On 22 July, Ashutosh Kaushik, winner of the reality show Big Boss season two and MTV Roadies 5.0, filed a ‘right to be forgotten’ plea in the Delhi High Court. He asked the court to order for the removal of old videos, photos and articles about his involvement in two separate acts – a drunk-driving incident in 2009 and a brawl in 2013 – from the internet. Kaushik said these material have caused him “psychological pain for his diminutive acts, which were erroneously committed a decade ago,” according to a report in The Indian Express.
Kaushik’s petition argued that the ‘right to be forgotten’ (RTBF) was an integral part of the Right to Life, and that his personal life will forever be in public knowledge, which he doesn’t want.
‘Right to be forgotten’ in India
Kaushik’s isn’t the first petition that has invoked the RTBF. In 2014, MediaNama, a news website that tracks India’s technology policy sector, received an RTBF request from an Indian user. The portal had written against the attack on the individual’s freedom of speech, according to a post by its editor Nikhil Pahwa. However, the person told MediaNama they were going to rely on a European Court of Justice judgment and ask Google to convert a public post about them into a non-indexable one. In other words, their name wouldn’t appear in search engine results pages.
In November 2020, the Orissa High Court examined whether or not the RTBF could be invoked to protect women whose sexually explicit videos or photos were uploaded on the internet by their stalkers and harassers, according to a report in ThePrint.
These instances highlight the inherent dichotomy of the ‘right to be forgotten’. On the one hand, it can be used as an instrument to impede a free press from doing its job – that is, to write the first draft of history as it unfolds. On the other hand, it can act as a shield to protect those who have been genuinely wronged at the hands of unscrupulous elements and have been shamed on the internet.
Ideally, the ‘right to be forgotten’, with all its nuances, should have been enshrined in a law passed by Parliament. However, the legislation that recognises the RTBF is still in draft mode. Clause 20 of the proposed Personal Data Protection Bill, 2019, says that a “data principal [the individual whose data it is] shall have the right to restrict or prevent the continuing disclosure of his personal data by a data fiduciary.” An Adjudicating Officer, working under the proposed Data Protection Authority, will then assess the sensitivity of the data and the scale of its disclosure (among other things) before deciding whether or not it can be removed.
However, this is easier said than done. The nature of the internet and content posted on it is not uniform. Hypothetically speaking, a Google search of Himesh Reshammiya’s name is quite different from an Instagram post in which someone might be (rightfully) making fun of his nasal crooning. Similarly, a piece of investigative journalism, which exposes a politician’s disproportionate assets, is not the same as a video, secretly recorded in the privacy of their bedroom and published on Facebook. The short point is this: as it stands today, Clause 20 of the PDP Bill, 2019, doesn’t distinguish between the functional differences of platforms and apps.
Implementation hurdles in the EU
In contrast, the European Union’s General Data Protection Regulation (GDPR) rules lay down clear and specific conditions in which the ‘right to be forgotten’ can be applied. These include the unlawful use of an individual’s personal data, the withdrawal of consent to use such data and its use for marketing purposes, among others. Conversely, the GDPR rules also lay down conditions when other rights trump the RTBF. These include the right to free expression, the use of data for public health purposes, and data that “serves the public interest, scientific research, historical research, or statistical purposes and where erasure of the data would likely to impair or halt progress towards the achievement that was the goal of the processing.”
The trigger for the EU to include some elements of the RTBF in the GDPR was a landmark case in 2014. At the time, the Court of Justice of the European Union (CJEU) pronounced a judgment in a case involving a Spanish citizen, Mario Costeja González, and Google Spain. González complained that a Google search of his name threw up links to newspaper stories from 16 years ago, which detailed how he had to sell a property “to recover money he owed,” according to a BBC news report. In its ruling, the CJEU said “irrelevant or no longer relevant” data should be erased on request. As a result, Articles 12 and 14 of Europe’s Data Protection Directive, which dealt with the de-listing of results from search engines, were read into the GDPR.
Long term solution
For India, the takeaway is that these are questions of rights that shouldn’t be decided on a case-by-case basis by an adjudicating officer of a regulator, as envisaged in the draft PDP Bill, 2019. Ideally, the ‘right to be forgotten’ should be enshrined in legislation whose guiding principles factor in the functional differences between apps and platforms.
More importantly, the proposed law should also lay down, in clear and specific terms, that the RTBF cannot be invoked to impede the working of a free press — as Kaushik’s petition threatens to do. Until such a law is passed, such matters should fall under the purview of the constitutional courts, which are best equipped to adjudicate them on a case-by-case basis.
The author works at Koan Advisory Group, a technology policy consulting firm. Views are personal.
This article is part of ThePrint-Koan Advisory series that analyses emerging policies, laws and regulations in India’s technology sector. Read all the articles here.