INTRODUCTION
With the continuous growth in technology, it would be not wrong to say that this is the Age of technology. In this era of technology where almost everything has become digital, the greatest concern of every person is privacy. When using a website or a social media network or using a payment app, privacy is the one major thought that is always on a person’s mind. On one this where it can be said that the internet is the greatest gift to mankind, this gift can often be misused. We live in a world where people, mostly teenagers are addicted to social media. They upload their pictures and videos and do extremely private conversations. Many business transactions are done, and strategies are made. And all of this is done using the Internet. Altogether we can say that we cannot imagine a world without the Internet. Without privacy on the internet, a person cannot feel safe while doing anything on the Internet. So does a person have a Right to Privacy on Internet? We’ll get to know in the later article.
RIGHT TO PRIVACY ON THE INTERNET
With the continuous development in the world of the Internet, cyber threats are increasing day by day. Right to Privacy can be understood in general terms as a person’s right to enjoy his presence within his own decided boundaries. Every person has a right to limit sharing of his personal information on the internet. It can be said that personal information is a kind of personal property for an individual. In India, the Right to Privacy is treated as a fundamental right under Article 21 of the Indian Constitution. In the case of Justice KS Puttaswamy vs Union of India, it was unanimously decided that the Right to Privacy shall be considered a Fundamental Right. Article 21 of the Indian Constitution says that every person has a right to live his life with liberty and dignity. So it has become very essential to protect the privacy of a person on the Internet. (Privacy & Data Protection Capsule: India’s Turn on the World Stage, 2022)[1]
Currently, The Information Technology Act 2000 of India deals with the privacy of individuals on the Internet. It contains various legal provisions that deal with the data privacy of an individual. Also, the Information Technology Rules, also known as the IT Rules 2011, have been enacted, which deal with the Sensitive Personal Data and reasonable security practices and procedures to protect the data of a person. The Information Technology Act 2000 got amended in the year 2008 which bought many changes to the act. Now The Information Technology (Amendment) Act, 2008, contained new sections, Section 43A, and Section 72A.
Section 43A states that there should be an execution of reasonable security practices for sensitive personal data and also compensation should be provided to people who have suffered from wrongful loss. Sensitive Personal Data consists of financial data, health data, biometric data, sexual orientation, genetic data, caste or tribe, official identifier, transgender status, sex life, intersex status, etc. Section 72A states that the person who has caused the wrongful loss to anybody, or has wrongfully gained by disclosing any personal information of another person, should be punished with imprisonment of up to 3 years or a fine of up to 5 Lakh rupees. (Right to Privacy in Digital Era: A Study with Indian Context)[2]
Rule 5 of the Information Technology Rules 2011 states that any Body Corporate or any person shall not collect any personal information of another person unless it is collected for the legal purpose and such collection of information is necessary for the functioning of that Body Corporate. If any Body Corporate holds personal information of any person then he cannot retain such information longer than the period of its lawful requirement. Also the body corporate cannot use such information for any purpose other than for which it was collected. (Internet Privacy in India)[3] Also, it is necessary to take the consent of such person from whom the personal information is being collected, and such person has the right to withdraw his consent anytime he wishes to. The consent of such an individual is also necessary for sharing the information with the third parties.
INTRODUCTION TO THE PERSONAL DATA PROTECTION BILL 2021
In the case of Justice KS Puttaswamy vs Union of India, it was unanimously decided that the Right to Privacy shall be considered a Fundamental Right. Under the chairmanship of former Supreme Court Justice BN Krishna, a committee was set up to draft the Data Protection Bill. Justice BN Krishna passed the ownership of the bill to the Ministry of Electronics and Information Technology (MeitY) and the bill was presented before the Parliament. The parliament referred the bill to the Joint Committee of Parliament.
