This article was written by Geetika Kaushik pursuing a Diploma in International Contract Negotiation, Drafting and Enforcement course from LawSikho and edited by Koushik Chittella.
This article has been published by Shashwat Kaushik.
Table of Contents
Introduction
As individuals, everybody wants privacy in their lives to be able to live more fully. But what if somebody keeps an eye on you – 24 hours a day, 7 days a week? You’ll be uncomfortable and not be able to live the way you want; you cannot be yourself. For this, our Constitution has provided a fundamental right, i.e., the right to privacy. Though the right to privacy is not an absolute right and is not explicitly mentioned anywhere in the Constitution, it is a part of Article 21 of the Constitution.
But if the right to privacy becomes an absolute right, it may lead to negative consequences, as people can misuse it. Therefore, there should be an equal amount of surveillance to prevent these consequences. Public surveillance is equally important as the right to privacy, but what should be the exact amount of surveillance that will be justified to protect the right to privacy at the same time? What if there is no authority for surveillance or if there is no right to privacy? And what is the position of India regarding privacy protection laws?
Right to privacy
In simple terms, privacy means not publicising someone’s personal information without their permission. Privacy allows you to access what a person can access. It plays a vital role in building a reputation in society. Nobody wants to share their personal issues, likes, dislikes, beliefs, thoughts, feelings, communications, secrets, identities, etc. based on which people can judge them. Everybody has the right to keep their personal things private. It should be a choice of what a person wants to disclose about themselves or not. Therefore, the right to privacy has been introduced to the Constitution as a fundamental right.
Article 21 of the Indian Constitution, which is the right to life and personal liberty, implicitly mentions the right to privacy as a fundamental right. In India, the right to privacy has always been a controversial topic for many decades, as it is not explicitly mentioned in the Constitution. However, in the case of K.S. Puttaswamy v. Union of India, the nine-judge bench reaffirmed that the right to privacy is a fundamental right provided by the Constitution and is covered under Article 21 of the Constitution. But unlike other fundamental rights, it is subject to some limitations so that nobody misuses their right to privacy.
Privacy and surveillance
According to the Cambridge Dictionary, surveillance means ‘the act of watching a person or a place’, or, in simpler terms, ‘monitoring’. Whenever the words “surveillance” and “right to privacy” are heard, there will always be questions. If there is a right to privacy, then what is the need for surveillance? Why does almost every street have CCTV cameras? Why can authorised authorities access our data? Can privacy and surveillance exist together?
The answer to all these questions is that surveillance is equally important as the right to privacy to have control over terrorism and crime and to maintain the state’s integrity, sovereignty, security, etc. If citizens feel that nobody is watching them, then the rate of wrongdoing or crimes will eventually increase.
So, the question should not be “Can the right to privacy and surveillance exist together?”, the bigger question is how, when, and what kind of surveillance should be there so that the right to privacy and surveillance can still co-exist.
Privacy in the digital era
In this era of the digital world, everybody seeks privacy, but the reality is contrary to that. In this digital era, every piece of information regarding a person is stored on the computers of IT companies, which includes our search history, interests, and even our location. Then it may be used to earn revenue and offer it through advertisements. It may also include our personal conversations. Due to weak data protection laws, anybody can have access to our lives, which can be horrible for many people. Technological progress has created tension and incompatibility between the right to privacy and the extensive data pooling on which the digital economy is based. Mass collection of data and not having appropriate technology and laws to secure this data can lead to the mass destruction of the right to privacy of many individuals.
Though India has taken steps towards implementing data protection laws, as many judgements and laws have been passed for data protection and the right to privacy, these laws are not enough to protect and secure data, and India needs to adopt stronger data protection technology to secure all the data that is present in the digital form.
Laws governing right to privacy in India
There are various provisions of laws that govern the right to privacy in India, including:
- Article 21 of the Constitution: The right to privacy is not specifically mentioned anywhere in the Constitution, but it is an implied fundamental right under Article 21, i.e., right to life and liberty, subject to reasonable restrictions and required safeguards.
- Section 69 of Information Technology Act, 2000: Section 69 allows the central and state governments to intercept, monitor, and decrypt any information if it satisfies any of the following requirements:
- to maintain the sovereignty and integrity of the Country or the State
- for the security of the country or the state
- to maintain friendly relation with the foreign countries
- to maintain public order
- to prevent incitement to the commission of an offence
- to investigate any offence.
- Section 43A of Information Technology Act, 2000: Section 43A provides protection to any personal data stored by any corporate body dealing with possessing or handling any sensitive data. According to this Section, any such body, if fails to take reasonable security measures to secure the data, is liable to pay damages to the aggrieved parties.
- Rule 22 of the IT (Procedure and safeguard for interception, monitoring and decryption of information) Rules states that a review committee, headed by the cabinet secretary, will be conducted every two months to review all the cases of interception, monitoring and decryption.
