The battle for privacy: right to be forgotten in India
Submitted by Jyoti Panday (@pandayjyoti) on Tuesday, 26 June 2018
Although the Internet is viewed as a global public resource, its functioning and access to information remains predominantly controlled by private actors. The so-called right to be forgotten, as created by the European Court of Justice’s interpretation seeks to create obligations for intermediaries to remove links to content that is lawful and available in the public domain. This talk tracks the development of the right to be forgotten and examines the implications of legislating such a right in India.
This so-called right to be forgotten has not been expressly recognized in international human rights instruments, nor in national constitutions. Its scope remains murky, meaning different things in different contexts and jurisdictions. While most commonly seen as a part of data protection, its spirit draws more on laws regarding defamation and honor. By extending speech removal practices into data protection and privacy laws, the right places strong privacy protections and free expression in direct, and unnecessary, conflict.
This right expands the power of private intermediaries, making them the arbitrator of relevance and legitimacy of online information including, if information being available has public interest. It introduces obligations for a specific class of intermediary/ies whose decision to delink results or erase content will become the de-facto rules for defining the contours of online speech and expression.
In some cases, de-linking may not be possible for legal or technical reasons for example when services are required to retain data for auditing purposes. In the absence of rules and criteria on the basis of which intermediaries may deny requests, companies may struggle to interpret the law, however defining categories of legal speech is problematic. The right to be forgotten creates an opaque, unaccountable censorship regime that curbs journalism and free speech. There are clear incentives for them to remove or erase information in order to avoid penalties or litigation.
The idea that, it is the individual who should retain ultimate control over information, ignores the broader right of the public to share and receive material that is legitimately in the public domain. The act of seeking search engines to de-index links also affects the “forgetting” of other individuals—those who are involved in the same event and yet do not want to be forgotten. It also impacts those who may be involved in the future or interested in similar events.
Under the GDPR’s requirements for responding to right to erasure requests, an online service provider must inform other processors of the request, and must inform the data subject when it erases information or takes action based on request. Sharing more precise or granular information about delisting standards in difficult cases might risk disclosing personal information about the data subject, bringing both legal penalties and public opprobrium to the company. It is difficult, and may be impossible, to maintain appropriate levels of public oversight and political control, when intermediaries are required to hide from sight the content of information that they de-link or “forget”. Transparency and censorship online are at odds, especially when censorship is intended to make more obscure publicly available data.
The Right to Be Forgotten challenges several other basic principles of an open society, including due process, the role of private actors in public policy, press freedom, transparency, the duty of society to preserve debate for its citizens, protection of the integrity of archives and history for its descendants.
Jyoti Panday is researcher and policy analyst who works on politics and ethics of Internet governance and the management of digital platforms. She has worked with the Electronic Frontier Foundation, Indian Institute of Management, Ahmedabad and the Centre for Internet and Society. She has published extensively on telecom and broadcasting, cross-border data flows, privacy and data protection, and online censorship. In 2015, she helped develop the Manila Principles for Intermediary liability, a set of best practices for online content removal which have been endorsed by civil society, and referenced extensively by international organizations and private companies. From 2017-18, she anchored the UNESCO World Trends in Media Freedom Report and authored the regional report for Asia Pacific. She is a public policy graduate from the University of London.