Etching in stone or erasing the past: The right to be forgotten in Nepal’s third amendment

right to be forgotten
The right to be forgotten enables people to request the deletion of outdated or irrelevant personal data. Photo by Antonis Spiridakis on Unsplash

The digital age has unlocked the unprecedented ability to archive, interconnect and transmit data globally. As of 2024, 5.35 billion people have internet access while global internet traffic exceeds 100 Gb/s.

Platforms like search engines and social media thrive on maximising user engagement through personalised profiling based on an ever-expanding trove of personal data. Once online, such data attains near-permanence and visibility irrespective of individual wishes, with privacy implications unforeseeable during initial disclosure.

Consequently, countries like France argued for user empowerment. This sparked the concept of a “right to be forgotten” – enabling citizens some control over outdated information trailing them indefinitely without legitimate grounds when its original disclosure cannot justify permanent availability given evolving contexts and preferences.

The right to be forgotten is the idea that individuals should be able to request the removal of certain personal information about themselves from public access. With the exponential growth of the internet and digital technologies, vast amounts of personal data are being collected, stored and shared online.

This data can often include information from our past – photos, posts, purchases, search histories etc – that may no longer represent who we are today or how we want to be perceived. The right to be forgotten enables people to request the deletion of outdated or irrelevant personal data.

If granted, it requires search engines and websites to remove links to that information such that it no longer appears in search results or is publicly available. This gives individuals greater control over their digital identities.

The concept originated in Europe, where comprehensive data protection laws grant citizens the right to have their data deleted under certain conditions. However, many countries still lack clear laws and regulations around this issue.

Nepal’s constitutional privacy protections

law and order - suo motu cognisance
Photo by Tingey Injury Law Firm on Unsplash

Nepal’s constitution guarantees the right to privacy under Article 28. Citizens are protected from unauthorised interference in their homes, properties and communications. However, the right to privacy differs fundamentally from the right to be forgotten.

While privacy rights prevent unwanted access to personal information, they do not enable individuals to request deletion of data that is already publicly available or require third parties to remove content mentioning them.  

The right to be forgotten functions as an additional layer of personal data protection, granting citizens control over obsolete, irrelevant information about themselves rather than just restricting real-time interference. As such, even robust constitutional privacy protections cannot substitute concrete recognition of the right to be forgotten.

Though Nepal’s constitution upholds informational privacy through Article 28, expressly solidifying the right to be forgotten would still greatly expand citizens’ autonomy over their digital identities and data trails.

As such, there is effectively zero role of the right to be forgotten in upholding informational privacy itself. The two rights work at different stages — privacy prevents unwanted intrusion into private spheres, while the right to be forgotten facilitates control over data trails that have already been made public, perhaps rightfully so, in the past.

Enshrining the right to be forgotten would expand Nepali citizens’ autonomy and control over their digital identities by letting them selectively curate public-facing information. However, it does not directly safeguard privacy which is already constitutionally guaranteed under Article 28.

While Nepal’s constitution protects informational privacy, there is no overlap or role of the right to be forgotten in further ensuring privacy. The third constitutional amendment presents the opportunity to enshrine this significant right.

Supporting the right

Photo by Ales Nesetril on Unsplash

There are strong ethical and pragmatic arguments for recognising the right to be forgotten. Fundamentally, it promotes individuals’ autonomy and dignity by enabling people to exercise reasonable control over outdated or irrelevant personal information that lingers in the public domain long after serving any legitimate purpose.

It emancipates citizens’ digital identities from being eternally tethered to past versions of themselves that may not represent who they are today. Just as we accept people’s capacity to learn, grow and change with time offline, so too should legal frameworks empower individuals to curate digital records to reflect their evolution.

More specifically, the right to be forgotten upholds privacy and data protection, especially of sensitive information, by facilitating the removal of data trails revealing health issues, financial troubles, youthful indiscretions or other details an individual may prefer not to remain permanently searchable.

It enables minimising discrimination based on stale or contextualised data that unfairly surface during key junctures like seeking jobs, insurance or loans even years after the incident. Permitting citizens to delete old data minimises security risks from potential leaks of unnecessary archives. Fundamentally, it grants individuals reasonable control over digital records from their past while allowing genuinely relevant and public-interest information to remain available.

Counterarguments

privacy for mobile devices internet safety tips
Representational image. Photo: Pixabay

However, reasonable counterarguments also caution against the unfettered expansion of deletion rights. Critics worry that enabling the unqualified erasure of publicly posted valid information could lend itself to censorship and undermine free speech principles. Additionally, the operational burdens and expenses involved in implementing automated data removal systems at scale cannot be dismissed and must be balanced against individual rights.

Another concern is that while individuals’ consent and dignity must be respected, retaining some contextualised psycho-social insights derived from human activities, albeit anonymised, can benefit future generational progress.

