The Right To Be Forgotten: A Struggle Between Memory And Forgetting

by Archi Agrawal


The Right to be forgotten as described by the European Commission is essentially ‘the right of individuals to have their data fully removed when it is no longer needed for the purposes for which it was collected’.[1] When the data appears to be “inadequate, irrelevant or no longer relevant, or excessive in relation to those purposes and  in the light of the time that has elapsed”,[2] the individuals under certain conditions can ask the search engines to remove links with personal information about them.[3]

In Europe, the concept of the right to be forgotten has its origin in the French Law (the ‘droit à l’oubli’) and Italian Law (the ‘diritto al’ oblio’) of a ‘right to oblivion’.[4] The ‘right of oblivion’ allows a criminal offender who has served his sentence, get the information about his crime and conviction removed.[5] The reason behind granting this right was to give these criminal offenders a chance to turn their life around.[6]

The need for “right to be forgotten”

There are two main reasons that have fueled the need for a right to oblivion or right to be forgotten viz. the Internet’s omnipresence and expansion of search engines. The increasing popularity of tablets and smart phones which facilitates people in getting past information of any individual at a lightning speed, has further helped in this change.[7] The innate nature of Internet’s architecture is to promote freedom of expression, which was also emphasized by the American founding fathers.[8] Both old and new media[9] have started invading the privacy of individuals. This was very well observed by Justice Louis Brandeis in 1928 that “Subtler and more far reaching means of invading privacy have become available”[10].

Right to be forgotten is important for individuals in today’s digital age as unlike on paper, publication in the internet once made, retains permanence. This can be best exemplified by landmark cases of Stacy Snyder[11] and Andrew Feldmar. Stacy Snyder, a 25 years old single mother wanted to be a teacher but she was denied her certificate by the Millersville University despite passing all her exams because of her unprofessional behavior. Stacy had actually put an online picture of her wearing a pirate’s hat captioned ‘drunken pirate’ and drinking from a plastic cup. Internet remembered what Stacy wanted to have forgotten.[12]  In another case, Andrew Feldmar a Canadian psychotherapist, in 2006 tried to cross the U.S./Canadian border which he had done several times. But this time, the border guard searched for Feldmar in an internet search engine and found an article which mentioned that he had taken LSD back in 1960s. Based on this, he was barred from further entry into the United States.[13] These incidences necessitated the introduction of the right to be forgotten.

The Court of Justice of the European Union in its ruling on 13 May 2014 in the matter of Google Spain and Google Inc. v. Agencia Española De Protección De Datos[14] and Mario Costeja González,[15] further recognized the right to be forgotten and explained its scope. In 2010, a Spanish citizen Mario Costeja González lodged a complaint against a Spanish newspaper La Vanguardia Editions SL (the publisher of a daily newspaper with a large circulation in Spain, in particular in Catalonia) with the AEPD and against Google Spain and Google Inc.[16] His grievance was that an auction notice of his home which was repossessed later is still on Google’s search results infringed his right to privacy. In reality, the proceedings concerning him had been fully resolved for a number of years and hence the links available on Google regarding this are now totally irrelevant. The Spanish citizen requested the newspaper to remove the information or change the pages so that his personal information no longer appeared. He also requested Google Spain to remove his personal data, so that it no longer appeared in the Google search results.[17] The Court ruled that,

“…an internet search engine operator is responsible for the processing that it carries out of personal data which appear on web pages published by third parties. Thus, if, following a search made on the basis of a person’s name, the list of results displays a link to a web page which contains information on the person in question, that data subject may approach the operator directly and, where the operator does not grant his request, bring the matter before the competent authorities in order to obtain, under certain conditions, the removal of that link from the list of results.”[18]

