This article delves into the intricate relationship between media and privacy
is governed by a web of laws and regulations, both at the international and
national levels. Media, often regarded as the disseminator of knowledge,
entertainment and news serves as a vital bridge connecting individuals to the
Privacy, in the other hand, is a fundamental human right, the guardian of our
personal boundaries in an increasingly interconnected society. These legal
frameworks aim to strike a delicate balance between the freedom of speech and
expression and the protection of personal information.
In this comprehensive exploration, we will delve into the various dimensions of
media, privacy, the laws that govern them, and the evolving challenges they face
in today's interconnected world. Furthermore, it scrutinizes the privacy
challenges that individuals encounter in India's digital age and the remedies
available to safeguard personal information.
Definition Of Media And Privacy
Definition of media:
The term media is obtained from the Latin term 'medium, which means carrier or
mode. Media is a platform for conveying something to the world. Such
communication is done by way of newspapers, magazines, radio, the internet,
telephone, promotional messages, education, movies, music, and so on.
Definition of privacy:
The term privacy is derived from the Latin term 'privatus, which means
restricted, isolated, peculiar, or personal. Simply, privacy it means "right to
be let alone". Privacy is an inherent right or birth right of individuals. Every
institutions, individual, or group of people has a right to disclose information
about themselves to others.
Laws Relating To Media And Privacy
Laws relating to privacy:
The International Arena's protection of the right to privacy:
The Universal Declaration of Human Rights, under Article 12, says that "no one
shall be able to arbitrary interfere with his privacy, home, correspondence,
home, family, or attack his reputation or honor. Everyone has a right to the
protection of laws against such attack or interference". The UDHR helps to
protect the privacy rights of individuals from states arbitrary interference.
The International Convent on Civil and Political Rights, under Article 17, says
that "unlawful interference or arbitrary interference with his family, privacy,
home, or correspondence, not to unlawful attacks on his reputation and honor".
India has ratified the same convention because it is mandatory to take the
necessary steps to enact laws for its citizens.
The Convention on the Rights of the Child, under Article 16 provides to protect
the privacy of the children from arbitrary or unlawful interference, and the
state that ratified the convention can take the necessary steps to enact laws to
protect the privacy of the minor. Similar to the Juvenile Justice (Care and
Protection of the Children) Act, which says that no media shall publish the
juvenile's name, school, or address in conflict with the law, the main aim of
this act is to provide proper care and protection to the juvenile, so privacy
details of the juvenile shall not be published by any media.
Constitutional provisions linked to the right to privacy:
- The right to privacy is also call as a fundamental right under the Indian
- Article 19(1)(a) states that freedom of speech and expression, but it along with
certain reasonable restrictions under Article 19(2).
- Article 21 states that right to life and personal liberty, which means "no
person shall be deprived of his life or personal liberty except according to the
procedure established by law". It includes the right to privacy.
Initially, in this case of MP Sharma vs. Satish Chandra
, the fundamental right
does not include the right to privacy. After some years, the case of Kharak
Singh v. State of Uttar Pradesh says that the privacy right is not a fundamental
right but includes the right to life and personal liberty. Finally, the case of
K.S. Puttusmawy v. Union of India says the privacy right is recognized as a
fundamental right under Article 21 of the Right to Life and Personal Liberty of
Landmark judgment of Article 21: Right to Privacy
People's Union for Civil Liberties vs. Union of India in this case is also
called a telephone tapping case. The apex court held that telephone tapping is
considered a violation of the right to privacy under Article 21 of the
Rajagopal v. Union of India
The Supreme Court held that the publication of one
person's personal information without his or her consent was a violation of
privacy under Article 19(2).
Information Technology Act, 2000:
Section 43A of the Information Technology Act was inserted in the 2008
amendment, and it gives "sensitive personal data" that possesses, handles, or
deals with any corporate body. They should maintain reasonable security to
protect such personal data.
If any negligence arises, the corporate body will be
responsible for paying compensation to the affected person. Subsequently, for
further clearance of the above amendment, the government presented the IT
(Reasonable Security Practices and Procedures and Sensitive Personal Information
or Data) Rules, 2011.
Indian Penal Code, 1860:
Section 228A says that no one can publish the details of the rape victim. If
anyone publishes the details of a rape victim, the person will be liable for
Digital Personal Data Protection Act, 2023:
The main aim of this act is to protect the digital personal data of individuals,
and this act recognizes the right of individuals to protect their personal data.
Such personal data can be used only for lawful purposes.
