Right to be Forgotten in India: Digital Privacy & Law

Right to Be Forgotten
Right to be Forgotten in India: Digital Privacy & Law

By – Asmita Narula and Tannishtha Chatterjee

Table of Contents

Introduction: A New Kind of Privacy Battle in the Digital Age

The concept of the Right to be forgotten has gained significant attention in recent years, particularly with the increasing amount of personal data available online. This right, which allows individuals to request the removal of their personal data from online platforms, has its origins in European jurisprudence. The issue of the right to be forgotten remains sub judice before the Hon’ble Supreme Court of India has not been finally decided yet. While certain High Courts have, in specific cases, recognized limited relief under this right by directing removal or redaction of personal details from publicly available records, there is no settled statutory framework. The Supreme Court’s decision will be crucial in deciding how this right can be used, especially when it comes to court judgments and information available online.

In India, the right to be forgotten is still evolving, with various varied judicial precedents and the Digital Personal Data Protection Act, 2023 (still to be enforced), shaping its contours. This article explores the origin, development, and challenges of the right to be forgotten in India, highlighting its significance in the digital age.

Why: Indicates geographical and jurisprudential origin, improves clarity and flow.

The origin of the Right to be forgotten can be traced back to the French jurisprudence – right to oblivion, which meant to help reintegrate offenders after they had served their sentences. This later gained recognition in the European Union’s Data Protection Directive, 1995.

The Right to be forgotten became more widely discussed after the Court of Justice of the European Union (“CJEU”), in the famous case titled Google Spain SL v. Agencia Española de Protección de Datos (2014)1, directed Google to remove links to an old bankruptcy article as the debt had already been paid, so that the links do not appear in common searches. The Court observed that a person’s right to privacy and protection of personal data is more important than the business interests of search engines or the public’s general access to information. The Court, however, noted a critical limitation – the information could still be found with a more specific search as the information itself was not being deleted.

This judgment was linked to Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, which protect private life and personal data. It later became the basis for Article 17 of the General Data Protection Regulation (GDPR) (2016), which formally included the Right to be forgotten. Under Article 17, people can ask for their personal data to be erased if it is no longer needed, if they withdraw consent, or if the data was collected or used illegally. However, it also recognises the limitation of application of this right in situations where it contradicts the public interest or the right to free expression and information. This right is not limited to search engines or newspapers but also applies to public records or any unlawfully stored data, giving people stronger control over their personal information.

In Google LLC v. Commission nationale de l’informatique et des libertés (CNIL) (2019)2, the CJEU restricted the application of the above ruling only to the European Union. The CJEU ruled that the Right to be forgotten does not require removal of links from every global version of a search engine and must be applied to all EU-specific domains. The Court also observed that search engines must take steps to effectively block or strongly discourage users in EU Member States from accessing de-listed material through other versions of the search engine.

India’s Growing Digital Footprint and the Rising Need for a Right to Be Forgotten

In today’s digital world, the amount of personal data being generated and stored has grown at an unprecedented pace. Government businesses, and online platforms now rely heavily on this data to improve services, drive innovation, and create economic opportunities. In India, initiatives such as ‘Digital India’, ‘Aadhaar’, and ‘UPI’ have accelerated the shift towards digital governance and everyday online transactions. While this transformation has simplified access to services and enhanced efficiency, it has also raised critical questions about how safely personal data is collected, stored, and used. The challenge lies in balancing technological progress with the protection of individual privacy, ensuring that people retain control over their own information.

With the rising digital footprint, privacy concerns have also emerged in several ways. Large technology platforms and mobile applications routinely track user behavior, location, and preferences, often without full transparency about how that data will be used. This creates risks of surveillance, profiling, and manipulation. India’s expanding digital footprint also makes it vulnerable to evolving threats such as cyberattacks, payment frauds, and large-scale data breaches. The rise of new technologies like artificial intelligence and machine learning has made privacy issues more complicated. To protect the privacy of people, it is imperative to have clear laws and strict rules, and to also make sure that both, governments and private companies act responsibly and with due diligence. At the same time, it is also for the citizens to be more aware of what consents are being given by them for usage of their personal data, how their data is being used and how they can keep it safe.

