Introduction

The internet remembers almost everything. A social media post from ten years ago, an old court record, a news report, or a personal photograph can continue to appear in search results long after the original event has lost public relevance. In many cases, this endless digital memory affects careers, relationships, education, and mental peace. As online platforms continue to collect and circulate personal information at scale, individuals are increasingly asking an important question: should people have the power to remove outdated or harmful personal data from the internet?

This question has led to worldwide discussions around the “Right to Be Forgotten.” The concept gained major attention after European courts recognized that individuals should, in some situations, be able to request the removal of personal information from public search results. In India, the issue has become even more important because of rapid internet growth, social media usage, digital payments, and online government services.

Today, Indian courts, regulators, companies, and policy experts are all examining how privacy rights can be balanced against free speech, transparency, journalistic freedom, and public interest. The arrival of the Digital Personal Data Protection Act, 2023 has added another layer to this discussion by giving individuals stronger control over their personal data.

The growing focus on “right to be forgotten india” reflects the larger public demand for privacy protection in the digital age.

Understanding the Right to Be Forgotten

The Right to Be Forgotten allows individuals to request the deletion, removal, or restriction of personal information that is no longer necessary, relevant, or lawful to retain. It does not mean that every piece of online information can automatically disappear. Instead, it creates a legal process through which individuals can seek protection against unnecessary digital exposure.

For example, a person acquitted in a criminal case may not want outdated reports about the case to appear prominently in search results forever. Similarly, victims of harassment or non-consensual image sharing may seek removal of harmful content from digital platforms.

The idea is based on the principle that individuals deserve a chance to move forward without permanent digital punishment for past events that no longer serve public interest.

However, the Right to Be Forgotten is not absolute. Courts and regulators often examine several factors before granting relief, including:

• Whether the information is true or false
• Whether public interest still exists
• Whether the person is a public figure
• Whether removal would affect freedom of expression
• Whether the information relates to criminal proceedings or public records

Because of these competing interests, the legal position continues to evolve in India.

Evolution of Privacy Rights in India

India’s privacy framework changed significantly after the landmark judgment of the Supreme Court in the case of Justice K.S. Puttaswamy v. Union of India. In 2017, the Court declared privacy to be a fundamental right protected under Article 21 of the Constitution.

The judgment recognized that privacy includes personal autonomy, dignity, and informational self-determination. This meant that individuals should have greater control over how their personal data is collected, used, and shared.

Although the Supreme Court did not create a complete Right to Be Forgotten framework, it acknowledged the importance of allowing individuals to limit the spread of personal information in certain situations.

Following the Puttaswamy ruling, Indian courts began receiving petitions from individuals seeking removal of online content. Many of these cases involved:

• Criminal proceedings ending in acquittal
• Revenge pornography
• Publication of personal details
• Old news reports affecting employment opportunities
• Disclosure of sensitive family matters

Different High Courts have taken varied approaches while handling such requests, which shows that Indian jurisprudence in this area is still developing.

Important Indian Court Decisions

Several Indian courts have examined requests connected to digital privacy and online reputation.

In some cases, courts allowed temporary masking of names and personal details from online judgments. In others, courts refused complete removal because judicial records are considered public documents.

The Karnataka High Court was among the early courts to discuss the Right to Be Forgotten in detail. The Court permitted anonymization of a woman’s identity in a legal matter involving sensitive personal information.

The Kerala High Court later examined whether individuals could seek removal of personal data from search engines and public platforms. The Court recognized privacy concerns but also emphasized the importance of open justice and public access to court records.

Similarly, the Delhi High Court has handled multiple petitions where individuals requested removal of search results linked to old legal disputes or allegations. The Court often balanced privacy rights against freedom of information.

These decisions show that Indian courts are attempting to create a balanced framework rather than granting unrestricted deletion rights.

Why the Right to Be Forgotten Matters in the Digital Economy

The modern digital economy depends heavily on personal data. Social media companies, e-commerce businesses, fintech platforms, healthcare providers, and employers all collect large volumes of user information.

While digital services offer convenience, they also create long-term risks. A single viral post or inaccurate article can remain searchable for years. Many individuals face professional and personal difficulties because old online material continues to appear in internet searches.

The issue becomes more serious when data is:

• Incorrect or misleading
• Shared without consent
• No longer relevant
• Excessive compared to its purpose
• Harmful to reputation and dignity

Students applying for universities, professionals attending interviews, entrepreneurs seeking investors, and ordinary individuals building careers often worry about how old online information may affect future opportunities.

This is why privacy protection is no longer viewed as only a legal issue. It is also a business, employment, and social concern.

The increasing public debate around right to be forgotten under DPDP Act highlights how closely digital privacy is now linked to economic and social participation.

The Digital Personal Data Protection Act, 2023

India’s Digital Personal Data Protection Act, 2023 represents a major step in the country’s data protection framework. The law establishes obligations for entities handling personal data and grants certain rights to individuals, known as Data Principals.

The Act focuses on lawful processing, consent-based data collection, purpose limitation, and accountability.

Although the law does not explicitly use the phrase “Right to Be Forgotten” in the same manner as the European Union’s GDPR, it contains several related protections.

Under the Act, individuals can:

• Seek correction of inaccurate personal data
• Request updating of incomplete information
• Ask for erasure of personal data under certain conditions
• Withdraw consent previously given
• Access information regarding data processing activities

The law also places responsibilities on Data Fiduciaries to erase personal data once the purpose for processing has been fulfilled, unless retention is legally necessary.

