A child born today will grow up with no conception of privacy at all.
They’ll never know what it means to have a private moment to themselves, an
unrecorded unanalyzed thought. And that’s a problem because privacy matters.
Privacy is what allows us to determine who we are and who we want to be –Edward
Privacy, in this day and age is only governed by general Contract principles
mainly based on fiduciary relations and with data hungry Service Providers
dispersed all over the Internet, it is imperative for countries to have strong
data protection regimes to counter such data theft.
The Constitution of India does not guarantee the Right to Privacy as an absolute
right. However the nine-judge bench in the case of K.S. Puttaswamy v. Union of
India observed that Right to Privacy is an intrinsic part of the Right to
Life and personal liberty guaranteed under Article 21 of the Constitution of
India and hence, is limited by the procedure established by law.
The Data Protection Bill, 2019
Ensuing the landmark judgment of the Apex Court, the Government of India was
compelled to introduce a legislation averring the privacy of personal data of
individuals. A committee of experts was appointed under the Chairmanship
of Justice B.N. Srikrishna by the Ministry of Electronics and Information
Technology. The Committee was designated with the task of drafting a legislation
in this regard.
The definitive Personal Data Protection Bill was released on December 11, 2019.
This legislation was critically analysed by experts all over the country who
stated that the draft was endowed with loopholes which provided a blanket
immunity to the State in the form of exceptions which could cause appalling
issues in future.
Data Protection Regime peculiarly deals with 2 entities: State/ Service Providers
There exists a Power Asymmetry between these two entities. To rule out such
irregularities, there is a requirement of a strong legislation that safeguards
the interests of both the parties. The Data Protection Bill, 2019 lacks this
attribute. Individual Privacy is of utmost importance. It is the User that
requires Privacy and not the State/ Service Providers. The Government, however
should be forthright in such matters and must be placed in a position where it
can be held accountable, bound by limitations.
There have been instances where the people have observed unreasonable use of
omnipotent power by the Government. One such instance was bought in focus in
Uttar Pradesh in 2018 when several potato farmers in distress stockpiled
quintals of potatoes outside Government residential areas. Agitated by this, in
order to catch hold of the culprits, the Government put around 10000 phones
under surveillance. The Privacy of thousands of citizens was infringed to
apprehend two culprits. Evidently, it was not mandatory to take such an extreme
step and put several citizens’ privacy at stake for a single case.
Such acts where the State holds immunity by virtue of the law currently under
scrutiny can only be snubbed if there are restrictions imposed on the Government
to ensure privacy of individuals is not hampered at any stage in the discharge
of any peculiar duty.
The present day Internet/ social media/ applications is built on free service in
exchange of user information as consideration. The Service Providers have now
become data hungry. It is imperative to have legislations that intend to
safeguard the users/citizens from the onslaught of their personal information.
The present legislation in scrutiny The Personal Data Protection Bill,2019)
bears various escape clauses, the primary shortcoming being the grant of
boundless access of personal information to the State as a let-out clause.
With the current status of this legislation being under consideration of the
Joint Parliamentary Committee, several experts from various fields have gathered
together to form a committee with the aim to draft a legislation that proves to
be a boon for the country with legitimate balance of power and duties between
the two entities. This draft is known as the Indian Privacy Code.
To summarize, the Indian Privacy Code, 2018 is a synthesis of Supreme Court
judgments, including the landmark judgment in Justice K.S. Puttaswamy v. Union
and best practices from international texts such as the European
Union’s General Data Protection Regulation. This includes the right to
explanation on algorithmic decision making, reducing the power of black box
The Cambridge Analytica controversy compelled several countries to come up with
laws that aid in guarding the personal information of their citizens from
potential cyber threats. One such regulation brought about by the European Union
on data protection and privacy is The General Data Protection Regulation (GDPR).
GDPR is considered as a comprehensive strict legislation that has aided in
conservation of the data of their citizens.
It was due to the uncompromising
sections under GDPR that the new Whatsapp policy couldn’t make its way to
individual’s data in the European Union. It is imperative to derive inspiration
from such laws and adopt the relevant sections in these laws with reasonable
changes giving due regard to the Indian framework and variables.
7 Principles Of The Indian Privacy Code 
Privacy is not something that one merely entitled to, it’s an absolute
- Individual Rights Are At The Center Of Privacy And Data Protection
- A Data Protection Law Must Be Based On Privacy Principles
- A Strong Privacy Comission Must Be Created To Enforce The Privacy
- The Government Should Respect User Privacy
- A Complete Privacy Code Come With Surveillance Reform
- The Right To Information Needs To Be Strengthened And Protected
- International Protections And Harmonisation To Protect The Open Internet
Must Be Incorporated
- -Marlon Brando
It is the duty of the Government to provide meaningful legislations to safeguard
their subjects but, it also our responsibility as citizens to be cautious about
our Online Identity because:
If you care about privacy online, you need to actively protect it
- (2017) 10 SCC 1