Image source: https://blog.ipleaders.in/the-right-to-privacy/

This article is written by Ansruta Debnath, a student of National Law University Odisha. This article discusses the question of the extent to which trading-off right to privacy for national interest is fair and justified.

Introduction

Privacy has been a hotly debated topic, with its implications in a wide array of topics. In the digital world, doubts over privacy have arisen. But the point of contention is not whether privacy is possible, but whether a government can do what it likes all in the name of national interest. Indians and people from the rest of the globe are not unfamiliar with the invasion of privacy by their respective governments. Thus, it becomes crucial to analyze whether trading off privacy for national interests is fair and just and to understand the extent to which such trading-off might be permitted. 

Defining the terms

Privacy

A quick Google search on privacy shows a definition of the term as the “state in which one is not observed or disturbed by other people”. In the present context, ‘not being observed’ is the basic essence of privacy. Every person, by virtue of being a human being, has the basic right to privacy. In the landmark case of Justice K.S. Puttaswamy (Retd) v. Union of India (2017), the Supreme Court declared the Right to privacy as a fundamental right and stated that the said right flowed from the Right to life that was enshrined in Article 21 of the Indian Constitution.   

Privacy permits us to build walls and maintain boundaries to protect ourselves from undue intrusion into our lives, allowing us to decide who we are and how we wish to interact with the world around us. Privacy allows us to set limits on who has access to our bodies, locations, and objects, as well as our conversations and information. Privacy, thus, denotes autonomy and human dignity.

National interest

National interest, in general, refers to the interest of the nation as a whole and not individual or individual groups. Governments take decisions and make policies all in the name of national interest. In a democratic setup like India, it becomes tricky to define what all can be done in the name of national interest because if there is an excessive infringement of rights being done by the government to “protect” national interest, the government turns into an authoritarian and totalitarian government.

What gets supremacy

The general rule is that rights can be restricted for national interest to a reasonable degree. Article 19, which contains rights of speech, association, etc. is not absolute but subject to constraints like integrity and sovereignty of India. Protecting integrity and sovereignty is a very basic national interest, and thus, reasonable restrictions in the name of national interest are justified. Even the right to life is not absolute and it can be taken away by the procedure established by law. Thus, it automatically follows that even the right to privacy, as a fundamental right, is not absolute. Balance must be struck because both these concepts have equal importance in today’s technology-driven world. Just like the areas where privacy needs to be protected is increasing, simultaneously, there are increasing avenues to commit crimes without detection. Technology has become all-encompassing, easily available, and astoundingly advanced. In this environment, safeguarding one’s identity and privacy is as simple as compromising it. Surveillance, whether voluntary or involuntary, of one’s bodily identification through the use of legal or illegal force, is relatively simple through technology.

A balance between the right to privacy and national interest 

It becomes obvious that there must be a balance between a citizen’s right to privacy and the necessity of a government to infringe upon it. In the case of Justice K.S. Puttaswamy (Retd) v. Union of India (2017), the Supreme Court of India laid down that intrusion into life or personal liberty under Article 21, which forms the “bedrock of the privacy guarantee”, would have to be “just, fair and reasonable”. Moreover, Justice Chelameswar, who was part of the nine-judge bench in this case, added another test for privacy claims which deserve the “highest standard of scrutiny” and can be justified only in case of a “compelling state interest”. The most important test is, however, given by Justice Chandrachud. The test called the ‘test of proportionality’, states that invasion of life or personal liberty must meet the three requirements: 

  1. legality, i.e. there must be a law in existence; 
  2. legitimate aim, which he illustrates as including goals like national security, proper deployment of national resources, and protection of revenue; and 
  3. proportionality of the legitimate aims with the object sought to be achieved.

The judgement makes amply clear that intrusion, whether constitutionally valid, needs to be checked on a case-to-case basis and that a common blueprint identifying what is an excessive intrusion and what is not cannot be properly defined. Thus, it is the onus on a democratic government to ensure that they don’t arbitrarily infringe upon their citizen’s right to privacy with the excuse of national interest. 

Current trend: excessive aberrations 

The state has a legal obligation to maintain internal security, law and order, and to prevent crime. In furtherance of this obligation, the state has every right to do whatever is legitimate and reasonable in the exercise of its power. Surveilling people who might affect and cause harm to the security of India is a very normal and natural thing. Although the right to privacy of the said individuals is being affected, in this case, national interest trumps privacy. But, problems arise when the national interest isn’t genuine and the need to violate privacy is being exercised to fulfil the needs of the government. Instead of selective individual surveillance, when continuous mass surveillance is done, the state turns into an Orwellian, despotic government and loses its identity as a democracy. 

Indian laws on surveillance: wide and vague

As mentioned before, a reasonable degree of surveillance has become normal now. Two main laws govern surveillance in India, the Indian Telegraph Act, 1885 and the Information and Technology Act, 2000. Both these Acts allow invasion of privacy to protect national security and national interest. 

Section 5 of the Telegraph Act allows tapping of phones and interception of messages in a public emergency or the interest of public safety. However, these terms of “public emergency” and “public safety” are quite vague, giving ample scope to the government to invade an individual’s privacy under such circumstances. The Supreme Court in People’s Union for Civil Liberties v. Union of India (1996) pointed out a lack of procedural protections in the provisions of the Telegraph Act and established specific parameters that need to be fulfilled to legally intercept anything. Yet, aberrations of those guidelines still probably remain. 