The Right to be forgotten is slowly gaining importance in India as the personal data of the people continues to be available on digital platforms long after it stops being useful. Putting this right into practice is, however, not easy and there are several challenges in its implementation, which are discussed in the latter section of this article. Difficulty in fully removing data, lack of awareness among users, and unclear legal rules, are only some of the challenges which make it hard to implement this right in its true spirit and essence and necessitate the formulation of clear laws and development of stronger systems to protect the privacy of people in the fast-evolving digital world.

How Indian Courts Are Interpreting the Right to Be Forgotten

Different courts in India have adopted a different approach when faced with implementation of this right and its clash with other fundamental rights, particularly the right to freedom of speech, and public interest.

This issue first arose in India in Dharamraj Bhanushankar Dave v. State of Gujarat and Others (2017)3. A writ petition was filed before the Gujarat High Court seeking a restraint on the online publishing of a non-reportable judgment whereby the Petitioner had been acquitted of the charges of murder, kidnapping, etc. The writ petition was dismissed on the ground that the publication did not amount to any violation of Article 21 of the Constitution. It was also noted that the High Court Rules permitted a third party to obtain a copy of the judgment.

Shortly after, in contrast to the above judgment, the Karnataka High Court recognised the Right to be forgotten in V. v. The Registrar General, High Court of Karnataka and Others (2017)4. A writ petition was filed with a prayer to mask the Petitioner’s daughter’s name from the quashing petition filed by him on the ground of compromise. The petition mentioned his daughter’s name as the criminal case was filed by her against the Petitioner. This relief was sought on the ground that the appearance of her name will have repercussions, including affecting her marital relationship and damaging her reputation in society. The Court directed the registry to mask the name for an internet search made in the public domain however, it was made clear that the name would continue to reflect on the Court’s website and in its records. While passing the decision, the Court made a critical observation that its decision is in line with the trend in the Western countries where they follow this as a matter of rule ‘Right to be forgotten’ in sensitive cases, involving women in general, and highly sensitive cases, involving rape or affecting the modesty and reputation of the person concerned.

In August 2017, a landmark judgment in Justice K.S. Puttaswamy (Retd) and Another v. Union of India and Others5 was passed by the Constitution Bench of the Supreme Court. The right to privacy was held to be a fundamental right enshrined under Article 21 of the Constitution of India. It was observed that privacy has both positive and negative content – positive content imposes an obligation on the State to take all necessary measures to protect the individual’s privacy and the negative content restrains the State from committing an intrusion upon the citizen’s life and personal liberty.

The Supreme Court did not explicitly recognise the ‘Right to be forgotten’ but informational privacy, which is a facet of the right to privacy, and the challenges posed by the digital age were discussed in detail. The Supreme Court has made several critical observations which pave the way for the recognition of the Right to be forgotten:

  • In the pre-digital era, people could make mistakes and embarrass themselves, which would be forgotten with time, but the information on the internet is permanent – “Humans forget, but the internet does not forget and does not let humans forget”. People are entitled to “begin life again giving up past mistakes” and “re-invent themselves and reform and correct their mistakes”.
  • Even an endeavour to remove information from the internet does not result in its absolute obliteration as the footprints remain – “In the digital world preservation is the norm and forgetting a struggle”.
  • The right of an individual to exercise control over his personal data and right to be able to control his own life would encompass the right to control his existence on the internet, however, it is not an absolute right.
  • The right to control dissemination of personal information does not however amount to a right to total erasure of history and it has to be balanced with other fundamental rights like the freedom of expression, or freedom of media, which are fundamental to a democratic society.
  • The European Union Regulation (2016) recognises the Right to be forgotten but it does not mean that all aspects of earlier existence can be obliterated as some of them may have a social ramification.

