JAMIA MILLIA ISLAMIA

NEW DELHI

(LAW & INFORMATION TECHNOLOGY)

TITLE: Right to Privacy and Its implications on

existing Cyber laws in India: K.S. Puttaswamy &
Afterwards

SUBMITTED BY: ABDUL KARIM ANSARI SUBMITTED TO: PROF. DR. GHULAM

YAZDANI B.A.LL. B (HONS) / REGULAR FACULTY OF LAW, JMI.

VTH YEAR IX SEMESTER

ROLL NO. 03
 ACKNOWLEDGEMENT

I would like to acknowledge my indebtedness and render my warmest thanks to my

supervisor Dr. Ghulam Yazdani Sir, who made this work possible. His friendly guidance
and expert advice have been invaluable throughout all stages of the work. I would also like to
express my gratitude to my friends and Seniors for extended discussions and valuable
suggestions which have contributed greatly to the improvement of the Project.

I take this opportunity to thank them. Special thanks are due to my family for their
continuous support and understanding, compiling the final preparation of the Project. The
person with the greatest indirect contribution to this work is my mother. I want to thank
her, my father, as well as my brother, for their constant encouragement.

2
 TABLE OF CONTENT

● Introduction
● Development of Right to Privacy in India
● Surveillance and Privacy
● Homosexuality and Privacy
● Aadhaar and Privacy
● Patient Information and Privacy
● K.S Puttaswamy: A Critical Analysis
● Judgement and Analysis
● Vinit Kumar case and Its Relevance
● Two Years of Privacy Judgement

● Interpleader and General Suit

● Conclusions & Suggestion
● Bibliography

3
INTRODUCTION

Jurists like Arthur Miller have stated that privacy is difficult to define because it is
ephemeral. Many jurists like Aristotle and William Blackstone differentiate between private
wrong and public wrong. Public wrong means wrong against the society and private wrong
means wrong against the individual. The Greeks were the first to recognize the relationship
between an individual and a State and also gave an overview that how the relationship
between the two is shaped.Black’s Law Dictionary defines privacy as, “right to be let alone;
right of a person to be free from unwarranted publicity; and right to live without
unwarranted interference by the public in matters with which the public is not necessarily
concerned.” Privacy right is a facet of human right and hence, it is inalienable from the
personality of a human-being. Privacy is not a new right that needs introduction; it is as old as
the common law and needs legal recognition. It is so deeply embedded with liberty and
dignity of an individual that it cannot be denied the status of a fundamental right. The idea of
liberty in a democratic nation would be vague if privacy is not given the status of a
fundamental right. According to Justice Krishna Iyer, “Personal liberty makes for the worth
of human person”. Hence, the notion of dignity and liberty are not independent of privacy.

Right to privacy is a right which an individual possesses by birth. Privacy simply means the
right of an individual to be left alone which is recognized by the common law. The notion of
privacy is sometimes ambiguous because of the different historical theories of privacy given
by three different groups of eminent jurists. While one group of jurists including Douglas,
Blackmun regarded privacy as protection of individual liberty, another set of jurists including
Black and Rehnquist adhered to non-recognition of some unrecognized substantive due
process rights as fundamental. The third group of justices including Justice White and Justice
Harlan regarded privacy as a view to protect the family from governmental interference.
However, the fact that privacy is an existing right just like any other human right cannot be
denied.

Another view of the importance of the right to privacy is that it is essentially considered to be
a natural right. Natural Rights are those divine rights which are considered supreme to all
other rights. Dr. W. Friedmann mentions that the search of mankind for absolute justice and
failure defines the history of natural law. The social contract theorists like John Locke in his

4
book titled “Two Treatises on Civil Government” sowed the seeds of “right to privacy” by
advocating the theory of natural rights which according to him were inviolable and
inalienable. Thus, privacy finds its origin in the natural law theories. 1

DEVELOPMENT OF RIGHT TO PRIVACY IN INDIA

The Right to Privacy has been very much debatable in India because the Indian Constitution
does not expressly grant Right to Privacy. The drafters of the Indian Constitution put forth the
Right to life as an essential right. The Supreme Court of India has also given various
interpretations to Article 21 of the Indian Constitution expressly granting Right to life to all
the citizens of India and with the growing times, right to life has been given too much
expanding horizon with so many other rights coming within its ambit like right to speedy
trial, Right to shelter, and many others. The explanation given by the Apex Court to “life”
and “liberty” under the Indian Constitution has always been expansive to the extent that it
does not mean mere animal/physical existence. This view also conforms to the 5th and 14th
Amendment to the US Constitution.