Lastly, as with all rights, the potential for misuse such as public figures selectively deleting facts to evade accountability can also not be ignored. Therefore, a balanced regulatory approach seems prudent.

Amending privacy laws to allow citizens reasonable control over irrelevant personal information, especially private individuals sharing intimate details about themselves, is arguably ethical. However, calls for indiscriminate and unqualified `right to be forgotten’ measures that could censor public interest information or undermine free speech may require a closer re-examination of whose rights and interests are being upheld. The solution likely entails developing nuanced policies codifying baseline control rights while retaining appropriate oversight safeguards.

A nuanced, contextual approach can balance individuals’ rights with broader societal interests. The right to be forgotten should empower ordinary citizens, especially private individuals sharing intimate life details, to exercise reasonable control over outdated or irrelevant personal data.

For instance, a woman who documented her experience overcoming a past abusive relationship should be able to request restricting access to associated blogs/posts years later if she has moved on personally and professionally.

Preserving such intimate personal data forever with her real name attached serves little public purpose. However, the right cannot extend to indiscriminate deletion of information deemed legitimately in the public interest. For example, past criminal convictions, political decisions taken by public representatives, and professional malpractices of influential figures should remain preserved irrespective of personal embarrassment considerations.

Appropriate oversight processes are needed to adjudicate requests contextually on the merits of information sensitivity, level of public relevance and passage of sufficient time rather than accepting all demands uncritically.

The oversight committees themselves should also follow set transparency standards.  Additionally, businesses cannot face excessively costly obligations for handling data removal requests.

Regulators should consult technology policy experts and enterprises to develop efficient user rights management systems using advances like metadata tagging, blockchain or anonymisation to fulfil most legitimate deletion requests without requiring manual edits of actual content. Such solutions will balance individual control with business/societal considerations for preserving select information.

Overall, collaborative governance embracing nuance rather than absolutist positions will serve citizens’ ethical claims as well as broader rights and responsibilities. With reasoned contextual wisdom, Nepal can champion privacy while also upholding transparency.

Global precedents

world map nepal
Photo: Pexels/ Suzy Hazelwood

The European Union set a global precedent when its Court of Justice upheld the case of Mario Costeja Gonzalez, a Spanish lawyer seeking the removal of a decade-old newspaper notice about his financial debts that kept appearing in Google searches despite being resolved long ago.

This landmark ruling established citizens’ rights to request deletion of outdated or irrelevant personal data undermining their dignity. In Asia too, India’s Personal Data Protection Act grants several rights to data principals, including the right to data deletion with certain exceptions, and the right to correct or update inaccurate personal data, provided the data was originally given with consent.

Likewise, Thailand’s Personal Data Protection Act allows the appropriate erasure of data no longer necessary for the original purpose. Taiwan and the Philippines also enacted similar Data Protection Acts granting contextual control rights over personal data.

These developing legal landscapes showcase that Asian countries recognise the significance of empowering citizens with nuanced control over their digital footprints rather than enabling permanent and indiscriminate archiving of all data.

South Korea’s 2020 Personal Information and Protection Act also supports aspects of the right to erasure, enabling citizens to demand unnecessary personal data that no longer requires retention for legitimate purposes be deleted on request unless specific exceptions apply.

Their Personal Data Dispute Mediation Committee further aids in enforcing this right to delist outdated information. Such institutionalisation upholds citizen dignity and autonomy irrespective of blameworthiness. The sensitivity towards allowing individuals a fresh start by erasing obsolete digital baggage resonates across cultures.

Nepal must also consider embracing this rights-based imperative that aligns both with ethical data governance principles and emerging pan-Asian policy trends. What Mario Costeja initiated in Europe finds growing accommodation in Asia’s socio-cultural milieu as well. Nepal can simultaneously champion privacy, ethics and progress by constitutionally enshrining the right to be forgotten.

As digital technologies expand the horizons of progress they also accentuate vulnerabilities around privacy, highlighting the urgency of ensuring data protection rights. Constitutional recognition of citizens’ right to control their digital identities is an ethical imperative that Nepal must fulfil through the upcoming third amendment.

By enshrining the right to be forgotten, Nepal can grant citizens autonomy over their data, enable dignity, promote forgiveness of past failings, and set higher standards of transparency and accountability for digital service providers. Getting ahead of the technology curve by addressing emerging privacy challenges will strengthen Nepal’s constitutional commitment to protecting citizens’ rights in an increasingly digitised world.

Therefore, Nepal must seize this opportunity to become an ethical steward of digital rights. The third amendment should clearly define the right to the erasure of unnecessary personal data after reasonable timespans while retaining public interest exceptions. An independent Nepali data governance committee should enforce requests based on transparent protocols valuing users’ evolving contexts not just factual accuracy. Limiting wanton commercial data retention and affirming dignified closure align social progress with digital futures.

The post Etching in stone or erasing the past: The right to be forgotten in Nepal’s third amendment appeared first on OnlineKhabar English News.

Scroll to Top