Justice Sanjay Kishan Kaul in his judgment observed that

If we were to recognize a similar right, it would only mean that an individual who is no longer desirous of his personal data to be processed or stored, should be able to remove it from the system where the personal data / information is no longer necessary, relevant, or is incorrect and serves no legitimate interest. Since a right cannot be exercised where the information / data is necessary, for exercising the right of freedom of expression and information, for compliance with legal obligations, for the performance of a task carried out in public interest, on the grounds of public interest in the area of public health, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, or for the establishment, exercise or defence of legal claims. Such justifications would be valid in all cases of breach of privacy, including breaches of data privacy.

In V. Swaminathan v. Registrar General, High Court of Madras and Others6 (2021), the Madras High Court dismissed the Petitioner’s writ petition seeking redaction of his daughter’s name and details from the Court records, on the ground that such a petition cannot be entertained inasmuch as the High Court is a court of record and in the absence of rules, such a relief cannot be granted.

The Delhi High Court has time and again recognised the Right to be forgotten.

  • In Zulfiqar Ahmad Khan v. Quintillion Business Media Pvt. Ltd. and Others (2019)7, an online platform had published two articles about the Plaintiff under the #MeToo campaign, which were later taken down during the pendency of the case however, the contents of the said articles were republished by other online platforms. During the pendency of the case, the Court restrained republication of the content after recognising the Plaintiff’s right to privacy and observing that the ‘Right to be forgotten’ and the ‘Right to be left alone’ are inherent aspects of the Right to privacy.
  • In Jorawar Singh Mundy v. Union of India and Others8 (2021), which is still pending, the Court passed an interim order directing Indian Kanoon to block the judgment, whereby the Petitioner was acquitted of narcotics charges, from being accessed by using search engines such as Google / Yahoo etc. The interim order was passed keeping in mind the irreparable prejudice which may be caused to the Petitioner, his social life and his career prospects, despite being acquitted.
  • The Delhi High Court observed that the question as to whether a Court order can be removed from online platforms is an issue which requires examination from both the Right of Privacy on one hand and the Right to Information and maintenance of transparency in judicial records on the other hand.
  • Similarly, in SK v. Union of India and Others9 (2023), which is still pending, the Court passed an interim order directing that the name of the Petitioner should be masked on the Indian Kanoon portal in the judgment whereby he has been acquitted of the charges of rape and criminal intimidation.
  • Both the above matters, where interim orders have been passed, are now listed together on 03.09.2025.
  • Recently, in ABC v. State and Another10, the Court directed the Registry to remove the Petitioner’s and the Respondent No. 2’s name from the records and its search results – to be shown as ‘ABC’ ‘XYZ’ respectively. The Court held as follows

It is well settled that the right to privacy is a fundamental right and forms an intrinsic part of Article 21 of the Constitution of India. The concept of right to privacy incorporates the right to be forgotten. In the age of internet, every piece of information that finds its way to the internet, gains permanence. The need to allow the masking of names of individuals acquitted of any offence or when criminal proceedings against such persons are quashed, emanates from the most basic notions of proportionality and fairness. While the access to information is a fundamental aspect of democracy, the same cannot be divorced from the need to balance the right to information of the public with the individual’s right to privacy. This is especially when after the quashing of the proceedings, no public interest can be served by keeping the information alive on the internet.

There is no reason why an individual who has been duly cleared of any guilt by law should be allowed to be haunted by the remnants of such accusations easily accessible to the public. Such would be contrary to the individual’s right to privacy which includes the right to be forgotten, and the right to live with dignity guaranteed under Article 21 of the Constitution of India.