The Preamble of the Indian Constitution guarantees liberty of thought, expression, belief,
faith and worship to all the citizens of the country. This in itself reveals how important and
expansive the term “liberty” was for the drafters of the Indian Constitution. A paralysis of
Article 21 of the Indian Constitution which includes the word “personal liberty” reveals that
for an individual to lead a dignified life, his/her liberty should be protected which ultimately
demands Right to privacy to be given legal recognition. The Supreme Court of India has time
and again emphasized to give an expansive interpretation to the term “personal liberty” under
Article 21 of the Indian Constitution. The Court has stated, “The expression personal liberty
is of widest amplitude covering a variety of rights”.2

The question to recognize a right to privacy arose in Kharak Singh v. State of U.P.3
wherein Justice Subbarao in his minority opinion expressed a need to recognize such a right
even though it is not expressly granted by the Constitution of India. The petitioner, in the
afore- mentioned case, was put under surveillance because of his criminal activities. The

1
Jana Kalyan Das, Philosophical foundations of The Right to Privacy,
2
Maneka Gandhi v. Union of India AIR 1978 SC 597 (Supreme Court of India).
3
AIR 1963 SC 1295

5
surveillance was to keep a watch at the petitioners’ house which also involves secret visits to
the petitioners’ house at night. He challenged such provisions of Secret and domiciliary visits
of the U.P. Police Regulation as a violation of his right to privacy. The Court, however,
refused to give recognition to the right to privacy, the reason being that the Indian
Constitution does not give express recognition to any such right. The same view was
observed by the Apex Court in M.P. Sharma v. Satish Chandra 4. These views were
somehow diverted from the views of U.S Supreme Court Wherein Justice Frankfurter
believed that security of one’s privacy is basic to a free society and hence, it should be
protected from unreasonable intrusion from police authorities.

Privacy of an individual needs to be protected as long as it does not adversely affect

the public at large. Maintaining social order is the first and the foremost objective of
law.
Fundamental rights cannot be granted, setting aside the norms set for maintaining social
order. However, with the growing information technology and arbitrary use of powers by the
Government officials, recognition of such a right is essential but then obviously privacy
cannot be an absolute right. Hence, it is important to mention another observation of the
Supreme Court in this regard-

In Govind v. State of M.P 5; the Court laid down the following observation-

● The Court cannot completely rely on a right which is not expressly granted by
the Constitution. If the Court did so then it would compel the citizens to question
the judicial reliability.
● Right to privacy cannot be an absolute right and it has to comply with the
“state interest test”.
● Surveillance cannot be said to be violating right to life and also right to privacy
because only those criminals who are suspected of committing a crime are put
under surveillance. This step is necessary to prevent the commission of further
crimes.

4
AIR 1954 SC 300

6
5
1975 SCC 148

7
But the underlying principle in the said case can be said to be that the Court, unlike previous
other cases, did not completely deny the existence of a right of privacy. With the increasing
number of incidents with regards to infringement of privacy, it was evident for the Apex
Court to give recognition to this right. The saying that law should protect an individual both
from person and property is in existence from the common law times. However, the biggest
challenge before the Court of Justice was how to maintain the balance of such a right, public
order and also other rights guaranteed by the Constitution. In 1995, another issue regarding
the recognition of such a right came before the Supreme Court in Auto Shanker case where
the publication of the autobiography of an incarcerated person was in question. His
autobiography mentioned a few instances of a relationship existing between him and jail
authorities. The Chief Inspector General, however, contended that whatever was mentioned
in the autobiography was false and that there can be no publication of the same.

