The Delhi High Court’s ruling of May 29, 2026, in Laksh Vir Singh Yadav v. Union of India, has for the first time given India a structured, judicially articulated doctrine on the “right to be forgotten” — the right of an individual to have outdated, irrelevant, or prejudicial personal information de-indexed or masked from public digital platforms. This ruling arrives at a moment when India’s digital footprint has expanded dramatically, and when court judgments, FIRs, and news archives continue to haunt individuals long after their legal disputes have been resolved.
The case is significant because it consolidated over 30 petitions and produced the first comprehensive framework balancing privacy against the equally important constitutional value of open justice. For UPSC aspirants, this ruling is a textbook illustration of how fundamental rights under Part III of the Constitution evolve through judicial interpretation, and how competing rights — privacy versus free speech and the public’s right to know — are reconciled through the doctrine of proportionality.
This matters for India’s governance architecture because the right to be forgotten sits at the intersection of three unsettled areas of law: constitutional privacy jurisprudence following K.S. Puttaswamy v. Union of India (2017), the yet-to-be-operationalised Digital Personal Data Protection (DPDP) Act, 2023, and the diverging approaches taken by various High Courts. A coherent national framework is essential as India moves towards greater digitisation of judicial records and public data.
Background and Context
The “right to be forgotten” is not indigenous to Indian jurisprudence. It gained global recognition through the 2014 European Court of Justice ruling in the Google Spain case involving Mario Costeja González, which was later codified into Article 17 of the European Union’s General Data Protection Regulation (GDPR). India lacked a comparable statutory right until the Delhi High Court stepped in to fill the vacuum through judicial reasoning grounded in Article 21.
Five Important Key Points
- The Delhi High Court ruled that the right to be forgotten flows from Article 21’s guarantee of dignity and informational privacy, as first recognised in the nine-judge Puttaswamy judgment of 2017.
- The Court adopted a structured proportionality test requiring that retention of information serve a legitimate purpose, that privacy harm be weighed against public interest, and that the least intrusive remedy — typically name-masking rather than deletion — be preferred.
- The judgment prescribes a two-week compliance deadline for legal databases and clarifies that only party names, not the underlying facts of a case, should be redacted.
- The Digital Personal Data Protection Act, 2023 provides only a limited statutory right to erasure under Section 12, which is consent-based and does not explicitly cover judicial records or public archives.
- The ruling leaves unresolved institutional questions, including who should adjudicate erasure requests — courts, platforms, or the yet-to-be-constituted Data Protection Board.
Constitutional and Legal Framework
Article 21 of the Constitution guarantees the right to life and personal liberty, and the Puttaswamy verdict expanded this to explicitly include informational privacy as a facet of individual dignity. However, this right is not absolute; it competes with Article 19(1)(a), which protects freedom of speech and press, and with the foundational principle of open justice that underlies India’s judicial system. The Delhi High Court’s proportionality test attempts to harmonise these competing constitutional values rather than allowing one to override the other categorically.
Divergent Judicial Approaches Before the Ruling
Prior to this judgment, High Courts across India adopted inconsistent approaches. Some courts permitted anonymisation in sensitive matrimonial and criminal matters, while others rejected similar requests citing the primacy of open justice. This inconsistency created legal uncertainty and unequal protection for citizens depending on jurisdiction, which the Delhi High Court’s structured framework now seeks to remedy, albeit only persuasively for other High Courts until the Supreme Court settles the matter definitively.
The DPDP Act Gap
The Digital Personal Data Protection Act, 2023 remains India’s primary data protection legislation, but its erasure provisions under Section 12 are narrowly consent-based and largely inapplicable to judicial records, which are created independent of individual consent. Furthermore, the rules under the Act have not been notified, and the Data Protection Board — the institution meant to adjudicate such disputes — remains non-functional. This regulatory vacuum means that, for now, enforcement of the right to be forgotten depends entirely on voluntary judicial and platform compliance rather than a statutory mechanism.
Enforcement Challenges
The most significant weakness identified in the ruling itself is enforcement. De-indexing a judgment from a search engine’s results does not guarantee removal from mirror websites, archived pages, or social media shares. Search engines are structurally designed such that the original allegation — described in the judgment as the “shadow of crime” — often surfaces before any correction. Without binding technical cooperation from platforms, the right risks remaining largely symbolic rather than substantively protective.
Institutional Design Question
A crucial governance question raised by legal scholars is who should decide erasure requests at scale. Requiring every application to go through courts would create backlogs given India’s already overburdened judiciary, while delegating decisions entirely to private technology companies raises due process and transparency concerns. A tiered mechanism — routine requests handled by platforms, contested cases escalated to the Data Protection Board, and only genuinely complex judicial matters reaching courts — has been proposed as a practical middle path.
Way Forward
India needs the Supreme Court to authoritatively settle the right to be forgotten as a pan-India constitutional principle, ensuring uniformity across jurisdictions. Simultaneously, the Union government must expedite notification of DPDP Act rules and operationalise the Data Protection Board without further delay. Legal database operators should be mandated to adopt standard operating procedures for time-bound redaction requests, and technology platforms must be brought within a cooperative framework — potentially through amendments to the Information Technology Act — to ensure de-indexing translates into genuine removal from public visibility, not just symbolic compliance.
Relevance for UPSC and SSC Examinations
For UPSC Mains, this topic is directly relevant to GS-II under Indian Polity and Governance, specifically Fundamental Rights (Article 21), judicial interpretation of the Constitution, and issues relating to the Digital Personal Data Protection Act. It also connects with GS-III under the Science and Technology segment covering data protection and cybersecurity governance. For SSC examinations, aspirants should remember key terms: Article 21, Puttaswamy judgment (2017), Digital Personal Data Protection Act 2023, GDPR Article 17, and the doctrine of proportionality.