The European Court of Justice in the above mentioned case spelled out the scope of the right to be forgotten and clarified the intricacies of the European Data Protection Law. The Court further analyzed the issues of territoriality of the European data protection rules, its applicability to search engines, which can be called “data controllers” and much more. The Court ruled that the operator of the search engine be regarded as the “controller” in respect of the processing of the data pursuant to Article 2(d).[19] Further, to the question of territoriality of the EU Data Protection rules, the Court clarified that even if the physical server of a company which is processing the data is situated somewhere outside Europe, EU Data Protection rules would apply to such operators of search engine if they have a branch or subsidiary in a Member State and promotes the selling of advertising space offered by the search engine which makes its services profitable.[20]

The Court also took into account Article 7 and Article 8 of the Charter of Fundamental Rights which guarantees Right to respect for private and family life and Right to protection of data respectively. Thus in the light of these two rights, the data subject can request that the information or the data be excluded from the search results and be made no longer available to the general public and this “overrides, as a rule”, both the economic interest of search engine operator and the general public. This aspect of the right was however narrowed down by the Court as the individual’s rights shall not take precedence over interest of the general public if there is preponderant interest of the public in having that information of the data subject.[21]

The tussle between right to privacy and right to speech

Internet acts as a tool for human beings to develop their own ideas and express their opinion without previous filters and thus, helps in growth of a democratic culture.[22]  This was possible only by the virtue of right to freedom of opinion and expression guaranteed by nations to its citizens. But, we cannot ignore the downfall of other fundamental rights like right to privacy because of rise of the right to freedom of speech.[23] Information that was once scattered, forgettable, and localized is now becoming permanent and searchable.[24] The fact that Internet never seems to forget is threatening.[25] This omnipresence of Internet in human life led to the demand of the right to be forgotten.

It is true that the right to privacy of the individuals is to be protected from unscrupulous use of freedom of expression. But in some way or the other, the right to be forgotten does violate the universally recognized right to freedom of opinion and expression. Critics have condemned the right to be forgotten as a “weird kind of censorship”. It illegalizes links to legal content.[26] This censorship is being imposed on giant search engines like Google. Moreover, as pointed out by the critics of this right, a search engine is not supposed to be an accurate reflection of the ‘truth’. Rather, it is supposed to be an accurate reflection of what is on the internet. But Europe’s right to be forgotten is making it less accurate.[27]

Conflict of jurisdictions

Disputes about conflict in jurisdictions are bound to come up when the issue involves more than two nations with different laws relating to privacy and freedom of speech. Further, with no uniform law, content lawfully published in one country may be struck down by some other nation considering it inappropriate.

Further, as we have already seen that the European Court of Justice has ruled that if the physical server of a company which is processing the data is situated somewhere outside Europe, EU Data Protection rules would apply to their search operations. This would be the first time in history that a European would control a company like Google situated in the United States.[28] As if this was not enough that the European Data Regulators are now to instruct Google to make “right to be forgotten” rules applicable outside Europe too i.e. expanding “right to be forgotten” to Not abiding by this would largely affect Google as Google has approximately a 90% market share in Europe.77 But technically, international law subjects a state to limitations on its authority to exercise “prescriptive, adjudicative, and enforcement jurisdiction”.[29] So there is an urgent need to solve this conflict of jurisdictions between different nations with different laws.


Internet has an unending memory. Everyone is available on Internet from Vedas to the Presidential elections in United States. It contains some scraps of information about almost everyone. It’s just one search on the search engine and everything will be out. Consequently, people have begun to realize that some of the information that is online and pertaining to them is no longer relevant. In the sense, that the purpose for which it was put on web is now fulfilled. This realization among people led to the genesis of the “right to be forgotten”.

The right to be forgotten impedes freedom of speech. Therefore, if the right ought to be accepted it has to be done not on some “vague, ambiguous and unhelpful” set of criteria. Moreover, it places the burden on the companies to decide. This can never be the right solution even if any data infringes an individual’s right to privacy. There has to be “fair” set of rules based on which “right to be forgotten” can be implemented. Though, this can be done by amending the data protection laws, but it has to be “fair” too i.e. there has to be a balance between what we can post and what we can remove owing to our privacy. Further, it should also resolve conflict of jurisdictions of different nations.