In Vysakh K.G. v. Union of India11 (2022), while dealing with several writ petitions involving the issue of the Right to be forgotten, the Kerala High Court has, amongst other things, dealt extensively with the Right to privacy, the evolving accountability and transparency in the judicial function in the era of digital space, the evolution of the Right to be forgotten and the Right to erasure. The observations of the Court are as follows:

  • The Right to be forgotten can be claimed to erase past records however, the claim to erase or redact personal information in current proceedings or proceedings concluded recently is a myth and cannot be relied on to prevent the uploading of judgments in the Court Information System. 
  • In the absence of legislation, a problem arises in determining the period or circumstances under which a party can invoke this right. The Court may have to recognise this right and direct removal of such content available online on case-to-case basis.
  • The reporting and publishing of judgments are a part of freedom of speech and expression and that cannot be taken away lightly without the aid of law. The Courtroom is open to all. The Court cannot gloss over the protection available to publishers of judgments under Article 19(1)(a) of the Constitution of India.
  • In appropriate cases, the Court is entitled to invoke principles related to the right to erasure to allow a party to erase and delete personal data that is available online.

In XXXX v. YYYY and Ors.12 (2022), the Petitioner pleaded ‘Right to be forgotten’ and ‘Right of erasure’ as being rights of privacy and sought masking of her and Respondent No. 1’s name and other personal details to the extent that they are not visible for search engines. The Petitioner submitted that the display of these details with respect to the offences committed on the modesty of women and sexually transmitted disease has caused immense loss by way of social stigma and infringement of personal privacy. The Supreme Court directed the Registry to examine the issue and work out how the same can be achieved.

The limited issue of redacting personal information and intimate details from judicial records, including orders and judgments, has recently come before the Supreme Court in Ikanoon Software Development Pvt. Ltd. v. Karthick Theodore and Others13. Even though the issue before the Court is limited, the Court may delve into the issue of the Right to be forgotten, and it may bring some clarity. This issue has risen from the judgment of the Madras High Court in Karthick Theodore v. The Registrar General and Ors.14. The High Court dealt with a writ appeal challenging the rejection of the Appellant’s plea to redact his personal and intimate details in the judgment acquitting him because of which his Australian visa was also denied. On 27.02.2024, the High Court directed that the judgment be taken down, the Petitioner’s name and other details relating to his identity be redacted from the said judgment and only the redacted judgment be available for publication / uploading. The Supreme Court has stayed the directions issued in the impugned judgment of the Madras High Court. It has further tagged the present appeal with another pending matter before it, Alka Malhotra vs. Union of India & Ors.15, which concerns a similar issue.

What the DPDP Act, 2023 Says About the Right to Be Forgotten

The judgment in Justice K.S. Puttuswamy and Another16 necessitated the enactment of a legal framework in India to protect personal digital data and it set the ground for the need of a proper legal framework.

The Supreme Court commended to the Union Government the need to examine and put into place a robust regime for data protection, which, in the Court’s opinion, required a careful and sensitive balance between individual interests and legitimate concerns of the State.

Initially, the Personal Data Protection Bill, 2019 was introduced by the Ministry of Electronics and Information Technology, which was later withdrawn and replaced with the Digital Personal Data Protection Act, 2023 (“DPDP Act”). The DPDP Act is the first dedicated data protection law in India enacted with the purpose of processing digital personal data in a manner that recognises the right of individuals to protect their personal data and the need to process such personal data for lawful purposes.

The DPDP Act defines ‘data’ as representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by human beings or by automated means17, and ‘Personal data’ as any data about an individual who is identifiable by or in relation to such data18. ‘Digital personal data’ has been defined as personal data in digital form19.

The Act recognises some essence of the Right to be forgotten through the Right of erasure under Section 12 however, there is a vast difference between both the rights. The person to whom the personal data pertains, i.e., the Data Principal20, can request the Data Fiduciary21 for correction, completion, updating and erasure of personal data for the processing of which he had previously given consent, including consent as referred to in Section 7(a)22. One of the statutory obligations of the Data Fiduciary is to erase personal data, unless retention is necessary for compliance with law, upon the withdrawal of consent by the Data Principal or as soon as it can reasonably be assumed that the specified purpose is no longer being served, whichever is earlier23.