The following were the two major issues before the Court-

● Whether a person writing an autobiography without the previous approval

of authorities’ amount to infringement of right to privacy of the other
person?
● Whether a government official (Chief inspector general in this case) prevent an
incarcerated person from publishing his own autobiography taking advantage
of the fact that the prisoner has no legal means to fight against the same.

The Supreme Court, in the above-mentioned case recognized right to privacy as a distinct
right under the tort law and mentioned that there are remedies available for the same under
the tort law. The Court said if the prisoner is prevented from publishing his autobiography,
then there would be an infringement of Freedom of speech and expression of the petitioner.
Hence, the jail authorities cannot prevent the prisoner from publishing the same. Justice
Jeevan Reddy expressly mentioned that Right to privacy is an underlying/inherent right
granted under Article 21 of the Indian Constitution. With regards to the conflict between
freedom of speech and expression and Right to privacy, the court laid down that right to
privacy is subject to certain exceptions. If anything, other than “public records” or “court
records” is published then it would definitely lead to infringement of the privacy of another
person. Moreover, publication against someone out of malicious intention would also amount
to infringement of the right to privacy of that person.

8
Taking note of the above-mentioned cases, the Supreme Court finally postulated the
importance of such a right as an essence of individualism. The right exists as old as the
social-contract theory, but the only reason for it not being legal recognition was because of
oodles of conflict arising in the way. John Locke, a well-known jurist, acquainted us with
the theory of “tabula rasa” which riveted our attention to the fact that an individual is free
to decide the substance of their character and free to guide their own souls.

In People’s Union for Civil Liberties v. Union of India6, the Court mentioned as follows-

“We have; therefore, no hesitation in holding that the right to privacy is a part of the right
to''life `` and''personal liberty” enshrined under Article 21 of the Constitution. Once the
facts in a given case constitute a right of privacy, Article 21 is attracted. The said right
cannot be curtailed “except according to procedure established by law”.

SURVEILLANCE AND PRIVACY

A person is kept under surveillance so that his/her activities could be traced and that the
person does not commit any further crimes. This definitely raises a question on the
infringement of the right to privacy of that person. As already discussed earlier, the issue
first came up in Kharak Singh’s case. However, just to protect one person’s right to
privacy, the larger public interest cannot be ignored. Some of the things to be taken into
consideration before keeping a person under surveillance are-

● The Criminal background of the person. Whether the person has actually
committed such crimes which require keeping him/her under
surveillance.
● The frequency of the person committing crime i.e. whether he/she commits
crime repeatedly at frequent intervals or not.
● The level of crime committed i.e. it is of such heinous nature for the security of
the public it is necessary to trace the activities of the person.

India does not have single exhaustive legislation governing the surveillance activities of the
Government. Everyday data is being transferred to different agencies within the country
and

9
6
AIR 1991 SC 207 (Supreme Court of India).

10
there is an increasing number of cyber-attacks which ultimately create a threat in the minds of
the general public. After 2008 Mumbai attacks, the counter terrorism measures were at peak
which led to the introduction of National Intelligence Grid. The grid favors transfer of
information between 22 Central Intelligence Agencies in India. Emphasis must also be laid
on Crime and Criminal tracking network System (CCTNS) which enables sharing of
information amongst different police stations wherein one police station may have access to
the information stored on the server of other police stations.

All these routine activities demand stringent laws to ensure the privacy of the individuals.
Privacy rights cannot be differentiated and this cannot be contended that particularly if a
person has committed crime then his/her privacy need not be protected. The solution to this
therefore lies in the “reasonable expectation of privacy test” introduced by Justice Harlan7
This test reveals that privacy of a person can never be violated if the person has a reasonable
expectation of privacy at that particular place. Dwelling home of a person can be one of the
instances of such a place. One of the requisites of this being that an expectation of privacy at
such a place must be recognized by the society.

HOMOSEXUALITY AND PRIVACY

More than 30 countries around the world have decriminalized same sex marriages including
countries like Ireland, Netherlands, Canada and many others. Section 377 of the Indian Penal
Code which earlier penalized sexual activities against the order of nature is now
Unconstitutional by a five-judge Bench unanimously struck down Section 377 of the Indian
Penal Code, to the extent that it criminalised same-sex relations between consenting adults.

