CHAPTER 1

INTRODUCTION

1.1 INTRODUCTION

Right to privacy and right to information in India are the two most important rights to ensure that
people can live their lives with dignity and integrity. These two rights are fundamental in
maintaining the quality of life of an individual. While the right to privacy allows people privacy
to their personal issues/affairs, the latter allows citizens to hold various government departments
accountable for important public affairs. Most of the time, these two rights complement each
other in holding the government accountable to individuals. But there is a conflict between these
rights when there is a demand for access to personal information held by government bodies.

The relationship between right to privacy and right to information laws is currently considered
the most important subject of debate around the world as various countries are adopting different
types of concepts in relation to these laws and are making different legislations. 1. Privacy is
natural and quintessential for the very essence of human being to blossom in its all potentials.
Every society which ignores the private spheres machinates human beings as an automata which
may be efficient in production of goods and values but essentially free will and human dignity
are compromised. Romantic thinkers, such as Rousseau rightly said that the liberty is the very
essence of human beings. And to disregard it means the very essence of human dignity is lost.
For private sphere constitutes one of the essential ingredients of freedom and liberty.

And every public gaze amount to intrusion to the quintessential right, which is a golden thread of
all the basic human rights, for example, liberty, dignity, and autonomy. The contours of privacy
are not standstill, rather privacy is in its essence is dynamic and dialectical concept. The concept
of privacy cannot be circumscribed like a fixed mathematical formula; it is imagined in the
cultural mind of every unique society like basic ‘jural postulates Privacy is a sphere that works
on personal, political, legal, social, managerial, and technical aspects of human’s life. In like
manner, there are different affiliations a few methodologies which one can identify with security

1
A. Subrahmanyam, Right to Privacy in India,96 (New Era Law Publication, Haryana, 4th edition 2011)
like Indian Evidence Act, Information Technology Act, Indian Penal Code, Criminal law, Indian
Telegraph Act, Indian Easement Act, Family law.

These laws have been dissected in detail in this article. Security is head to individual and there
are different bits of protection like security of room, endorsement of body, security of data,
security of decision which has been advanced after some time2. In like manner, in the present
Digital time there is more colossal need to ensure this right. Right to insistence in the present
Digital time, surrendered outcomes of online media on security have been investigated in the
article. We will correspondingly talk about the laws which ensure security and do we have great
laws to oblige the issues of impedance of accreditation which has been viewed as Fundamental
Right under Article 21 of the Constitution and blessedness of right to security in India.

Through the early time progress is considered as the driving presence of progress. From
adaptable kind, to TV, to the web, improvement has been embraced and met into our persistently
lives The general miracle has changed beginnings of time and distance. It has formed an
abundance of data that is open at the hit of a key. In the 21st century a driving force
improvement in degrees of progress and improvement in the headway can be all around that truly
matters, seen. With this humongous progress in the movement, web bit by bit and gradually got
changed over into an unavoidable piece of one's life, on an essential level every individual either
plainly or by thought is associated with this goliath alliance. As the world is moving reliably
with the headway in the new turn of events, so is the level of cases relating demand impedance
are increasing

1.1.2 MEANING AND SCOPE OF PRIVACY

Although privacy concerns are deeply rooted in history, privacy protection as a public policy
question can be regarded as a comparatively modern notion3. Academically also most of the
privacy theorists are of the view that privacy is a meaningful and valuable concept. There have
been much extensive philosophical debate on the meaning and scope of privacy in the second
half of the twentieth century, and are deeply affected by the development of privacy protection in
the law. Various jurists and scholars have extensively analyzed the judicial trends and academic
2
Granville Austin, Working a Democratic Constitution, A History of The Indian Experience,90 (Oxford University
Press, London 2nd edn 2008).
3
Gaurav Goyal, The Right to Privacy in India: Concept and Evolution, 90 (Partridge, New Delhi, 3rd edn 2016)
discourse on personal and property rights having a symbiotic relationship with privacy rights.
Discussion on privacy has been further complicated by the fact that privacy appears to be
something we value to provide a sphere within which we can be free from interference by others,
and yet it also appears to function negatively, as the cloak under which one can hide domination,
degradation, or physical harm to women and others.