- Section 5(2) of Indian Telegraph Act, 1885: This section allows the central and state governments to intercept or detain any telegraph on the occurrence of any threat to:
- The interest of public safety
- Public emergency
- Sovereignty and integrity of the state or country
- Friendly relations with foreign countries
- Preventing incitement or commission of any offence
- Rule 419-A of Indian Telegraph Rules, 1951: This rule gives directions governing telephone interception or monitoring the transmission of telegraph. The required interception shall be carried out by the head or the second senior most officer of the authorised security, i.e., the law enforcement agency at the central level, and the authorised officer should not be below the rank of Inspector General of Police at the state level.
- Digital Personal Data Protection Act, 2023: In 2017, central government constituted a committee of experts on data protection, headed by Justice B.N. Srikrishna. The committee submitted its report in 2018, based on which, in 2019, a bill was introduced in parliament for the protection of sensitive digital data. The draft of the Personal Data Protection Bill, 2022, has been realised for public feedback. Later, in 2023, it was introduced again in the Lok Sabha. After being passed in both houses, it received presidential assent and became the Digital Personal Data Protection Act, 2023.
- Section 8(1)(j) of Right to Information Act, 2005: This section states that no personal information will be disclosed if it does not include public interest or can violate someone’s right to privacy.
- Section 66 and Section 72 of the Information Technology Act, 2000: These sections of the IT Act penalise cybercrimes related to computers like hacking, fraud, etc. They provide a criminal penalty if any government official discloses any personal information without the consent of the concerned person.
Relavant cases
The right to privacy has long been a contentious issue in India. Numerous decisions have been made in this regard, some of which are in favour of the right to privacy as a fundamental right and some of which are limiting the right to privacy.
Limiting the right to privacy
- M.P. Sharma and others vs. Satish Chandra: This is the first case that mentions the right to privacy. In this case, it was held that search and seizure do not violate any fundamental right, as they are only for a temporary period of time and do not infringe the right to privacy.
- Kharak Singh vs. State of U.P.: In this case, it was held that the right to privacy is not a guaranteed right under our Constitution, but two of the judges dissented the said judgement, mentioning that it can be derived as a right of a person given under the Constitution.
- Govind vs. State of M.P.: This is a remarkable judgement in the ambit of the purview of the right to privacy. In this case, it was held that the right to privacy is not an absolute right and that there should be some reasonable restrictions that are to be imposed on right to privacy.
- R. Rajgopal & Ors. vs. State of Tamil Nadu & Ors.: This case dealt with the freedom of press vis-à-vis right to privacy, and it was held that if somebody voluntarily thrusts themselves into controversy, then right to privacy will not be available for them.
In favour of the right to privacy
- People’s Union for Civil Liberties vs. Union of India & Ors.: This case mainly focused on digital privacy, where it was held that even if the right to privacy is not explicitly mentioned anywhere, it is an implied fundamental right under Article 21 of the Constitution. In this case, it was also held that telephone tapping comes under the ambit of infringement of right to privacy unless it was done in accordance with law, and the court provided certain guidelines for interception of data.
- Selvi vs. State of Karnataka: This case dealt with the narcotics test vis-à-vis right to privacy, in which Hon’ble Supreme Court held that this test is violative of the right to privacy, which is implicitly given as a fundamental right under Article 21 and Article 20(3), as such a test will constitute cruel, inhuman and degrading treatment. Therefore, it was held that such kinds of tests can only be conducted with the consent of the accused.
- K.S. Puttaswamy (Retd.) & Anr. vs. Union of India & Ors.: This is a very recent and one of the most important judgements in the history of the right to privacy. In this case, the court said that the right to privacy is a fundamental right under Article 21 of the Constitution, and not just derived from it. The Court also said that the right to privacy can also be restricted when the situation meets any of the three requirements:
- legality, which postulates the existence of law.
- need, defined in terms of a legitimate state aim, and
- proportionality, which ensures a rational nexus between the objects and the means adopted to achieve them.
Conclusion
The right to privacy has been declared our fundamental right, but with some reasonable amount of surveillance or restrictions so that nobody can take any wrongful advantage of this right. It is important to maintain the balance between the right to privacy and surveillance so that citizens have the liberty to live their lives freely and feel safe knowing that they are under surveillance. Though India already has some laws and rights regarding the right to privacy and surveillance, laws protecting data need judicial oversight for greater transparency in the system.
References
- https://elplaw.in/wp-content/uploads/2018/08/Data-Protection-26-Privacy-Issues-in-India.pdf
- https://www.mondaq.com/india/privacy-protection/625024/right-to-privacy-a-fundamental-right-now
- https://blog.ipleaders.in/data-protection-laws-in-india-/
- https://www.juscorpus.com/wp-content/uploads/2023/02/205.-Abhishek-Gupta.pdf
- https://techcrunch.com/2019/09/26/privacy-queen-of-human-rights-in-a-digital-world/?guccount=