To strengthen the legal foundation for electronic surveillance, Section 69 of the Information Technology Act and the Information Technology (Procedure for Safeguards for Interception, Monitoring, and Decryption of Information) Rules, 2009 were brought about. Under this Act, any electronic data communication can be intercepted.  The scope to intercept, monitor and decrypt digital information is much wider in the case of the Information Technology Act because of the phrase “for the investigation of an offence” in Section 69. This phrase takes away the narrower, albeit undefined, ambit of “public emergency”. 

Pegasus spyware

Unfortunately, the current trend of excessive infringement of the right to privacy is an indicator of the gradual transformation of the Indian Government into a surveillance state. The Pegasus fiasco is just one of the many examples. Pegasus, which is an Israeli spyware, was said to have been used in 2019 to extract, monitor and actively collect data from the phones of over two dozen Indian academics, lawyers, journalists and Dalit activists. Initially licensed to governments to track terrorists and criminals, allegations were made that the government was using that spyware ahead of the 2019 Lok Sabha elections. Even though they were simply allegations, the Indian Government has till now not been able to satisfactorily respond to widespread claims. In essence, the government never specifically denied that they have been illegally using the spyware, dismissed the allegations and refused to discuss the issue in the 2021 monsoon session of the Parliament, all in the name of national security and interest. The Supreme Court of India, headed by Chief Justice of India NV Ramana admitted numerous petitions regarding the Pegasus spyware, and in October 2021 constituted an independent expert technical committee headed by former Justice R.V. Raveendran to examine all the allegations. Making it clear in the order that the State is not entitled to “a free pass every time the spectre of “national security is raised”. A “thorough inquiry” into allegations of unauthorised surveillance using the spyware has been set as the task of the committee. 

Aadhar and its problems 

The Aadhar card scheme was launched in 2010 and is a twelve digit individual identification number issued by the Unique Identification Authority of India on behalf of the Government of India. The number serves as a proof of identity and address, anywhere in India. The Aadhar essentially stores all types of information from demographic to biometric data and is linked to the Permanent Account Number (PAN) and our bank accounts. Its launch triggered numerous questions on whether it breached the citizen’s right to privacy, something which got exacerbated by the 2018 Aadhar data breach, which the World Economic Forum declared as the largest recorded breach in its Global Risks Report.

Thus, apart from data protection concerns, the main contention was that the biometric data being stored by the government would just become another means of surveillance. 

International forum

Article 12 of the Universal Declaration of Human Rights, which was internationally adopted in 1948, states “no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation and that everyone has the right to the protection of the law against such interference or attacks.” Furthermore, Article 17 of the International Covenant on Civil and Political Rights (1966) reiterates the same principle. Thus, even in the international forum, the basic principles of the right to privacy resonate. 

The International Covenant on Civil and Political Rights, to which India is a signatory also stated as a general comment (No. 16) to Article 17 that personal information collected and stored on computers, data banks, and other devices, whether by public authorities or private people or groups, must be governed by law. States must take effective steps to guarantee that information on a person’s private life does not fall into the hands of others who are not legally entitled to receive, handle, or use it, and that it is never used for purposes that are incompatible with the covenant. To ensure the most effective protection of one’s private life, every individual should have the right to know, in an understandable manner, if and what personal data is saved in automated data files, and for what purposes. 

Need for established law

In 2012, a Planning Commission-appointed group of experts led by Justice (retd.) A.P. Shah issued a thorough report outlining a framework for a Privacy Act. It stated that such legislation should recognise all aspects of the right to privacy and address issues about data security, protection from unauthorised interception and monitoring, use of personal identifiers, and physical privacy. Outlining a set of privacy principles, the committee stated that the data controller should be held accountable for the collection, processing, and use of data. The government cannot neglect its obligation to safeguard citizens from the risks of the cyber era in its eagerness to gather data in electronic form and better target subsidies.

Yet, adequate privacy legislation has still not come into existence. The above discussion makes it quite clear that there is an urgent need for the said legislation. Countries like the United States have already begun the process of legislating comprehensive data privacy laws, with individual states bringing about laws like the Californian Consumer Privacy Act, 2018. The European Union on the other hand brought about the extensive General Data Protection Regulation in 2018. 

Conclusion

The initial question that was asked at the beginning of the article was whether trading off citizens’ right to privacy is fair. It can be concluded that while that trade-off is legitimate to a certain degree, excessive invasion of privacy does not have any legal basis. Using national interest as an excuse cannot be permitted anymore. Laws in foreign jurisdictions have shown that comprehensive privacy laws are possible. The only thing left to do is for the lawmakers to make them.

References

  1. What is Pegasus spyware: All you need to know | India News
  2. Explained: The laws for surveillance in India, and concerns over privacy
  3. Conflict and Scope of Fundamental Right to Privacy: Who’s Watching You? – Academike
  4. Privacy versus National Interest – An overview – The Law Blog
  5. Justice K.S.Puttaswamy (Retd) vs Union Of India on 26 September 2018

LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join:

https://t.me/joinchat/L9vr7LmS9pJjYTQ9

Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.

LEAVE A REPLY

Please enter your comment!
Please enter your name here