Apex Courts 9 Bench unanimous
judgement in Justice Puttaswamy case pronouncing that, “The right of
privacy is a fundamental right; It is a right which protects the inner sphere
of the individual from interference from both State and non-State actors and
allows the individuals to make autonomous life choices” had attracted various
reactions from all the sections of society when pronounced in 2017.
The then Union finance
minister Shri Arun Jaitley, a legal acumen in himself, reacted that “Privacy
issue went to Supreme Court because previous UPA government brought Aadhaar
without legal framework. We framed Aadhaar law ensuring privacy as fundamental
right will be protected. Supreme Court accepted privacy is a fundamental right
but not an absolute right; judgment is a positive development."
The past and present Law
minister, Shri Ravi Shankar Prasad said “The government welcomes the
Supreme Court order on right to privacy. SC has affirmed what government had
said in Parliament while moving Aadhar Bill. Privacy should be a fundamental
right subject to reasonable restrictions."
“Welcome the SC verdict upholding Right to
Privacy as an intrinsic part of individual’s liberty, freedom and dignity. The
SC decision marks a major blow to fascist forces," the Congress
vice-president Rahul Gandhi tweeted.
It was a “sound rejection" of the BJP’s ideology of “suppression through
surveillance", Gandhi said.
R. Chandrashekhar, President,
Nasscom in 2017 said, “This landmark judgment will ensure that protection
of citizen’s privacy is a cardinal principle in our growing digital economy.
Besides, it will enhance citizens’ trust in digital services, a prerequisite
for widespread digital adoption. The ruling also significantly boosts India’s
attractiveness as a safe destination for global sourcing."
Soli Sorabjee, India’s most
respected legal luminary commented that “It is a very progressive judgment
and protects the fundamental rights of the people. Privacy is a basic right
which is inherent in every individual. The unanimity of the bench in giving
this decision shows a very good approach of the Supreme Court. Any judgment
which enlarges the fundamental rights of the people should be welcome."
These reactions were of 2017 and
many expected government to come out with a law soon for protection of Privacy
of the individual as a committee was set up under stewardship of Retired
Justice Srikrishna to draft the act for Data Protection in 2017 itself.
Much water has been passed between pronouncement of judgement, setting
up the committee and today. An Act for protection of Fundamental Rights of
People is still a distant dream. It was in July 2018 that the Justice BN
Srikrishna-led committee timely submitted its draft bill to the Ministry of
Electronics and Information Technology (MEITY) to create a powerful data
protection law in India. The draft was finalized after a year of consultations
with various stakeholders and came just after the European Union General Data
Protection Regulation (GDPR) came into force in May 2018. The
Personal Data Protection Bill, 2019 is more important because of the urgent
need to regulate data protection and data privacy,
be it for online platforms, apps, social networks or even online services
including by the government. It was expected when the Winter Session of the Parliament
began in November 2019, that key bill, the Personal Data Protection Bill, 2019,
will be passed. But it did not happen and presently the bill is before the
Committee of Parliament for deliberations and consultations.
The 25% growth from 437.4 million
in 2017 to 564.5 million currently in digital users should come as some sort of
eye-opener. In a country where digital education, digital security or digital
awareness is not priority of any of the digital service providers, the digital
users are left on mercy of cyber criminals. These cyber criminals are carrying
out innovative cyber attacks which are beyond imagination of the digital users.
The most favoured white collared cyber crime is DATA THEFT. It is committed
before open eyes of the digital users and digital users are not able to
recognise the crime of data theft being committed. There are many high end
cyber crimes which cannot be even noticed or detected by 90% of the digital
users. Present digital era’s description as Golden Era of Cyber Crimes is not
misconceived or ill-founded.