History as called by the Wikipedia co- founder Jimmy Wales is a “human right”. It cannot be erased even in bits and pieces. It is human knowledge. So the “right to be forgotten” should be implemented balancing its every aspect.

Archi is a fourth year student at HNLU

This piece is a shortened version of a full article available with the RGNUL Student Law Review


[1]  European Commission Press Release Database, Data Protection Reforms- Frequently asked questions (4 November 2014), available at

[2] Google Spain SL, Google Inc. v. Agencia Española de Protección de Datos (AEPD) and Mario Costeja González, C-131/12

[3] European Commission, Factsheet on the “Right to be forgotten’ ruling (C-131/12), available at

[4] Paul A. Bernal, A Right to delete?, 2 European Journal of Law and Technology (2011,) available at

[5] Jeffrey Rosen, The Right to be Forgotten, Stanford Law Review (2012), available at

[6] M. Garcia Murillo and Ian Maccinnes, The right to be forgotten: its weaknesses and alternatives, Social Science Research Network, available at http://

[7] Cláudio de Oliveira Santos Colnago, The Right To Be Forgotten And The Duty To Implement Oblivion: A Challenge To Both “Old” And “New” Media, available at events/events/conferences/ 2014/wccl-cmdc/wccl/papers/ws14/w14-colnago.pdf

[8] Ibid.

[9] Ibid.

[10] Olmstead v. United States: The Consitutional Challenges of Prohibition Enforcement, Federal JudiciaLCenter, available at /home.nsf/page/ tu_olmstead_doc_15.html

[11] Snyder v. Millersville University et al, 2008 WL 5093140 (E.D. Pa., 2008) (2007, U.S. District Court of Eastern Pennsylvaniya).

[12] Priceton University Press, Failing to forget the “Drunken Pirate”, available at

[13] Viktor Mayer-Schonberger, Delete, The Virtue Of Forgetting In The Digital Age, Priceton University Press, 2009.

[14] Hereinafter referred to as AEPD.

[15] C-131/12 (2014, European Court of Justice).

[16] Google Spain SL v. AEPD & Mario Costeja González, C-131/12 at ¶ 14 (2014, European Court of Justice).

[17] Supra note 3.

[18] Cyria, Court of Justice of the European Union, Press Release No. 70/14, (11/05/2014), available at pdf/2014 05/cp140070en.pdf

[19] Article 2(d) of The EU Data Protection Directive defines a “controller” as “the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law”; Google Spain SL v. AEPD & Mario Costeja González, C-131/12 ¶ 33 (2014, European Court of Justice).

[20] Supra note 3.

[21] Google Spain SL v. AEPD & Mario Costeja González, C-131/12¶  20 (2014, European Court of Justice) .

[22] Cláudio de Oliveira Santos Colnago, The Right To Be Forgotten And The Duty To Implement Oblivion: A Challenge To Both “Old” And “New” Media, available at events/events/conferences/ 2014/wccl-cmdc/wccl/papers/ws14/w14-colnago.pdf

[23] Ibid.

[24] Daniel J. Solove, The Future of Reputation: Gossip, Rumour, and Privacy on the Internet, Yale University Press, New Haven and London, 2007.

[25] Jeffrey Rosen, “The Web means the end of forgetting”, The New York Times, 21 July 2010.

[26] Mike Elgan, Why Google should leave Europe, available at

[27] Ibid.

[28] Viktor Mayer-Schonberger, Delete, The Virtue Of Forgetting In The Digital Age, Priceton University Press, 2009.

[29] Kathleen Hixson, Extraterritorial Jurisdiction Under the Third Restatement of Foreign Relations Law of the United States, Fordham International Law Journal (1988), available at

Leave a Reply

Your email address will not be published. Required fields are marked *