0n December 16, 2021, the Joint Committee of Parliament (JCP) presented its report on the Data Protection Bill, along with the revised version of the bill, The Data Protection Bill 2021, in Parliament. (Privacy & Data Protection Capsule: India’s Turn on the World Stage, 2022)[4] The main purpose of the Data Protection Bill is to protect the privacy of every person in respect of their data. The Bill also proposed to establish a Data Protection Authority (DPA) that can keep an eye on the flowing of personal information and can regulate the free flow of personal data. Also, the Bill states that breach of data shall be reported to the Data Protection Authority (DPA) within 72 hours, otherwise penalties of up to 15 Crores or 4% of the Global turnover shall be imposed on the Data Fiduciaries. (The Data Protection Bill 2021, 2021) [5]
The Data Protection Bill also provides various rights which an individual can exercise against the Data Fiduciary, and the Data Fiduciary must fulfill the request of the individual. The bill also provides the guidelines for the cross-border data transfer, which states that the Sensitive Personal data can be processed outside India, but need to be stored in India. Also, it is necessary to take the explicit consent of the person whose information is being collected. In the case of Critical Personal Data, which is yet to be defined in the Bill, such data can only be processed in India except in the case of Emergency services and Health services. (The Data Protection Bill 2021, 2021)[6]
SOCIAL MEDIA PRIVACY ISSUE
In 2016, when WhatsApp announced various major changes in its privacy policy in which it was provided that the account information of the WhatsApp users will be shared with Facebook, a petition was filed before the Supreme Court against this new privacy policy of WhatsApp on the ground pf violation of Right to Privacy. Earlier Delhi High Court, in its decision, allowed the sharing of the user information on Facebook. The Honourable Supreme Court directed WhatsApp to delete the personal data until 26 September 2016, of those users who choose to delete the application. The Supreme Court also ordered WhatsApp to delete the personal information of those individuals who choose to retain the application on their phones. In January 2021, WhatsApp again announced in its privacy policy that users will not have the option to opt out of their data being shared with Facebook which again started a lot of debates. (Right to Privacy in Digital Era: A Study with Indian Context)[7]
CONCLUSION
They say “Privacy is a myth”. Privacy is raising concerns as there is an increment in privacy breach cases all over the world. But the government is awake and is taking strict actions against the companies who are trying to infringe the right to privacy of the people. it is good to know that our government is taking effective measures by introducing a new bill related to the protection of personal data, to protect our privacy on the Internet, and is keeping an eye on these unnecessary policies of the companies. It can be expected shortly drastic changes will come concerning the privacy of an individual, which will control and regulate the free flow of the information. Various effective measures can be introduced by the Government to protect the personal and non-personal data of its citizens. It would be interesting to know how our data will be more secure and how we will live in a world where hacking somebody’s information would be far more difficult for hackers.
Author(s) Name: Poorva Sharma (Maharaja Ganga Singh University, Bikaner, Rajasthan)
Reference(s):
[1]Privacy & Data Protection Capsule: India’s Turn on the World Stage (The National Law Review), 8 January 2022, https://www.natlawreview.com/article/privacy-data-protection-capsule-india-s-turn-world-stage ,accessed 18 June 2022
[2] Anmol, Right to Privacy in Digital Era: A Study with Indian Context (Legal Services India), https://www.legalserviceindia.com/legal/article-5404-right-to-privacy-in-digital-era-a-study-with-indian-context.html , accessed 18 June 2022
[3] Internet Privacy In India (The Centre For Internet & Society), https://cis-india.org/telecom/knowledge-repository-on-internet-access/internet-privacy-in-india , accessed 18 June 2022
[4] Privacy & Data Protection Capsule: India’s Turn on the World Stage (The National Law Review), 8 January 2022, https://www.natlawreview.com/article/privacy-data-protection-capsule-india-s-turn-world-stage ,accessed 18 June 2022
[5] The Data Protection Bill 2021(Trilegal), 24 December 2021, https://trilegal.com/knowledge_repository/the-data-protection-bill-2021/ , accessed 18 June 2022
[6] The Data Protection Bill 2021(Trilegal), 24 December 2021, https://trilegal.com/knowledge_repository/the-data-protection-bill-2021/ , accessed 18 June 2022
[7] Anmol, Right to Privacy in Digital Era: A Study with Indian Context (Legal Services India), https://www.legalserviceindia.com/legal/article-5404-right-to-privacy-in-digital-era-a-study-with-indian-context.html , accessed 18 June 2022