The Many Challenges of Enforcing the Right to Be Forgotten in India

The implementation of the Right to be forgotten, even though indirectly recognised under Justice K.S. Puttuswamy and Another24 and the DPDP Act, is not without its challenges. As on date, there is no statutory framework to regulate the Right to be forgotten in India. 

In Subhranshu Rout v. State of Odisha25 (2022), the Orissa High Court was dealing with a bail application where the accused had recorded the forcible sexual intercourse with the victim and uploaded it through a fake Facebook profile in her name, which he later deleted with police interference. The Court observed that ‘information in the public domain is like toothpaste, once it is out of the tube one can’t get it back in and once the information is in the public domain it will never go away’. While observing the unprecedented escalation of such insensitive behavior on social media platforms, the Court observed as follows:

Though the statute prescribes penal action for the accused for such crimes, the rights of the victim, especially, her right to privacy which is intricately linked to her right to get deleted in so far as those objectionable photos have been left unresolved. There is a widespread and seemingly consensual convergence towards an adoption and enshrinement of the right to get deleted or forgotten but hardly any effort has been undertaken in India till recently, towards adoption of such a right, despite such an issue has inexorably posed in the technology dominated world. Presently, there is no statute in India which provides for the right to be forgotten / getting the photos erased from the server of the social media platforms permanently. The legal possibilities of being forgotten on line or off line cries for a widespread debate. It is also an undeniable fact that the implementation of the right to be forgotten is a thorny issue in terms of practicality and technological nuances. In fact, it cries for a clear-cut demarcation of institutional boundaries and redressal of many delicate issues which hitherto remain unaddressed in Indian jurisdiction. The dynamics of hyper connectivity – the abundance, pervasiveness and accessibility of communication network have redefined the memory and the prescriptive mandate to include in the technological contours is of pressing importance.

One of the major challenges in the implementation of the Right to be forgotten is the different approach adopted by different courts in India and the consequent lack of clarity on its interpretation and application. The same has also been dealt with in the previous section of this article.

Limitations of the DPDP Act in Protecting the Right to Be Forgotten

The DPDP Act is a significant milestone for establishing a framework for data protection given the global standards and its rising importance in an era where personal data is constantly shared across the internet. It provides for Data Fiduciary obligations, Data Principal rights and penalties for non-compliance. However, there remains a gap in the framework for the implementation of the DPDP Act and a definite procedure for implementation of its provisions.

For instance, there is no specific provision for the Right to be forgotten, there is silence on the factors to be considered while dealing with a request for erasure of data, the powers of the Data Protection Board of India (DPBI) are limited, etc. 

Even the scope of the Right to erasure under the DPDP Act is limited. Firstly, it is only enforceable against ‘Data Fiduciaries’ as defined under the Act. Secondly, Section 17 provides for certain exemptions to this right i.e., when processing of personal data is

  1. necessary for enforcement of legal rights and claims.
  2. required by courts or tribunals or any other judicial / quasi-judicial / regulatory / supervisory body in India for performance of its functions.
  3. in the interest of prevention, detection, investigation or prosecution of any offence of contravention of any law for the time being in force in India.
  4. pursuant to any contract entered into with any person outside the territory of India by any person based in India with respect to personal data which is not within the territory of India.
  5. necessary for a scheme of compromise or arrangement or merger or amalgamation of two or more companies or a reconstruction by way of demerger or otherwise of a company, or transfer of undertaking of one or more company to another company, or involving division of one or more companies, approved by a court or tribunal or other authority competent to do so by any law for the time being in force.
  6. for the purpose of ascertaining the financial information and assets and liabilities of any person who has defaulted in payment due on account of a loan or advance taken from a financial institution, in compliance with the applicable law.
  7. by State instrumentalities notified by the Central Government in the interest of sovereignty 

Moreover, the DPDP Act was notified in August 2023, but it has not come into force till date. A draft of the Digital Personal Data Protection Rules 2025 is also pending finalisation.

