Right To Be Forgotten | 25 Sep 2019

Recently, the European Court of Justice has allowed Google not to remove the links related to sensitive personal data worldwide.

  • As per the European law, Google is not under any obligation to remove such information globally on its search engine versions in lieu of request made by any particular state.

Background

  • The case between France and Google to remove sensitive information available globally on the Google related to certain class of people was a test of whether individuals have the right to demand the removal of personal data from internet search results without stifling free speech and legitimate public interest.
  • The court in its judgment limited the reach of the online privacy law known as ‘right to be forgotten’, restricting people’s ability to control what information is available about them on the internet and stated that the balance between privacy and free speech must be taken into account while deciding if websites should be delisted over the internet.

European Court of Justice

  • The European Court of Justice (ECJ) is the highest court in the European Union in matters of European Union law, established in 1952.
  • The Court of Justice of the European Union, which has its seat in Luxembourg, consists of two courts: the Court of Justice and the General Court (created in 1988).
  • Its main function as set out in Article 164 of the Treaty of Rome is to ensure that in the application and interpretation of the EU law uniformly across all EU member states and to certify that countries and EU institutions abide by EU law.

Right to be Forgotten in Indian Context

  • Right to be forgotten refers to the ability of an individual to limit, delink, delete, or correct the disclosure of the personal information on the internet that is misleading, embarrassing, or irrelevant.
    • It allows for the lawful removal of personal information of an individual if such request is made.
  • The right to be forgotten is distinct from the right to privacy because the right to privacy comprises of the information that is not publicly known, whereas the right to be forgotten involves removing information that was publicly known at a certain time and not allowing third parties to access the information.
  • Legislative Stand: In India, there are no legal provisions related to it.
    • Neither the Information Technology (IT) Act 2000 (amended in 2008) nor the IT Rules, 2011 deals with the right to be forgotten.
    • Only Section 27 of the draft Data Protection bill has listed out three scenarios in which an individual will have the right to restrict or prevent continuing disclosure of personal data, also known as the right to be forgotten.
    • This will be applicable if data disclosure is no longer necessary, or the consent to use data has been withdrawn, or if data is being used contrary to the provisions of the law.
  • Judicial Stand: There have been instances, where the High courts have upheld the right of an individual to be forgotten.
    • For instance, the Karnataka High Court upheld a woman’s right to be forgotten stating that the right is in line with the trend in the western countries. In the sensitive cases involving women in general and highly sensitive cases involving rape or affecting the modesty and reputation of the person concerned, it must be adhered to.
    • The Delhi High Court, in another case had asked from the Centre and Google whether the right to privacy included the right to delink from the Internet the irrelevant information.

Way Forward

  • There must be a balance between the right to privacy and protection of personal data (as covered under Article 21 of the Indian constitution), on the one hand, and the freedom of information of internet users (under Article 19), on the other.
  • A comprehensive data protection law must address these issues and minimize the conflict between the two fundamental rights that form the crucial part of the golden trinity (Art. 14,19 and 21) of the Indian constitution.

Source: TH