Constitution. This was affirmed unanimously by the Supreme Court of India in the landmark 2017 case Justice K.S. Puttaswamy v Union of India ((2017) 10 SCC 1). These right shields an individual’s information, communications, and personal affairs from intrusion by governmental and non-governmental entities alike. Furthermore, it empowers individuals to make independent decisions concerning their lives. Nevertheless, it’s important to note that the right to privacy has limitations and may be reasonably restricted under certain circumstances.
When discussing the right to privacy, the landmark case Puttaswamy (supra) is essential to mention. In 2017, retired judge Justice K.S. Puttaswamy filed a petition challenging the constitutional validity of the Aadhaar card scheme, which aimed to streamline welfare schemes in India. The case questioned the government’s collection of demographic biometric data, raising concerns about privacy violations. The Attorney General argued against the existence of a fundamental right to privacy based on previous judgments. The case was referred to a Constitution Bench of nine judges to re-evaluate previous precedents. In a series of six separate opinions, the Supreme Court declared privacy as an independent fundamental right under Article 21 of the Constitution. This decision expanded the notion of privacy beyond mere physical invasion, encompassing the body, mind, decisions, choices, and freedom. The Court overturned previous judgments in M P Sharma and Ors v. Satish Chandra (AIR 1954 SC 300) and Kharak Singh vs state of UP (AIR 1963 SC 1295), ruling that privacy is indeed a fundamental right. It rejected the notion that privacy should be sacrificed for state welfare programs and established standards for judicial review in cases of state intrusion. The judgment also highlighted the significance of privacy in matters of sexual orientation and emphasized both the negative and positive aspects of the right to privacy. Additionally, the Court recognized informational privacy and urged Parliament to enact legislation for data protection.
The “right to be forgotten” is an integral aspect of the right to privacy, particularly in the digital age. It grants individuals the ability to request the removal of their personal information from online platforms or search engine results under certain circumstances. This right acknowledges individuals’ autonomy over their personal data and aims to protect their privacy by allowing them to control the dissemination of information about themselves. The ‘Right to be forgotten’ is also called the ‘Right to erasure’. ‘Right to be forgotten’ was first established by the European Union in May 2014.
India does not have a codified law that specifically addresses the right to be forgotten (RTBF), but it has been recognized in some judicial pronouncements. The right to be forgotten is a subset of the right to privacy, which is a basic right under Article 21 of the Indian Constitution.
Vysakh vs UOI (2023 (1) KLT 83) is an important case which recognised right to be forgotten as a facet of right to privacy. This case disposes of 9 cases dealing with removing judgements in the public domain on the grounds of the right to be forgotten.
In all the cases, parties claimed infringement of their right to be forgotten under the right to privacy by the uploading of court orders/judgments on the Indian Kanoon website, a free Indian law search engine that provides access to central laws, cases, constituent assembly debates, law commission reports. Among other issues, the Court dealt with the question of, whether “Publishers of judgments, like Indian Kanoon, and other law journals, have the right to publish the details of parties ignoring the privacy rights of litigants which includes their right to be forgotten.” Another notable aspect of this case is how the Court defined privacy in the context of data made available by parties before the Court. As per the Court, it includes “data concerning the names of the party/parties and identifying their cause before the Court.” The Court here first showed the distinction between a right to privacy and a right to anonymity, saying that “Privacy … is essentially related to the contents of the information in the case. Anonymity on the other hand, … is a process of denying information to the public about the identity of the parties related to a case.” But then it deadens the distinction, noting that “Anonymity though is different from privacy, it becomes a facet of privacy when the cause and content in a case are identified with the parties in the Lis.”
In this case the court held that while the right to privacy doesn’t coexist with an open court justice system, individuals can seek protection of personal information based on privacy rights. However, the right to be forgotten cannot be claimed in current or recent proceedings; the legislature must define grounds for its invocation. Yet, in cases involving prolonged duration or sensitive matters like family or matrimonial disputes, parties may request removal of personal information from search engines. Additionally, the court may allow erasure of personal data available online. In family and matrimonial cases and others not under open court jurisdiction, the court will refrain from publishing personal information upon the parties’ request.
In the case of Salil Raveendran v UOI (W.P.(CRL.) No. 318 of 2022), the Kerala High Court acknowledged the “Right to be Forgotten” as part of the right to privacy. The petitioner sought to remove personal details, related to a rape accusation, from the Indian Kanoon website and “The New Indian Express” newspaper as the case is in the primary stage of investigation. These publications were deemed prejudicial as they potentially violated the presumption of innocence, hampering the right to a fair trial and impacting dignity, reputation, and privacy. Consequently, the court directed “The New Indian Express” not to publish any matter related to the case without prior court permission and instructed Indian Kanoon to anonymize the petitioner’s name and address.
In the case of Zulfiqar Ahmad Khan v Quintillion Business Media Pvt. Ltd. (CS (OS) 642/2018), the Delhi High Court upheld an individual’s “Right to be Forgotten”. The plaintiff sought a permanent injunction against the defendants who authored articles alleging harassment as part of the #MeToo campaign. Although the defendants agreed to remove the articles, they were republished by other websites. Recognizing the plaintiff’s right to privacy, including the “Right to be Forgotten” and the “Right to be Left Alone”, the court ordered that any republishing or abstract of the disputed articles, or altered forms thereof, on any print or digital platform be restrained during the pending suit.
Indeed, while individual cases like those mentioned have recognized the “Right to be Forgotten” in India, there’s currently no specific legislation addressing it comprehensively. This absence of a codified law poses challenges for individuals seeking recourse each time their right to be forgotten is violated. It underscores the need for comprehensive legislation that provides clear guidelines and mechanisms for individuals to assert their right to be forgotten more effectively, without the burden of repeated court interventions.
When delving into the concept of the right to be forgotten, it’s essential to address its implications within the framework of The Digital Personal Data Protection Act, 2023. This Act in India addresses the broader spectrum of data protection, including how personal data is collected, stored, processed and shared. The ‘Right to be Forgotten’ is a specific aspect within data protection laws that allows individuals to request the removal of their personal data from online platforms or databases under certain circumstances. While the Act in India may include provisions related to data deletion or erasure, the explicit implementation of the Right to be Forgotten would likely require specific legal provisions or guidelines within the broader framework of data protection legislation.
The right to be forgotten, stemming from the “Google Spain” case in the European Union, is still in its formative stages in India, with courts showing inconsistency in recognizing it. Therefore, there’s an urgent need for this right to enable citizens to remove their personal information from the internet. Its establishment should entail a delicate balance between the right to be forgotten and conflicting rights, a task requiring careful deliberation by both the Parliament and the Supreme Court.
Recognizing that everyone experiences challenging times and makes mistakes, it’s crucial that those acquitted of their past errors have the opportunity to be forgotten. This ensures that society doesn’t unfairly perceive them in a negative light, fostering acceptance and understanding. Hence, the right to be forgotten should be rightfully acknowledged in India.