Living life with dignity, encapsulated in the rights such as privacy, which is for all to enjoy, is the victory of democracy. The article highlights some of the salient features of privacy rights and takes a step back to analyse the status of privacy rights in its current form. On 24 August 2017, a nine judge bench of the Supreme Court of India in Justice K.S Puttaswamy v. Union of India passed a landmark judgement declaring the Right to Privacy as a fundamental right protected under the Indian Constitution. It is a natural right subsisting as an integral part to the fundamental right to life and liberty, inherent in Articles 14, 19 and 21.
It is an inalienable right and protects the individual from the scrutiny of the State in their home, of their movements, choice of partners, etc. Any impugned action should be a subject to judicial review and must be tested on the just, fair and reasonableness standard. However, this right should not become an absolute one, as it is of utmost importance to strike a balance between individual interests and legitimate concerns of the State. As per the judgement, all State actions or infringements that could have an impact on the right to privacy, will have to be measured against the following three determinants:
- Existence of a law justifying encroachment on privacy
- A legitimate State aim which ensures that nature of the law falls within the zone of reasonableness and operates to guard against arbitrary action
- The means resorted to by the State are proportional to needs and objects sought to be fulfilled by the law in question.
Right to Privacy is not a new idea but an age old concept in India, origins of which can be traced back to its colonial history. Privacy as a customary easement right was recognized way back under the Indian Easements Act 1882. However, despite such early recognition, in the present social and political scenario, the protection of privacy as a right is a complex issue.
Data Protection & the Question of Privacy
The question whether privacy is a fundamental right or not first arose before the Supreme Court in 2015 while examining the constitutionality of the Aadhar framework. The Hon’ble Court noted that an attempt to define the right might cause more harm than good and posed a question that people putting themselves in the public realm using technology, is not a surrender of their right to privacy. The Court stated that in the age of the internet, a person should have absolute control on what he can put out in the public domain without any compulsion and that the State should focus on giving statutory recognition to such individual choices. In the aftermath of this decision, in December 2019, the government introduced the Personal Data Protection Bill, 2019, in the Parliament, which would create the first cross-sectoral legal framework for data protection in India. The Bill attracted criticism owing to the absence of any safeguards against abusive data collection and processing by the State. It has been argued that in its present form, it confers unrestrained powers to State functionaries and fails to protect citizens from gross privacy violations. It leaves the policy gap with respect to India’s surveillance and intelligence services unaddressed, which, stakeholders have argued, is fundamentally incompatible with an effective privacy regime. In the midst of an era of increased reliance on ICT services, a serious threat lies with the protection of privacy of personal data or information. For example, in the ongoing pandemic, while mass monitoring and data processing systems appear to be indispensable tools for the government, citizens remain powerless as far as infringement of their privacy by State surveillance of their data is concerned. In fact the safety and privacy features of the Arogya Setu App have been criticized and claimed as an attempt by the State to acquire critical personal information. Even as the government claims that it is a voluntary decision on part of the citizens who choose to share their information, the App was made compulsory for attaining a number of critical services during the lock-down. Similarly, the foundation of the Data Protection Bill, is a consent framework which mandates data collectors to collect and process data only with explicit consent from the user. The users can withdraw consent at any point of time but the very premise that consent agreements protect data privacy is questionable.
Studies have pointed out that the majority of users barely read licence agreements of software and applications before giving their consent. A 2011 IBM study showed users spent just six seconds to read agreements and only 8% read the whole agreement before installing any software. This means most users are unaware of where a software or app comes from, and hence clueless about what it’s really doing — so there’s no telling where their information is going.
Right to Information vis-a-vis Right to Privacy
Another challenge is the dichotomy between Right to Information and Right to Privacy. India has enacted legislation to determine the distinction between information to be communicated to the general public and information to be reserved from the public domain. However, when it comes to protecting an individual’s right to privacy vis-a-vis the public’s right to information, the narrative changes arbitrarily. For instance: Public servants fall under the ambit of RTI, which means all of their personally critical information can also be made public if and when an RTI application demands the same. However, whether accountability through RTI should be conditional to a public servant’s Right to Privacy is not a question our laws or policies have so far addressed conclusively.
Privacy Rights of Sexual Minorities
While declaring privacy as a fundamental right, the SC also called into question the judicial reasoning in the Naz Foundation case which suggested that the LGBTQIA+ community was not entitled to privacy as a matter of right. The Court held that because a community forms a miniscule fraction of India’s population, that in itself is no reason to deny them the dignity of privacy with respect to their sexual orientation, authoritatively cementing the notion that the rights do not depend on the favourable exercise by the majority.
Attainment of a perfect balance among all the interests of the public is the root of a democratic civilized society but it can be argued that India has narrowed down the scope of privacy rights to be left alone in one’s castle till the time one is required to come out and lay it all bare. Privacy rights have now been recognized as a component of individual freedom. Though a fundamental right, it is in no way an absolute right. As seen with respect to data protection, freedom of sexual identity and right to information vis-a-vis the concept of privacy, the idea of privacy as a fundamental right is still evolving.
The State is yet to determine how to strike the necessary and right balance between the right to privacy and all other components that affect its effectiveness. While citizens are entitled to protection of their data, why is it subject to consent and who ensures that such consent is not manipulated or attained discreetly? Who defines where and how the privacy of a public office should be given preference over an individual’s right to information? What about occurrences when the sexual identity of an individual is necessary to reveal for medical assistance, but there is no way to ensure that any personal, sensitive and critical information, once revealed, will not be misused or circulated without the knowledge or the consent of the concerned individuals? These are some questions that citizens will need to ask more often of the State as it still remain the custodian of the limit and extent of the masses’ right to privacy. Till the time we don’t have these questions answered, right to privacy is neither absolute nor consequential, it is merely conditional, and a freedom or right which is subjected to conditions runs the risk of being easily undermined and trampled.
By Aditi Chowdhury, Research Associate, Human Rights & Social Justice Policies