INTRODUCTION
Individuals have the ability to request that organizations delete their personal data by using their “right to be forgotten,” which gives them this power.
The Justice BN Srikrishna Committee’s draft of the Personal Data Protection Bill 2018, which has introduced a new right called the right to be forgotten, in reference to the capability of an individual to restrict, delink, delete, or correct the disclosure of personal information that can be found on the internet and that is either misleading, embarrassing, or irrelevant.
The ability of an individual to limit, delink, delete, or correct the disclosure of embarrassing personal information that can be found on the internet is referred to as the “right to be forgotten.”
The concept of an individual having the ability to limit, delink, delete, or otherwise correct the disclosure of embarrassing personal information that can be found on the internet is referred to as the “right to be forgotten.”
ISSUES
- Right to be forgotten gets in conflict with the right to information.
o This can be demonstrated by the fact that a rape victim has the right to have her past forgotten, while a convicted criminal cannot claim that he has the right to insist that his conviction should not be referred to by the media. In both of these scenarios, the victim has the right to have her past forgotten.
- The decision regarding whether the data that is stored online must be kept (right to information) or erased (right to be forgotten) from the web must be made by the Data Protection Authority.
o As a result of this, a journalist is required to wait for the decision of the adjudicating officer before they can exercise their right to be forgotten. This could pose a threat to the freedom of the press.
o Therefore, the liberty to criticize public figures for the public policies they have enacted based on the statements and actions they have taken in the past will be in jeopardy as a result of this.
- In addition, a citizen who is interested in gaining access to such information will be uncertain as to whether they should contact the Central Information Commission or the Data Protection Authority.
- The state retains unbridled powers to collect and process data, without the need for consent, for the national interest.
o On the other hand, the concept of the “national interest” is not defined anywhere, and this leaves the implementation of the “right to be forgotten” up to the discretion of the government.
CHALLENGES
- Limitations on free speech: The right to be forgotten can potentially limit freedom of speech and the public’s right to access information, as it can result in the removal of legitimate and important information from online platforms or search engines.
- Technical challenges: The implementation of the right to be forgotten can be technically challenging, as it requires online platforms and search engines to develop complex systems for managing and removing personal information.
- Conflicts with other legal rights: The right to be forgotten can conflict with other legal rights, such as the right to access information, the right to freedom of expression, and the right to conduct research and journalism.
INITIATIVES TAKEN BY GOVT.
- Aadhaar Act: The Aadhaar Act was enacted in 2016 to establish a unique identification system for Indian residents. The act includes provisions related to data protection and privacy, including the requirement to obtain consent from individuals before collecting their personal information.
- Personal Data Protection Bill: The government introduced the Personal Data Protection Bill in 2019, which aims to provide a comprehensive framework for the protection of personal data in India. The bill includes provisions related to data privacy, data localization, and the right to be forgotten.
- The Cyber Security Policy: The Indian government introduced the National Cyber Security Policy in 2013, which includes measures to protect personal data from cyber threats and enhance cybersecurity in India.
- IT Act: The Information Technology Act was enacted in 2000 to provide legal recognition for electronic transactions and protect electronic records and data. The act includes provisions related to data privacy and data protection.
Way Forward
- In order to give effect to the so-called “right to be forgotten,” a substantial change needs to be made to the Constitution’s Article 19 (2) in the form of the addition of “privacy” as a ground for “reasonable restriction.
- On the one hand, there needs to be a balance between the right to privacy and protection of personal data (which is covered under Article 21 of the Indian constitution), and on the other hand, there needs to be a balance between the freedom of information of internet users (which is covered under Article 19).
- A comprehensive data protection law needs to address these issues and minimize the potential for conflict between the two fundamental rights that together make up the most important aspect of the golden trinity of the Indian constitution (Articles 14, 19, and 21).