Conflicts with Free Speech, Journalism, and Public Interest

The Right to be forgotten is in direct conflict with other rights, including the Right to freedom of speech and expression, the Right to access information, and the Right to conduct research and journalism. The legislation and the judiciary will be required to balance the application of the Right to be forgotten with the other rights as neither of these rights can be diluted.

The Technical Hurdles: Why It’s Hard to Truly Delete Data Online

Data uploaded in the digital ecosystem is capable of spreading like wildfire – replication, catching and archiving, which poses several technical constraints in the implementation of the Right to be forgotten. It is possible that the data is stored on multiple servers, backups, clouds, etc., which poses a major hurdle in complete deletion of digital data. Even if the original source deletes it, search engines may still show cached versions unless they are specifically removed.

Further, there are some technologies, like blockchain, which are designed to be permanent. In such a case, data erasure may not be possible easily.

The Awareness Gap: Why Indians Rarely Invoke This Right

The lack of awareness amongst the public in India about their rights, particularly with respect to digital data and to be forgotten, is another major challenge in its implementation. Even if the public is aware that such a right exists, they have no knowledge about the procedure, legal nuances involved, limitations, etc. The right is thus hardly invoked. The lack of awareness can also sometimes lead to abuse of the right by those who are in possession of personal digital data. This hurdle can be overcome by spreading awareness amongst the public and adopting initiatives to educate the public about digital data, its advantages and disadvantages, their rights and responsibilities, procedures etc.

The Global Problem: Cross-Border Challenges in Data Removal

Once any data is published on the internet, it is impossible to restrict it and can quickly move across borders. It becomes complicated to enforce Indian laws on servers and companies outside the jurisdiction of the country. In most situations, it is impossible to ensure such enforcement or compliance.

Conclusion: Balancing Privacy, Public Good, and Practicality

The Right to be forgotten is a complex and evolving concept in India. While the Right to be forgotten is essential for protecting individual privacy and dignity, its implementation poses significant challenges, including technical constraints, lack of awareness, and conflicts with other fundamental rights. To effectively implement this right, it is crucial to strike a balance between individual interests and public concerns, and to establish clear guidelines and procedures for its application. Ultimately, the Right to be forgotten has the potential to empower individuals to control their personal data and protect their online presence, but its success depends on careful consideration of the challenges and nuances involved.

FAQs

  1. What is the Right to be Forgotten in India?

    The Right to be Forgotten in India refers to an individual’s ability to request the removal or restriction of access to their personal information such as names, photos, or case details from online platforms or search engines in specific circumstances. This right is grounded in the broader right to privacy under Article 21 of the Constitution, though it currently lacks a comprehensive statutory framework and is evolving through judicial interpretation.

  2. How does the Right to be Forgotten balance privacy and freedom of expression?

    The Right to be Forgotten seeks to balance the individual’s right to privacy with the public’s right to information and freedom of expression. Courts weigh the relevance, accuracy, and age of the information against factors such as public interest, legal obligations, or journalistic necessity. It does not allow for blanket removal of data and must be exercised proportionately, ensuring that the removal of information does not compromise transparency or accountability.

  3. What was the role of the Google Spain case in shaping RTBF?

    The 2014 Google Spain SL v. AEPD judgment by the Court of Justice of the European Union (CJEU) was a watershed moment in privacy law. It held that individuals could request search engines to delist links containing outdated or irrelevant personal information. This case laid the groundwork for Article 17 of the GDPR (Right to Erasure) and continues to influence global discussions around the scope and limits of digital privacy.

  4. Is the Right to be Forgotten recognized by Indian courts?

    Yes, Indian courts have acknowledged the Right to be Forgotten as an emerging aspect of the fundamental right to privacy, especially in sensitive or acquittal-based cases. However, courts have taken varied positions, and its recognition is not absolute it must be reconciled with competing rights like free speech, public interest, and judicial transparency. Interim relief has been granted in select cases, but a definitive ruling from the Supreme Court is still awaited.