The term mentioned in the said section i.e. “against the order of nature” brings within its
ambit the Lesbians, Gays, Bisexuals and Transgender (LGBT) Community. This implies that
sexual intercourse between two people belonging to this community would be punished in
India. Some of the instances of being-

7
Katz v, United States 389 US 347 (Supreme Court of United States).

11
 ● A truck driver was punished to commit sodomy with a boy twice. Gujarat
High Court imprisoned the driver and also charged fine.8
● Emission of semen in the mouth of the victim would also constitute unnatural
intercourse.9

Thus, all types of unnatural offences are punished in the country. However, the question that
comes to the mind after declaration of right to privacy as a fundamental right is that when
privacy is a fundamental right then how can a private activity like the so called “unnatural
sex” be punished?

AADHAR AND PRIVACY

The main reason why the case of infringement of privacy was filed was because the
Government of India asked for biometrics of the citizens to provide them with Aadhar Cards.
The Aadhar scheme makes it mandatory for all the citizens to have the Aadhar Card
otherwise they would suffer problems with respect to opening bank accounts, payment of
taxes etc. The major contention was that the Aadhar Act does not make the enrolment for
Aadhar mandatory and hence, the said scheme is not violating any right because all the
people are giving their biometrics voluntarily. Light must be thrown on the fact that the
Government of India definitely provides various social security benefits to the poor of the
country. If a citizen does not obtain Aadhar then he/she would be deprived of such benefit.
This would ultimately deprive them of the benefits and would create different unreasonable
classes of citizens which would again violate Article 14 (granting Right to Equality) of the
Indian Constitution.

Another reason for the invalidity of the said scheme is that there is definitely a trace of undue
influence that can be found here. The doctrine of colourable legislation founds its genesis in
the principal that what cannot be done directly can also not be done indirectly. The Aadhar
Act is definitely a form of colourable legislation wherein the Government indirectly and
secretly has an undue influence on certain sections of the society. When a citizen is made to

8
Chiranjit Singh v. State of Himachal Pradesh Cr Lj 1986 Guj HC 173 (Gujarat High Court).
9
Basantlal v. State AIR 1968 Guj HC 252. (Gujarat High Court).

12
choose between privacy and social welfare schemes, then definitely they would choose food
and shelter first.

Another issue concerning the said issue being that even after introduction of such a scheme,
the Government did not make any stringent laws to safeguard the personal data of the
citizens. Although the information technology act (IT Act) has been amended several times
to enhance the data protection laws, there should be stringent laws that still need introduction
to implement the Aadhar Scheme. The Government must be made bound by law to reveal the
reason for collection of data as well as must take the responsibility for protection of the same.

One of the solutions to prevent such unauthorized leak of personal data can be by allowing
anonymous access to services and anonymous surfing of the internet. However, this can also
create many problems and would give rise to more cyber-crimes. Taking into consideration
various international conventions like Article 8 of European Convention and Article 12 of
the Universal Declaration of human rights, the declaration and recognition of privacy as a
fundamental is the need of the hour. The Supreme Court of India has given a right judgment
and stringent data protection laws need implementation. The privacy bill pending in the
Parliament must be passed after the judgment.

With the increase in the exchange of Trans-border data, the Organisation for Economic Co-
operation and Development (OECD) has given various guidelines with respect to
protection of personal data , some of them being-

● The data must be collected with the lawful consent of the person giving such data
and must be used for lawful means.
● The personal data must not be leaked or transferred to some other person
without the prior permission of the person giving data.

Hence, the said Aadhar Scheme also violates various international conventions also. Various
countries that have specific data protection laws are as follows-

● Canada which has its own Personal Information Protection and

Electronic Documents Act, 2000.
● K. Data protection Act, 1998

13
 ● Privacy Act, 1993 of New Zealand

PATIENT INFORMATION AND PRIVACY

In 2003, cross-border flow of personal information became apparent, when University of

California, San Francisco was threatened by a data transcriber in Pakistan to reveal the
patient information unless they paid their back-wages.10 One of the major issues surrounding
the right to privacy is the revelation of patient’s personal information by medical
practitioners. It should be noted that India has no specific laws governing this field. The
Indian Medical Council Regulations require that every medical practitioner should maintain
confidentiality of patient’s information. In India, the issue came up in X v. Z Hospital where
the doctor revealed to a patient’s Fiancée that the patient is HIV positive. The patient did not
get married to that particular person and later on sued the doctor contending that this was an
infringement of right to privacy. Court, however, had a different view and stated that the
doctor cannot be said to have been liable for any breach of privacy right because this
revelation is necessary from the point of view of public welfare.

