Delhi HC orders removal of news articles and social media posts against a businessman on X
31 Jul, 2024
The Right to Be Forgotten
Recently, the Delhi High Court has passed an order directing removal of news articles and social media posts against a businessman on X, formerly Twitter, regarding a criminal case registered against him in 2018 after his honourable acquittal the next year. In this context, it would be appropriate to look at the “Right to be 4got10” and comparing it with the cherished Right to Information.
The "right to be forgotten" (RTBF) is a significant concept emerging from the digital age, allowing individuals to request the removal of personal data from search engines and other online platforms. This right reflects growing concerns about privacy and data protection in an increasingly digital world. This article explores the legal foundation of the right to be forgotten, highlights relevant case laws, and examines its impact on data privacy.
Legal Foundation
The right to be forgotten is rooted in the European Union's General Data Protection Regulation (GDPR), which came into effect on May 25, 2018. The GDPR is a comprehensive data protection law designed to enhance individuals' control over their personal data. Article 17 of the GDPR, known as the "Right to Erasure," stipulates that individuals have the right to request the deletion of their personal data under certain conditions.
General Data Protection Regulation (GDPR): Article 17(1) provides that individuals have the right to obtain from the data controller the erasure of personal data concerning them without undue delay, if one of the following conditions applies:
- The data is no longer necessary for the purposes for which it was collected.
- The individual withdraws consent on which the processing is based, and there is no other legal ground for processing.
- The individual objects to the processing and there are no overriding legitimate grounds for the processing.
- The data has been unlawfully processed.
- The data must be erased for compliance with a legal obligation.
Key Case Laws
Several landmark cases have shaped the understanding and application of the right to be forgotten:
- Google Spain SL v. Agencia Española de Protección de Datos (AEPD) and Mario Costeja González (2014)
This landmark decision by the Court of Justice of the European Union (CJEU) established the foundational precedent for the right to be forgotten. The case concerned Mario Costeja González, who requested the removal of outdated and irrelevant information about him from Google's search results. The CJEU ruled that search engines like Google are considered data controllers and are therefore obligated to remove links to personal data when requested under specific conditions. This decision marked a significant shift in how personal data is managed online, emphasizing the balance between privacy and the public's right to access information.
- NT1 & NT2 v. Google LLC (UK High Court, 2018)
This case in the UK High Court further refined the application of the right to be forgotten. The court distinguished between two claimants: NT1 and NT2. NT1 sought to have outdated criminal convictions removed from search results, while NT2, who had also been convicted of a crime but had since rehabilitated, sought to remove information about the conviction. The court ruled in favor of NT2, noting that the information was outdated and no longer relevant. However, it ruled against NT1, as the information was still deemed relevant for public interest due to the severity of the crime.
- GC and Others v. The Commissioner of Police for the Metropolis (CJEU, 2019) [GC and Others v Commission nationale de l'informatique et des libertés (CNIL)]
In this case, the CJEU clarified that individuals could request the removal of their personal data from law enforcement records if it is deemed no longer relevant or accurate. The court emphasized that even in the context of law enforcement, data should be up-to-date and not misrepresent an individual's current status. This decision underscored the importance of accurate and relevant data, particularly in sensitive contexts.
Impact and Criticisms
The right to be forgotten has significant implications for privacy and data management. On one hand, it empowers individuals to control their online presence and mitigate the long-term consequences of past actions. On the other hand, it raises concerns about censorship and the balance between privacy and the public's right to access information.
Critics argue that the right to be forgotten could lead to excessive censorship, where important public information is obscured. They also express concerns about the feasibility and fairness of implementing such requests, especially regarding historical or public interest data.
Comparing the Right to Be Forgotten with the Right to Information
The right to be forgotten and the right to information represent two crucial, yet sometimes conflicting, aspects of privacy and transparency. The right to information, often enshrined in freedom of information laws, allows individuals and the public access to data held by public authorities and other entities, promoting transparency and accountability. This right is essential for democratic governance and ensuring that governments and institutions operate openly.
