Do Indians need the right to be forgotten online? It's complicated

In a first for India, in February this year, an NRI lawyer working with an international bank in Dubai filed a petition in the Delhi High Court asking for the right to be forgotten online.
No, he neither suffers from social anxiety, nor does he have any deep, dark secret to hide. But, there is some information available online that links him to a court case that has been resolved, and he wants his digital persona cleared of the seemingly incriminating legal slur.
The lawyer said in his petition to the Delhi High Court that his name is mentioned in a court order available on indiankanoon.org, a website that publishes court judgements. He claimed that he wasn’t even a party in the 2015 criminal case, which was fought between his wife and his mother, and said that the case has been resolved since. But, even today, a Google search on his name throws up the court order on the Indian Kanoon website as the top result.
The lawyer, in his petition, claims that this online record could potentially “jeopardise his prospective employment opportunities,” as it gives the impression that he was involved in “some sort of criminal proceeding in India.” His fears are not unfounded, considering that social media verifications and Google searches are par for the course in background checks run by organisations looking to hire in modern times.
He approached both Google and indiankanoon.org in January this year, requesting them to remove the URL in question, but when he received no response from either, he approached the Delhi High Court. The case is up for hearing on February 2, 2017.

FactorDaily has a copy of the 131-page petition, where the lawyer cites as a precedent the landmark Google Spain vs Mario Costeja Gonzalez judgment, in which the European Court of Justice (ECJ) ordered the search giant to take off all web links related to Costeja.

A landmark judgment

So, if there is something embarrassing about you on the net, or there’s some information available that’s not really relevant in the current day and time but that has the potential to harm your reputation, should you have the right to be forgotten online?
In other words, is it justifiable to ask a website or a search engine to erase such content from the internet?
Seems like it is — going by the ruling of the European Union (EU)’s highest court of justice in the Google vs Costeja case, which said that Google and other search engines must remove data from past results if requested to do so by a member of the public.
In 2009, Spanish national Costeja went to court after he discovered that a Google search on his name threw up newspaper reports of legal notices against him from the late 1990s, which have since been resolved. After a five-year court battle, in May 2014, the ECJ passed the judgment in in favour of Costeja.
The judgment triggered a debate on EU citizens’ right to be forgotten, and after a couple of years of negotiation, the EU adopted the General Data Protection Regulation 2016 to give people increased control over their personal information, including the right to be forgotten online.
The legislation states that “data controllers, including at least some Internet intermediaries, must erase content based on right to be forgotten (RTBF) requests.” It allows people to request for removal of search results that may be considered “false, misleading, or outdated information” from search engines, unless it is in the public interest. According to Google, it has received 569,876 right to be forgotten requests and has evaluated 1,731,550 URLs for removal since it launched its online form on May 31, 2014.
The EU Right to be Forgotten provision, as is being applied across Europe, is leading to censorship not only of court judgments but also of journalistic articles that are archived on the net, say cyber law experts. So, articles older than a year about a political candidate or a person are being scrubbed off the net from search results upon request.

Not the law of the entire land, and certainly not India

However, except for the EU, the right to be forgotten is not legally protected anywhere else in the world. At least, not yet. Japan decided not to go the EU way when the Tokyo High Court last month revoked a lower court judgment that recognised the right to be forgotten.
At present, there is no law in India that protects the personal information of individuals. While certain provisions of the Information Technology Act, 2000 (IT Act), and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules), 2011, (IT Rules) exist, these merely scratch the surface as they apply only to information on computer resources (data from servers, smartphones and all other electronic devices), according to Bengaluru-based law firm Trilegal.