Hence, the set out principle would always remain the same that public welfare will prevail
over individual interest. The 2011 amendment to the IT act recognized and defined “sensitive
personal data” for the first time and also mentioned that such type of data cannot be revealed
without the prior consent of the patient. The European Courts on Human Rights first
recognized such a need of protecting personal data of patients in I v. Finland wherein the
court did not allow free access to patient’s information.

JUSTICE K.S. PUTTASWAMY v. UNION OF INDIA AND ORS

: A CRITICAL ANALYSIS

The Supreme Court of India recently delivered a judgment that right to privacy is a
fundamental right which definitely created a fuss. Amid so many controversies surrounding

10
Protecting Patient’s Information in India: Data Protection Laws and Challenges, 2012 (5) NUJS L REV 411,

14
the said right, privacy was finally declared a fundamental right which is embedded in Article
21 of the Indian Constitution guaranteeing right to life. The United States of America initially
had sector specific privacy laws. Later on, it took different forms and developed. With the
growing use of information technology in almost all the sectors, there is definitely a need to
recognize such a right. Hessen (one of the German States) was the first country to enact data
protection laws (in 1970) which was ultimately to safeguard the privacy of the masses. From
then till now, there are nearly 40 or more countries which have enacted such laws.

FACTS- The government of India decided to provide to all its citizens a unique identity
called Aadhar which is a card containing a 12-digit Aadhaar number. The registration for this
card was made mandatory so as to enable the people to file tax returns, opening bank
accounts etc. However, the registration procedure for such cards required the citizens to give
their biometrics such as fingerprints, iris scans etc. Retired judge Justice K.S Puttaswamy
filed a petition challenging the constitutional validity of this Aadhar project contending that
there was a violation of right to privacy of the citizens since the registration for Aadhar is
made mandatory. As a result of which all those who don’t even want to register themselves,
are not left with any option. Moreover, there is a lack of data protection laws in India and
hence, there are chances that the private information of the people may be leaked if proper
care is not taken. This will lead to violation of the right to privacy of the individuals.

JUDGMENT AND ANALYSIS

The Judgment of the Apex Court that Right to privacy is a fundamental right is correct.
However, it is true that privacy cannot be an absolute right. For instance, surveillance is
important to prevent crime in society. An individual cannot simply argue that his privacy is
being violated if larger public interest requires keeping him/her under surveillance. The
major question is that the Supreme Court of India, unlike the USA, has still not recognized
the doctrine of waiver, which facilitates that an individual can waive off the fundamental
rights if larger public interest requires so. The reason behind this being that it would defeat
the purpose of the Constitution which implies that fundamental rights are absolute. So, how
can privacy be a fundamental right if it is not absolute? As already mentioned above, privacy
is not only a right, it is a natural and inalienable right. It cannot be denied the status of a
fundamental right because liberty without privacy and dignity would be of no use.

15
Right to Privacy: The Puttaswamy Case
In August 2017, a nine judge bench of the Supreme Court in the Puttaswamy Case gave
legitimacy to the 'right to privacy' under the Constitution of India and overruled the M.P
Sharma case and the Kharak Singh case in relation to the guarantee of the right to privacy
under the Constitution, and, therefore, made its derogation subject to the highest level of
judicial scrutiny.