Laws relating to media
- Section 8(5): The data fiduciary has a duty to provide the proper, reasonable security to protect data privacy from breach. (The data fiduciary defined in Section 2(i) means a person who processes the personal data)
- Section 8(6): If data privacy was breached, the data fiduciary has a duty to intimate the same to the board and the affected data subject. (The data principle defined under Section 2(j) means a person to whom personal data is disclosed)
- Section 9: The data fiduciary, before processing the child's or disabled person's personal data, must receive proper consent from the verified lawful guardian of the child's parent or legal guardian.
- Section 10: The central government notifies that data fiduciary or any class of data fiduciary as a significant data fiduciary found on the assessment. The significant fiduciary has the power to appoint the data auditor to carry out the data audit. The periodic personal data protection assessment process comprises a description of the data principles' rights and the purpose of processing the assessment, personal data, and management of risks to the data principles' rights.
Press Council of India Act, 1978:
The Press Council of India is an autonomous body that regulates the print media
in India. It ensures the freedom of the press and maintains professional
standards for journalists.
Power to censure: Section 14
If any complaint is raised with the council, the council gives the newspaper,
journalist, or concerned person the opportunity to be heard and make an inquiry
under the grounds of the act. The council would not entertain any case if there
was not sufficient ground for the hold.
Article 19(1)(a) does not mention freedom of the press. The Supreme Court in
Romesh Thapper v. State of Madras stated that freedom of speech and expression
includes freedom of the press.
In Brij Bhushan and Another v. The State of Delhi,
the Supreme Court held that
the imposition of pre-censorship on a journal is a restriction on the liberty of
the press. The Supreme Court first recognized the right to privacy.
In Kharak Singh v. State of Uttar Pradesh
, Article 21 was not referred to, but
in the subsequent case of Rajagopal v. State of Tamil Nadu, it was directly
linked to Article 21. When there is a conflict between the right to privacy of
individuals and the right to know of citizens, at that point, the right to know
will prevail as it serves the larger public interest.
In State of U.P. v. Raj Narai
n, the right of the citizen to know is defended by
the court. A public servant visiting a lady friend and getting drunk with her.
It should not be a news item, as it does not fulfill the public purpose.
Cable Television Networks (Regulation) Act, 1995:
This law regulates cable television networks in India. It provides guidelines
for the operation and licensing of cable TV networks and prohibits the
transmission of certain content that may be harmful or offensive.
Cinematograph Act, 1952:
This act regulates the certification of films for public exhibition in India.
The Central Board of Film Certification (CBFC) is responsible for certifying
films and ensuring that they comply with certain guidelines.
Information Technology Act, 2000:
This act deals with electronic commerce and electronic records, including
digital signatures and cybercrimes. It has provisions related to the regulation
of online content and the liability of intermediaries like social media
The Advertising Standards Council of India (ASCI) is a self-regulatory
organization that monitors and regulates advertising content in India. It
ensures that advertisements are truthful, not misleading, and do not offend
Indian law recognizes both civil and criminal defamation. Defamation laws
protect individuals and organizations from false and damaging statements made
through various media. Shreya Singal v. Union of India states that comments in
electronic form also include freedom of speech and expression.
National Security Laws:
India has several laws, such as the Official Secrets Act, that deal with
national security and espionage. These laws have implications for media
reporting on sensitive matters.
Intellectual Property Laws:
Copyright, trademark, and patent laws protect the intellectual property in media
Privacy Challenges In India
It is a practice by which operators of websites and third parties collect,
store, and share information about visitors' activities on the World Wide Web.
User activities include websites visited, watched videos, interactions on social
networks, online shopping, and online transactions. Websites like Netflix,
Instagram, and YouTube collect information about what shows users watch, which
helps them suggest more shows that they might like. Search engines like Google
will keep a record of what users search for, which could help them suggest more
relevant searches in the future. Law enforcement agencies may use web tracking
to spy on people and avoid crimes.
Internet Protocol (IP) Addresses
Web browsing is linked to a user's personal information, like user location,
preferences, locations, purchases, and more, which can be revealed just by what
page a user visits. This allows us to draw conclusions about the user and
analyze patterns of activity. The use of web tracking can be controversial, and
when it is done without the knowledge of a user, it may be considered a breach
of browser security.
On mobile, the most advanced method is to use the mobile browser Firefox Focus,
which mitigates web tracking.
All websites receive and track the IP address of a visitor's computer. Companies
need to match data over time to associate the address and name with the IP
An HTTP cookie is data stored on a user's computer that assists in automated
access to web features or other state information required in complex websites.
Generally, websites have not made the user explicitly aware of the cookies. It
can violate privacy.
It may lead to the theft of users' information and put them at risk. Information
was easily accessible to the third party.
Cookies have a 'deny' option, and we can select it. By doing so, we can protect
our data from third parties.
Firefox doesn't have a cookie system.