The Justice Shah Committee report, which was published in August 2012, studied several foreign jurisdictions and their privacy laws and stated that India needs a substantive privacy law — one which defines what privacy is and what its contours are. It also recommended the establishment of an independent authority for these matters.
So, will India actually get a law that protects an individual’s right to be forgotten? There are no easy answers, says a representative of the Internet Freedom Foundation (IFF) who did not want to be named individually. “It is a complex policy debate which requires to be overseen by a regulatory authority as well as an independent data protection authority. It also requires continuous updates of standards — something on the lines of what TRAI (the Telecom Regulatory Authority of India which regulates the telecom sector) does,” he says. Last month, the IFF moved the Delhi High Court to be able to intervene in the NRI lawyer’s case to determine if India needs a ‘right to be forgotten’ law.
One thing that is certain is that the right to be forgotten should not be just a court’s writ, because in that case, it may not be very well-defined and may not balance the competing right to freedom of speech and the right to public access of knowledge.
The problem with letting courts handle the so-called right to be forgotten is that the powerful, the moneyed and the resourceful, who can engage expensive lawyers, will be the only beneficiaries. There is a substantial risk that in the creation of the right to be forgotten, we may end up creating the right to erasure and delisting from public records — which is not always desirable.

A regulator to protect this right?

What is required is a specialised body that can proceed on the basis of clarity and also exercise expert functions to do it, feel cyber law experts. “If the court passes such a regulation, first, it won’t be able to comprehensively define what the right to be forgotten is, and under what specific conditions it applies. Second, even if it can do that, the only way to apply it would be to approach a high court and filing a writ petition,” says the IFF.

Sunil Abraham, executive director of the Centre for Internet and Society (CIS), agrees that there should be a regulatory body, separate from the judiciary, to handle cases relating to the right to be forgotten. “We need only one regulator, which need not specifically be a right to be forgotten regulator. What we need is a privacy regulator,” he says.
Commenting on the NRI lawyer’s petition to the Delhi High Court, Abraham says the petitioner cannot claim the right to privacy in this case, because the judicial system of the country is not opaque. Orders from the court are available in the public domain, with the exception of cases involving juveniles and sexual assault survivors, where the court and the press, acting in self-regulation, do not disclose the names.
“Indian citizens have the right to access to any orders or final judgments passed by any court in the country. The right to privacy will interfere with this right to access and it will also interfere with the right of people to discuss a particular case, which is in violation of the right to free speech,” says Abraham.
While echoing Abraham’s views on privacy, the IFF points out that the right to be forgotten is not purely about privacy. “It may have strands of the right to privacy, but it is, in a sense, a much more distinct right, and needs to be well established and developed through a policy framework,” says the IFF.

So, what is the purview of the right to be forgotten?

According to legal experts, the right to be forgotten can be applicable when some information about a person exists, and has been existing for some time, but it is useless, redundant, and does not serve any public benefit, but at the same time causes damage to the person. It serves no purpose except causing reputational harm.
The stated intent for the right to be forgotten has to be to protect individuals against information which is catalogued against them, and which serves no public purpose. But such a right without any safeguards in place will lead to mass erasure of Wikipedia entries and of journalistic articles.

Abraham believes that if the right to be forgotten is recognised in India, public personalities must be kept out of its purview as a standard exception. “Politicians, actors, sportspersons, journalists, industrialists who hold public meetings and press conferences — such people should not be allowed to use right to be forgotten to censor free speech,” he says.
Abraham hypothesises two situations to explain this. Say, a photograph of a common man urinating is online; it may be removed if the individual is embarrassed by it, especially if keeping it online serves no public interest. However, there is a difference when it comes to celebrities and/or public personalities, says Abraham. If there is some online evidence, for instance, that a celebrity, while shooting an ad for a cola, is actually drinking distilled water and not the sugar-laden aerated drink, then that does serve public interest and deserves transparency.

“The right to be forgotten has to be configured in the public interest. It cannot be a way for the powerful, especially, to kill free speech and the right to access to information,” he says.
Abraham also states that if an individual has voluntarily disclosed personal information to the public domain at some point, they cannot later claim the right to privacy. A case in point being Hollywood actor Charlie Sheen’s disclosure of being HIV positive. However in other cases, because of the stigma attached to HIV, if a person’s status is disclosed without their consent, it may be taken off to protect the individual’s privacy.
Since the right to be forgotten issue is rather new, not just in India but across the world, there is no consensus in the Indian legal fraternity yet or any substantial movement pushing for or against it. However, all the lawyers FactorDaily spoke to were of the unanimous opinion that court judgements and orders are by nature public and cannot be pulled down or taken off.
FactorDaily reached out to the NRI lawyer’s advocate, Rohit Madan, in Delhi, but he did not respond.