Premised on the principle that "Privacy is the ultimate expression of the sanctity of the
individual", the Supreme Court affirmed the reasoning and judgment given in the PUCL Case
and held that:

1. The violation of privacy with regard to arbitrary state action would be subject to
the "reasonableness" test under Art. 14.
2. Privacy invasions that implicate Art. 19 freedoms would have to fall under the
restrictions of public order, obscenity etc.
3. Intrusion of one's life and personal liberty under Art. 21 will attract the just, fair
and reasonable threshold.
4. Phone tapping not only infringes Art. 21 but also contravenes Art. 19 freedoms. Such
a law would have to be justifiable under one of the permissible restrictions in Article
19(2), in addition to being "fair, just and reasonable" as required by Article 21, and
as was held in the PUCL Case. It would also need to be subject to a higher threshold
of "compelling state interest".
5. The 'proportionality and legitimacy' test was also established – which is a four-fold
test that needs to be fulfilled before state intervention in the right to privacy:i. The
state action must be sanctioned by law.
ii. In a democratic society there must be a legitimate aim for action.
iii. Action must be proportionate to the need for such interference.
iv. And it must be subject to procedural guarantees against abuse of the power
to interfere.

16
Vinit Kumar Case and Its Relevance
The Bombay High Court (High Court) in 2019 was presented with the opportunity to
adjudicate upon the law pertaining to phone tapping and surveillance in the post-Puttaswamy
era, applying the principles in relation to the right to privacy to section 5(2) of the IT Act.

In this case, a businessman who was alleged to have given bribes to bank employees to avail
himself of credit, challenged certain CBI orders that directed interception of his telephone
calls on the grounds that such orders were ultra-vires of section 5(2) of the IT Act.

At the outset, the High Court reiterated that an order for interception as per Section 5(2) of
the IT Act, can be issued only in two circumstances: public emergency or public safety.
The impugned orders were given on the basis of 'public safety'.

The Supreme Court in an earlier case dealing with section 5(1) of the IT Act has held that the
precursors of "public emergency" and "interest of public safety" to an order of interception
are to be read as a whole and take colour from each other. Further, it held "public
emergency" to include the interest of public safety, the sovereignty and integrity of India, the
security of the State, friendly relations with foreign states, public order, or the prevention of
incitement to the commission of an offence. Further, the Supreme Court has also recognised
that economic emergency does not qualify as "public emergency"3 and, therefore,
interception for economic offences, which do not meet the very high threshold of "public
emergency" or "public safety", are not permissible under the law.

Drawing from these settled positions, and since this related to an economic offence, the High
Court was of the opinion that there is no apparent public safety interest to substantiate the
said Orders or satisfy the test of "principles of proportionality and legitimacy" as laid down
in the Puttaswamy Case.

To summarise, the High Court in the Vinit Kumar Case, in the question of interception, held:

1. An order of interception under section 5(2) of the IT Act can only be given
in situations of 'public emergency' or 'public safety'.
2. If interception has been undertaken in contravention of Section 5(2) of the IT Act, it
is mandatory for the said intercepted messages to be destroyed.
3. Evidence procured in violation of Section 5(2) and the rules made thereunder, is
not admissible in court.

17
The key takeaways are that for an interception under section 5(2) of the IT Act, the high
threshold of "public emergency" and/or "public safety" need to be met and compliance with
the rules and guidelines made thereunder are mandatory. Even a slight deviation from the
process will lead to the evidence being inadmissible in court.

The Vinit Kumar Case is useful in protecting fundamental rights and making sure that the
power of phone surveillance is not misused by authorities to target specific persons for
economic offences or without following the procedure established by law. It does appear that
this is a judgment whose relevance will be tested over and over again in the troubled times
we live in.

Two Years of Privacy Judgement:

The judgment in K.S. Puttaswamy effected little change in the government’s thinking or
practice as it related to privacy and the personal data of its citizens.

National Security Vs Privacy: Government continued to commission and execute mass

surveillance programmes with little regard for necessity or proportionality, with justifications
always voiced in terms of broad national security talking points.

● The Ministry of Home Affairs, in December 2018, authorised 10 Central agencies to

“intercept, monitor and decrypt any information generated, transmitted, received or
stored in any computer in the country”. This notification is presently under
challenge before the Supreme Court.

● In July 2018, it became known that the Ministry of Information Broadcasting had
floated a tender for ‘Social Media Monitoring Hub’, a technical solution to snoop
on all social media communications, including email. The government had to
withdraw the project following the top court’s stinging rebuke.