  5. What did the Supreme Court say about privacy in the Puttaswamy judgment?

    In Justice K.S. Puttaswamy (Retd.) v. Union of India (2017), a nine-judge bench of the Supreme Court unanimously recognized the right to privacy as a fundamental right under Article 21. The judgment emphasized informational privacy and discussed the permanence of digital memory, indirectly laying the foundation for recognizing the Right to be Forgotten. It observed that people should have the right to reform, evolve, and not be perpetually defined by their digital past.

  6. How does the Digital Personal Data Protection Act, 2023 address RTBF?

    The DPDP Act, 2023 does not explicitly define the Right to be Forgotten, but it incorporates its core principles through the Right of Erasure under Section 12. Individuals (Data Principals) can request correction or deletion of their personal data once it no longer serves the original purpose or if consent is withdrawn. However, this right is subject to exceptions and is only enforceable against Data Fiduciaries, with implementation awaiting detailed rules.

  7. What are the main challenges in implementing the Right to be Forgotten in India?

    Implementing the Right to be Forgotten in India is complex due to the lack of a clear legal framework and the need to balance it with freedom of expression and the right to information. Technical challenges in completely erasing data, the risk of misuse to suppress legitimate content, and the absence of a dedicated adjudicatory authority further complicate enforcement. These factors make consistent and fair application of the right difficult in practice.

  8. Does the Right to be Forgotten mean complete erasure of online data?

    No, the Right to be Forgotten typically refers to the de-indexing or restriction of access to personal data, especially from search engine results. It does not guarantee absolute deletion of the underlying content, particularly if retention is required by law, serves public interest, or is essential for research, archiving, or legal claims. The right is conditional and must be exercised proportionately.

  9. What is the difference between Right to be Forgotten and Right of Erasure?

    The Right to be Forgotten focuses on restricting public visibility or accessibility of personal information, particularly from search results. The Right of Erasure, as codified in Section 12 of the DPDP Act, allows individuals to request deletion of their digital personal data from a platform. While related, the former is broader in scope and often invokes balancing with competing rights, whereas the latter is narrower and limited to specific conditions under the Act.

  10. Why is the Right to be Forgotten important in the digital age?

    In the digital era, information persists indefinitely, often without context or relevance. The Right to be Forgotten empowers individuals to reclaim control over outdated or harmful data that may hinder their reputation, opportunities, or mental well-being. It serves as a critical tool to preserve human dignity, especially in cases of acquittals, past mistakes, or sensitive personal history, without undermining democratic values like transparency and accountability.

References –

  1. (2014) 3 WLR 659
  2. Case C-507/17
  3. 2017 SCC OnLine Guj 2493
  4. 2017 SCC OnLine Kar 424
  5. (2017) 10 SCC 1
  6. 2021 SCC OnLine Mad 16470
  7. 2019 SCC OnLine Del 8494
  8. 2021 SCC OnLine Del 2306
  9. 2023 SCC OnLine Del 3544
  10. 2024 SCC OnLine Del 8113
  11. 2022 SCC OnLine Ker 7337
  12. Miscellaneous Application No. 875/2022 in SLP (Crl.) No. 3211/2022
  13. 2024 SCC OnLine SC 3287
  14. 2024 SCC OnLine Mad 6529
  15. Writ Petition (Civil) No 19 of 2024
  16. supra
  17. Section 2(h)
  18. Section 2(t)
  19. Section 2(n)
  20. Section 2(j)
  21. Section 2(i) defines ‘Data Fiduciary’ as any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data
  22. A Data Fiduciary may process personal data of a Data Principal for any of the following uses, namely: – (a) for the specified purpose for which the Data Principal has voluntarily provided her personal data to the Data Fiduciary, and in respect of which she has not indicated to the Data Fiduciary that she does not consent to the use of her personal data.
  23. Section 8(7)
  24. supra
  25. 2020 SCC OnLine Ori 878

More from Neeti Niyaman Team –