Conversely, the right to be forgotten focuses on protecting individual privacy by allowing individuals to request the removal of personal data from search engines and other online platforms when it is outdated, irrelevant, or no longer necessary. This right aims to help individuals manage their online reputations and safeguard against the potential long-term impacts of past actions.
The implications of these rights can sometimes be at odds. For example, while the right to be forgotten seeks to limit the visibility of personal information, the right to information supports the public's ability to access data that might be of significant public interest. This tension can lead to complex legal and ethical challenges, particularly when considering whether the public's right to access information about an individual's past should outweigh that individual's right to privacy and data removal. Specially so, it has been argued whether a sequence of events which has been a part of history can suddenly be turned into a vacuum. Balancing these rights requires careful consideration to ensure that privacy protections do not unduly hinder transparency and that transparency does not unjustly infringe on personal privacy. As legal frameworks and societal expectations evolve, finding an equitable balance between these rights remains a critical challenge for policymakers and courts.
Balancing the Right to Be Forgotten and the Right to Information
Determining whether the right to be forgotten or the right to information should take precedence is a complex issue that hinges on the context and the specific circumstances of each case. Both rights serve important functions, and their balance often requires nuanced legal and ethical considerations.
Precedence: Right to Be Forgotten vs. Right to Information
1. Contextual Considerations: The decision on which right should take precedence often depends on the context. In situations where public interest is at stake—such as exposing corruption, ensuring accountability, or upholding democratic transparency—the right to information might be given precedence. On the other hand, if the information is outdated, irrelevant, or damaging to an individual's privacy without significant public interest, the right to be forgotten may take priority.
2. Case-by-Case Basis: Legal frameworks and courts typically address these issues on a case-by-case basis. For example, the Court of Justice of the European Union (CJEU) has emphasized that the right to be forgotten should be balanced against the public's right to information, particularly in cases involving matters of public interest, such as serious criminal activities or significant public figures.
3. Legal Frameworks: Different jurisdictions have varying approaches. The European Union’s GDPR, for instance, provides a structured approach where data controllers must evaluate requests for data removal while considering both individual privacy and public interest. The balance between these rights is often addressed through legal provisions, guidelines, and judicial decisions.
Data Persistence despite Digital Obliteration
1. Digital vs. Physical Data: While digital erasure can remove data from online platforms, it does not necessarily guarantee complete obliteration of information. Various factors affect this process:
- Search Engines: Deleting data from search engines or specific websites may remove it from public view on those platforms, but it might still exist in backup systems or be accessible through other channels.
- Archival Systems: Data can be archived by various institutions, and even if it is removed from the main database, it may still be stored in archives, backups, or other records.
2. Print and Offline Records: Information that has been published in print media or stored offline is not affected by digital erasure. Historical records, books, newspapers, and other physical documentation can continue to exist independently of online data removal.
3. Black Sites and Hidden Data: The term “black sites” often refers to secretive or less accessible repositories of information. Even if data is removed from visible or mainstream online sources, it may still be retained in less accessible or private databases. These sites might include governmental, corporate, or other entities that maintain historical records or backups.
Therefore, balancing the right to be forgotten with the right to information involves careful consideration of the public interest, privacy, and the specific context of each case. Digital obliteration of data does not necessarily ensure the complete removal of information, especially when considering print media and offline records. As digital and physical data management evolve, ongoing legal and ethical scrutiny is essential to ensure that both individual privacy and public transparency are adequately protected.
Conclusion
The right to be forgotten represents a critical evolution in data protection and privacy law, balancing individual privacy with the public's right to access information. Through landmark cases such as Google Spain and NT1 & NT2, the legal landscape surrounding this right continues to develop, highlighting the need for ongoing dialogue and regulation in the digital age. As technology and data practices evolve, so too will the legal frameworks that govern them, ensuring that privacy and transparency are maintained in an increasingly interconnected world.