● A request for proposal for a similar social media surveillance programme was
floated in August 2018 by the Unique Identification Authority of India (UIDAI),
which is presently under challenge before the Supreme Court.

18
 ● The Income-Tax department has its ‘Project Insight’ which also has similar mass
surveillance ends.

Data use Vs Privacy:

● The government has shunned a rights-oriented approach in the collection, storage and
processing of personal data and has stuck to its ‘public good’ and ‘data is the new
oil’ discourse.

● This is evident from this year’s Economic Survey as it commends the government for
having been able to sell and monetise the vehicle owners’ data in the Vahan database and
exhorts it to replicate the success with other databases.

● The Draft Personal Data Protection Bill that urged for a ‘free and fair digital economy’, has
the digital economy as the end and the notion of privacy merely being a shaper of the
means.

19
 CONCLUSION & SUGGESTIONS

Though the idea pertaining to the protection of data is very old but due to the emerging trend
of technological dependence and use of personal data is manifold, hence this new trend needs
a new law to deal with tracking and controlling the techno-savvy peoples and organizations
by providing guidelines to prevent misuse of personal data.

People using online medium for sharing data or transferring information while doing e-
commerce transactions or any other communication purpose treasure their privacy and link
it to personal freedom and so have a right to control data about them. It is further required
that every e-organization privacy practices should be benchmarked against national and
international standards for privacy and fair information practices to meet the emerging
challenges.

Although customer's easily share their personal data while doing online transactions or by
interchanging communications, still it is the state's responsibility to look and protect the
interest of its citizens. As due to lack of specific statutory law dealing with the protection
of data in India, the courts measurably fails to protect the information as shared to the
companies by punishing them for violation of trust
.
With the recognition of privacy as a basic and fundamental right of an individual, India definitely
cannot lag behind. The judgment of the Supreme Court is correct and true and with the growing
information technology, privacy needs to be a fundamental right. However, it is also true that
stringent laws need introduction after this. An expert committee must be formed to probe into the
matter as to how many privacy infringement issues are taking place in India and accordingly
legislation exclusively dealing with such problems must be enacted. Data protection laws must
be made more stringent and must conform to OECD guidelines. Only one or two sections like
section 43A of the IT Act won’t be sufficient to regulate the data protection at such a large scale
when schemes like Aadhar are to be implemented.

When it comes to conflict between infringement of privacy and public interest, reasonable care
must be taken to choose what is more important. Individual interest cannot override public
interest. The maxim “salus populi est suprema lex” which means public welfare is the highest
law must be maintained in the democracy. Jurisprudentially also, Bentham gave the pain and

20
pleasure theories. Hence, the Government must take into account the pleasure of a larger number
of people and should try to inflict lesser pain. There must be regulation on the arbitrary use of
power by the Government with respect to personal information of the people. One of the greatest
advantages that India has is that the Privacy bill, 2011 is still pending in the Parliament. Hence,
relevant amendments can be made to it before enacting it as legislation.

21
 BIBLIOGRAPHY

A. Primary Sources:

I. Legislations:

1. Information Technology (Reasonable security practices and procedures and

sensitive personal data or information) Rules, 2011 (“Data Protection Rules”)
2. Information Technology Act, 2000 (“IT Act”)

B. Secondary Sources:

I. Books:
1. Cyber Law In India - Dr. Satish Chandra
2. Lawmann's Legal Framework on Cyber Crimes by Kant Mani

II. Website used:

● https://indiankanoon.org/
● https://www.legalserviceindia.com/legal/article-3763-a-study-of-indian-law-on-
protection-of-right-to-privacy-in-the-cyber-world.html
● https://blog.ipleaders.in/right-to-privacy-judgment-impact/
● https://lexlife.in/2021/05/06/right-to-privacy-in-cyber-world/
● https://www.scobserver.in/cases/navtej-singh-johar-v-union-of-india-constitutionality-
of-section-377-ipc-background/
● https://www.natlawreview.com/article/data-privacy-standards-issued-india-legal-
compliance-or-new-brand-differentiator

22