Recently, in view of information available with
government of India that 59 Apps are engaged in activities which is prejudicial
to sovereignty and integrity of India, defence of India, security of state and
public order, the government of India has banned these apps , all of which are originated
from China. The government said that the Ministry of Information Technology has
received "many representations raising concerns from citizens regarding
security of data and risk to privacy relating to operation of certain
apps". As per government press release, The Computer Emergency Response
Team (CERT-IN) has also received many representations from citizens regarding
security of data and breach of privacy impacting upon public order issues”. So, on this backdrop with the relevant
provisions of the Information Technology (Procedure and Safeguards for Blocking
of Access of Information by Public) Rules 2009 and in view of the emergent
nature of threats these apps were banned.
The measure reason as stated by
government is the Risk to Privacy as well as risk to data of the citizen. It is
open secret that most of the apps are designed to collect huge personal data
from the users. The terms and conditions of each of the app very categorically mention
the permissions to be provided by gadget owner prior to installing that
specific app. With our permission only, these apps are installed in our devices
and hence there are very few who regret this decision of providing permission
to camera, messages, contacts, GPRS Location, enabling calls and many more such
activities by the apps. This is true for all the apps whether having origin in
China or from any other part of world. You will rarely find any app/program
which is not interested and designed for collection/storage of personal data.
In short we need to have a permanent solution for Protection of the Personal
Data of the individual as banning any app is short term solution.
Data is the lifeline of today’s
business activities in digitalised world and on backdrop COVID 19 where most
the world is opting for Work from Home and making maximum use of online
platforms, the data theft threat is looming large in cyberspace. Yes , the incidents
on Chinese Border has added fuel and security dimension to this Data Theft and
Data security of the citizen and banning the 59 apps of Chinese origin by
government can be justified. But bigger issue of Data Security and Protection
of Privacy by other apps remains to be resolved. What can be said about big
social media giants like Facebook, Whatsapp, Instagram or online meeting
platforms like Zoom? Are these companies not involved in compromising Security
of individual citizen and thereby invading constitutional guaranteed Privacy
Right of the Indian citizen?
The most recent incident of
trolling of Hon. Chief Justice of India for just sitting on a high-end mobike
without headgear and mask and subsequent clarification/warning about not
invading Privacy of Hon Chief Justice of India justifies the need of passage of
Personal Data Protection Act by the parliament. When Hon Chief Justice’s
privacy is vulnerable, what could be said about Privacy of we individual
citizen? Are all citizens so powerful like Hon. CJI? What remedies are
available to individual citizen for protection of their Right to Privacy? Under
which law the reliefs can be sought?
Putting of Personal Data
Protection Act in place is the only solution. The preamble of act itself describes
the objects of the act as the act to
provide for protection of the privacy of individuals relating to their personal
data, specify the flow and usage of personal data, create a relationship of
trust between persons and entities processing the personal data, protect the
rights of individuals whose personal data are processed, to create a framework
for organisational and technical measures in processing of data, laying down
norms for social media intermediary, cross-border transfer, accountability of
entities processing personal data, remedies for unauthorised and harmful
processing, and to establish a Data Protection Authority of India for the said
purposes and for matters connected therewith or incidental thereto.
The preamble states that the right to privacy is a fundamental
right and it is necessary to protect personal data as an essential facet of
informational privacy and whereas the growth of the digital economy has
expanded the use of data as a critical means of communication between persons
and which needs to be protected.
So the significance of Personal Data Protection Act can be found
in its preamble only and various rights available, after passage of this Act,
to Data Principal like correction of Information, Erasure of information,
discontinuing the use of information after the purpose of consent is over and
deletion of information etc. highlights how personal data of the individual can
be protected.
As most of the apps are exploiting our sensitive personal
information without our explicit consent and this can be verified by huge spike
in cyber crimes recently, the best way to deter/ control these apps and make
citizen more powerful is by passage of Personal Data Protection Act. This act
will give much needed tools to the citizen as well as government to check
culprits involved in theft of personal data or invasion of Data privacy.
To allow the individuals to make autonomous life
choices including choice about his Data sharing, the Hon Apex Court mandated a
need of law which can give an individual, right about his personal data
protection. This object can only be achieved by passage of The Personal Data
Protection Act and its effective implementation. Hence in my view, passing and
enforcing The Personal Data Protection Act is need of hour and should be top
priority of the government.