In this blog post, Pramit Bhattacharya, student, Damodaram Sanjivayya National Law University, writes about the concept of Right to Privacy. Although there is no specific legislation which deals with the Right to Privacy, there are some other laws which deal with it. The post also looks at the Privacy Bill, 2011, which might become a Privacy Law shortly.
With the broadening of the legal spectrum, we’ve achieved a lot. The Courts in India have interpreted the Constitution in numerous ways, which has given us a lot of rights. We have the right to life, the right to food, the right to a healthy environment, the right to information, etc. Add to this the right to be left alone. Ring any bells?
Well, it is the right to privacy. This right is conferred not only upon individuals but every person of the country. Interpretation of this statement means that the right to privacy applies to body corporates and artificial persons also.
The term privacy, in this context, refers to use and disclosure of certain private information.
There is no specific legislation in India which deals with privacy and protection of data. But the right to privacy can be derived from various other laws which pertain to issues like the contractual relationship between parties, intellectual property, information technology, etc., now, although there is no specific legislation for the protection of privacy, the Indian Courts do recognize this right as an implied right.
Right to Privacy under the Constitution of India
Article 21 of the Constitution can be said to have the widest meaning. There has been the innumerable interpretation by the Courts regarding this Article. Article 21 states that no person shall be deprived of his life and liberty, except through the procedure laid down by the law. This Article also includes under its wide range the right to privacy. Right to privacy can also be termed as the ‘right to be left alone.” The Apex Court of our country has given various judicial pronouncement regarding the issue. The phrase “right to be left alone’ was coined in the landmark case of Kharak Singh v the State of UP.[1] Although a minority judgment with regards to the current issue, the Court emphasized on the need to recognize such right as privacy is one of the essential elements of personal liberty.
About a decade later, the Court reinstated its view in the case of Govind v State of MP where Justice Mathews through the Court stated that the right to privacy would have to go through the process of case-to-case development.[2] The concept was further discussed and deliberated in the case of R Rajagopalan v State of Tamil Nadu[3] where the court stated that the right to privacy is an implicit right which has been provided under Article 21 of the Constitution. It was also observed by the Court that an individual has the right to protect his privacy, the privacy of his family marriage, childbearing, procreation, education, among other things and no one has the right to publish any details about these things without the consent of the person, regardless of the fact that whether the information is true or false, and whether critical or laudatory in nature, until and unless such information is the part of the public records.
Looking at the above judicial pronouncements, it becomes very clear that the Courts also supports the right to privacy of a person. The importance of this right can also be ascertained by the fact that the right falls under the purview of Article 21 (according to the interpretation provided by the Courts), which is one of the most important Articles of our Constitution, and which cannot be suspended even in time of grave emergencies.
Privacy under Contract Law
In the Indian legal setup, the Indian Contacts Act, 1872 governs the formation of a contract. There are certain ways in which the contracting parties can decide to keep the information about the contract confidential by adding the confidentiality clause in the agreements while framing of the contract. Breach of the clause may lead to the termination of the contract between the parties. Through the privacy or the confidentiality clause, the parties many disclose only that amount of personal information which has been agreed between them or which is necessary for the formation of the contract. Any unauthorized disclosure by any of the parties may attract damages as a result of a default.
Privacy under Torts Law
Torts law is uncodified and unwritten law and is followed through precedents. But this does not mean that it does not recognize the right of privacy. The right to privacy is enshrined in the law of torts also in the form of harassment, trespass, defamation, nuisance and breach of confidence. For instance, the tort of defamation follows the principle that every person has the right to protect his personal life and reputation and no other party can injure his reputation by publishing any defamatory matter about him or by making personal information public
The Obligation to Maintain Privacy under Certain Relationships
There are some specific inter-personal relationships where the parties are under the duty to maintain confidentiality and secrecy. For example, the communication between the husband and wife is privileged, and anything communicated between the parties cannot be used against them.
Other such relationships include the relationship between a doctor and a patient, a client, and an attorney, and a customer and his insurer. The parties are under professional and ethical obligation to protect the information provided by the other party and thereby upholding their right to privacy. [Sec 126[4] of the Indian Evidence Act, 1872, talks about “professional communication”]
Information Technology Act, 2000
The IT Act, 2000 also talks about compensation and punishment in case any person data is misused, or wrongfully disclosed. The Act creates personal liability on a person if he uses any computer system and data stored therein in an unauthorized and illegal manner.
Intellectual Property Law
The Indian Copyright Act prescribes mandatory punishment for violation of copyrights depending on the gravity of the offense. In simple language, a Copyright violation can be termed as an unauthorized use of personal data of a person without his or her consent.
Credit Information Companies Regulation Act, 2005 (CICRA)[5]
As per the CICRA credit information belonging to individuals in India is to be collected as per the privacy norms which has been laid down by the CICRA. The entities who are collecting the data and maintain the records of the data are to be held liable if there is any alteration of leakage of the data. CICRA has created a strict framework for information about credit and finances of the individuals and companies in India.
The Privacy Bill, 2011[6]
The Privacy Bill, 2011 is the draft bill of a potential privacy law which we may have in our country. The bill provides for the right of privacy for the citizen of this country. The bill also lays down some regulations which have to be followed in the collection, maintenance, use and publication of personal information of the citizen and also provides for penalization if the violation of any right takes place.
Some relevant sections mentioned in the Bill are as follows-
- Section 3 talks about the right to privacy.
- Section 5 talks about infringement of privacy.
- Section 15 talks about the security of personal data.
- Section 16 talks about the notification in case of breach of security.
- Section 22 talks about trans-border flow of personal data.
- Section 23 talks about interception of communication
- Section 24 provides for safeguards in case there is an interception of communication.
- Section 26 talks about installation and use of CCTV cameras.
- Section 27 talks about protection of CCTV images.
- Section 32 talks about the establishment of the Data Protection Authority of India.
- Section 43 talks about National Data Controller registry.
- Chapter X as a whole talks about offenses and penalties.
There exists a need to have a concrete law which protects the “Right to Privacy” of individuals. This has become an imperative issue since now a days, with the advent of the internet, a lot of personal data gets leaked. Also, many customer- service businesses possess a lot of personal information about their customers which can be misused in many ways, if the information falls into wrong hands.it is very clear that despite many judicial pronouncements by the Courts, ethical arguments in favor of right to privacy, and non-mandatory regulations, the right to privacy, without a specific law remains only a de facto right.
Concluding Remarks
The urgency for a need of such a statute which protects the privacy of individuals is reinforced by the absence of any monitoring system which safeguards the private and personal information of individuals. There is also need to have a uniform law which is compatible with international privacy laws because now the flow of data has become trans-national due to globalization. For instance, India is set to become the global Centre for setting up and operating call centers. The BPO sector in India is on a rise. In such a case, a large amount of data has already been collected, and if such operations remain unregulated, the situation for the Indian customers could deteriorate as they are not protected by any privacy law which guards their interests.
[divider]
Footnotes:
[1] AIR 1963 SC 1295: (1963) 2 Cri LJ 329
[2] (1975) 2 SCC 148: 1975 SCC (Cri) 468
[3] 1995 AIR 264, 1994 SCC (6) 632
[4] http://ncw.nic.in/Acts/THEINDIANEVIDENCEACT1872.pdf
[5] http://www.lawctopus.com/academike/position-perspective-privacy-laws-india/
[6] http://cis-india.org/internet-governance/draft-bill-on-right-to-privacy