Photographs on the Internet
Nowadays many people have digital cameras and post their photographs online.
"Facial Recognition and Privacy Law", much of it explaining how "privacy law, in
its current form, is of no help to those unwillingly tagged." Any individual can
be unwillingly tagged in a photo and displayed in a manner that might violate
them personally in some way, and by the time Facebook gets to take down the
photo, many people will have already had the chance to view, share, or
Search engines also can retain user information, such as location and time spent
using the search engine, for up to ninety days. Most search engine operators use
the data to get a sense of which needs must be met in certain areas of their
field. Eg. Yahoo, Google
Misuse of Hidden Cameras and Microphones
The use of hidden cameras and microphones for investigative reporting can raise
ethical questions. While these tools can expose corruption and wrongdoing, their
misuse can infringe on the privacy of individuals who are not engaged in any
Data Privacy and Hacking
In the era of digitalized world, media organizations can access and publish
personal data without consent. Hacking into personal accounts obtain private
information for news stories can violate privacy laws and ethical standards.
Consent and the Right to Be Forgotten
Media organizations should consider obtaining consent when publishing personal
information. In some cases, individuals may request that certain information
about them be removed from public records or media archives, which raises
questions about the "right to be forgotten.
Under the Information Technology Act, 2000 (IT):
Under The Digital Personal Data Protection Act, 2023(DPDP)
- Section 65 of the act: Obstructive with the document saved in a computer: Fine of Rs.2 lakhs or imprisonment of 3 years or both.
- Section 66 of the act: Offences related to the computer and any other act mentioned in section 43: Fine of Rs.5 Lakhs or imprisonment of 3 years or both.
- Section 66B of the act: Receiving the theft computer source: Fine of Rs.1 Lakhs or imprisonment of 3 years or fine or both.
- Section 66C of the act: Identify was theft by someone: Fine of Rs.1 Lakhs or imprisonment of 3 years or both.
- Section 66D of the act: Cheating by personation using computer sources- Fine of Rs.1 Lakhs or imprisonment of 3 years or both.
- Section 66E of the act: Violation of Privacy: Fine of Rs.2 Lakhs or imprisonment of 3 years or both.
- Section 66F of the act: Cyber Terrorism: Life Imprisonment.
- Section 67C of the act: Failure to protect or preserve the information about intermediaries: Fine and imprisonment for 3 years.
- Section 72A of the act: Disclosure of any information, intentionally and knowingly, without the consent of such person is considered a breach of the contract: Fine of Rs.5 Lakhs or imprisonment of 3 years or both.
It includes an updated laws and penalty for breach of privacy.
The data protection broad was introduced under this act. Under the section 33(1)
board has power to provided proper l to the breach of the provisions, the
penalty giving way of monetary. Penalty was given depend upon the nature,
gravity of the data privacy breach.
- The data fiduciary has a duty to provide proper reasonable security to protect data privacy under sub-section (5) of section 8. If the data fiduciary breaches this duty, they are liable for a fine that may extend to Rs. 250 crores.
- The data fiduciary has a duty to intimate any privacy breach to the board and the data principal under sub-section (6) of section 8. Failure to do so may result in a fine of Rs. 200 crores.
- The data fiduciary has additional obligations in the case of children's personal data under section 9. If a breach occurs, they may be liable for a fine that may extend to Rs. 200 crores.
- The significant data fiduciary has additional obligations under section 10. If there's a breach, they could be liable for a fine that may extend to Rs. 150 crores.
- The data principal has certain duties under section 15. Violating these duties could result in a fine of up to Rs. 10 thousand.
- If a voluntary undertaking is accepted by the board under section 32, but the person breaches any term, they will be liable to face the consequences specified in section 28.
- In case of any violation of the provisions of the DPDP Act, 2023, the person may be liable for a fine that may extend to Rs. 50 crores.
Our digital footprints expand and technology advances, make new challenges to
privacy emerge from web tracking and data breaches to the misuse of hidden
cameras microphones, the threats to our personal privacy and multifaceted. It is
imperative that we continue to adapt and evolve our legal and ethical frameworks
to address these challenges effectively.
To ensure the continued protection of privacy in the digital age, several
developments are essentials. First and foremost, there must be increased
awareness and education our privacy rights and responsible media practices.
Media organizations should embrace transparency and obtain consent when handling
personal information. Additionally, robust data protection laws and stringent
penalties for privacy breaches should serve as deterrents.
So Much Data But Not Much Protection
By making more and more strict laws it will make more effective to protect the
- Sandeep Harish B, I year of LL.M (International Law and
Organisations) at University of Madras.
- Kaviya A, I year of LL.M(International Law and Organisations) at
University of Madras.