This creates a framework where unnecessary storage of personal data becomes harder to justify.

At the same time, the Act recognizes that data retention may still be necessary for legal compliance, regulatory obligations, fraud prevention, contractual enforcement, or public interest.

As a result, requests for deletion are not automatic. Companies must examine whether retention is required under applicable laws.

Challenges in Implementing the Right to Be Forgotten

Even though the idea appears straightforward, practical implementation is highly complex.

Conflict with Freedom of Speech

One major challenge involves balancing privacy rights against freedom of expression. Journalists, researchers, and media organizations argue that public records and news archives should remain accessible.

Removing content too aggressively may create risks of censorship and historical revision.

Public Interest Concerns

Certain information may continue to hold public relevance. For example, details relating to financial fraud, political misconduct, or serious criminal allegations may remain important for public awareness.

Courts often examine whether removal requests are genuine privacy claims or attempts to suppress legitimate criticism.

Technology Limitations

Completely deleting information from the internet is technically difficult. Data may exist across multiple websites, screenshots, backups, archives, and third-party platforms.

Even if one platform removes information, copies may continue circulating elsewhere.

Jurisdictional Problems

The internet operates across borders. A website hosted outside India may not easily comply with Indian legal orders.

This creates enforcement difficulties for regulators and courts.

Search Engine Responsibilities

Another major issue concerns the role of search engines. Should search engines remove links globally or only within a specific jurisdiction? Should they evaluate the legality of every request independently?

Different countries have adopted different approaches, making global consistency difficult.

Impact on Businesses and Digital Platforms

Businesses operating in India must increasingly pay attention to privacy compliance.

Companies that collect customer data should create structured systems for:

• Consent management
• Data retention review
• Deletion request handling
• User grievance mechanisms
• Record maintenance
• Privacy policy updates

Ignoring privacy expectations can damage brand credibility and customer trust.

Large multinational companies, especially those handling financial, healthcare, education, or employment-related information, are expected to implement stronger governance frameworks.

Search engines, social media companies, and digital publishers may also face increasing pressure to create transparent review mechanisms for content removal requests.

Organizations should train employees on data handling practices and establish clear internal procedures for responding to user complaints.

Strong privacy practices are now becoming part of corporate reputation management.

Comparison with the European Union’s GDPR

The European Union’s General Data Protection Regulation, commonly known as GDPR, contains one of the world’s most recognized Right to Be Forgotten frameworks.

Under Article 17 of the GDPR, individuals can request erasure of personal data in several situations, including when:

• Data is no longer necessary
• Consent has been withdrawn
• Processing was unlawful
• The individual objects to processing
• Legal obligations require deletion

However, GDPR also includes exceptions for:

• Freedom of expression
• Public interest
• Scientific research
• Legal claims
• Compliance with legal obligations

India’s DPDP framework is comparatively narrower in some areas but still represents a substantial move toward stronger data governance.

As India’s digital economy continues expanding, future amendments or regulatory guidelines may further clarify the scope of deletion and erasure rights.

The Future of Privacy Rights in India

The conversation around privacy in India is far from complete. Courts will continue shaping the practical meaning of the Right to Be Forgotten through future decisions.

Technology companies are also likely to face stricter compliance expectations as regulators focus more closely on data governance.

Artificial intelligence, facial recognition, deepfake technology, and automated profiling systems may create additional privacy concerns in the coming years.

As digital footprints become more permanent, individuals will increasingly seek stronger control over their personal information.

Future legal developments may include:

• More detailed data deletion procedures
• Standardized grievance mechanisms
• Platform accountability rules
• Search engine delisting frameworks
• Clearer balancing tests for courts
• Sector-specific compliance standards

India’s legal system is still attempting to strike a fair balance between transparency, accountability, public interest, and personal dignity.

Best Practices for Individuals Seeking Online Privacy

Individuals concerned about digital reputation should take proactive steps instead of waiting for disputes to arise.

Some practical measures include:

Review Privacy Settings Regularly

Social media accounts should be reviewed periodically to control who can access personal information.

Avoid Oversharing Sensitive Information

Personal details such as addresses, identification numbers, travel plans, and financial information should not be shared casually online.

Monitor Search Results

Regularly checking search engine results can help individuals identify harmful or outdated information early.

Use Grievance Mechanisms

Many platforms already provide complaint systems for privacy violations, impersonation, harassment, or unauthorized image sharing.

Maintain Digital Awareness

People should understand that online activity can have long-term consequences.

Digital literacy is becoming an important part of personal reputation management.

Conclusion

The Right to Be Forgotten represents one of the most important privacy discussions in the modern internet era. As India becomes increasingly dependent on digital platforms, the ability to control personal information is becoming closely linked with dignity, freedom, and opportunity.

Indian courts have recognized the importance of privacy rights while also attempting to preserve transparency and freedom of expression. The Digital Personal Data Protection Act, 2023 has further strengthened the legal foundation for data protection by granting individuals greater authority over personal information.

However, implementation remains challenging because privacy interests often conflict with public records, journalistic freedom, and technological realities.

For businesses, compliance is no longer optional. Strong privacy governance is quickly becoming a core business expectation. For individuals, awareness and responsible digital behavior remain equally important.

The legal position surrounding the Right to Be Forgotten in India will continue evolving as courts, regulators, and companies respond to changing technology and public expectations. What remains clear is that digital privacy is no longer a niche concern. It is now a central issue in the future of India’s online ecosystem.