Another scholar, Solve in his work ‘Conceptualizing Privacy’14 has summarized privacy under
six recurrent themes, namely (1) the right to be let alone; (2) limited access to the self – the
ability to shield oneself from unwanted access by others; (3) secrecy – the concealment of certain
matters from others; (4) control over personal information – the ability to exercise control over i
nformation about oneself; (5) personhood – the protection of one’s personality, individuality, and
dignity; and (6) intimacy – control over, or limited access to, one’s intimate relationships or
aspects of life. Privacy is both a negative and positive right. It imposes both a negative obligation
upon the State to let alone the individuals of a society, and positive obligation upon the State to
protect individuals via property rights, tort law, criminal law and other legal devices’.

Solve contends that attempts to conceptualize privacy by locating the common denominator to
identify all instances of privacy have thus far been unsatisfying. The lack of a single definition
should not imply that the issue lacks importance. Privacy protection is frequently seen as a way
of drawing the line at how far society can intrude into a person’s affairs. Adam Carlyle
individual’s ‘right to be left alone has been defined as “the rightful claim of the individual to
determine the extent to which he wishes to share of himself with others and his control over the
time, place and circumstances to communicate with others.

It means his right to withdraw or to participate as he sees fit. It also means the individual’s right
to control dissemination of information about himself it is his own personal possession 4”. Thus,
it can be fairly argued that privacy is the ability to determine for ourselves when, how, and to
what extent information about us is communicated to other

4
Ibid
1.1.3 History Of The Right To Privacy

The key for security of affirmation was felt by people from old occasions, notwithstanding, the
considering was not clearly plainly obvious. Unequivocally when we start conversation on the
idea and reason of right it gets fundamental to follow its authentic development to discover all
around splendid definition. The chance of affirmation can be followed out in the old substance of
Hindus too. On the off chance that one gander at the Hitopadesh it says that specific matter (love,
sex and family matters) ought to be protected from exposure.

Notwithstanding the fundamental for attestation and its check as a benefit is the inescapable
postponed outcome of a quite individualistic culture wherein the center has moved from society
to the person. Prior, the law managed the cost of decree just against veritable anticipation with an
individual or his property.

As progress advanced, the individual, skilled and tremendous pieces of the human character got
endorsement and the level of the law loose up to offer approval these needs. The most short
records of 'right to security' in Indian standard were in the last piece of the 1800s when a nearby
British court kept up protection of a pardanashin lady to get to her shade without the dread of the
close by look. The law has advanced from now for a monstrous time stretch and the benefit to
security was added an honor to 'Article 21' of our Constitution by the Supreme Court as a basic
piece of 'individual liberty Privacy is certainly not a central right was first held by the Hon'ble
Supreme Court in the year 1954. The category of privacy brings in its colors various shades of
the humans-societal interactions. It is inalienable and inherent right which is not gifted by state
rather nature itself guarantees it by birth itself.

Further, we can say privacy is an inherent right of an individual, which is individual inhere
himself not conferred by someone. Privacy is conventionally attached to the reasonable
expectations of every person ‘to be let alone5. Thomas Cooley in his celebrated work coined this
phrase, which simply means as “protecting an individual’s right to seclusion”. He further writes,
“The right of one’s person may be said to be a right of complete immunity; the right to be alone.
According to Prof. Allen Westin the term privacy means “the state of solitude or small group of
intimacy”. The signification of privacy, as attributed in the Dictionary is that; “the absence or
5
Ibid
avoidance of publicity or display; the state or condition from being withdrawn from the society
of others, or from public interest; seclusion”.

The Legal Dictionary defines privacy as “the right to be let alone; the right of a person to be free
from unwarranted publicity; and the right to live without unwarranted interference by the public
in matters with which the public is not necessarily concerned

Thus, privacy right is the condition precedent in the meaningful exercise of all the rights
conferred in Part III of The Indian Constitution, 1950. When it is asked by the right holder before
the court to protect this sacrosanct right, 8 the appropriate court traces out its roots under Art. 21
of the Indian Constitution. Not only that, even articles, such as 19(1), 20(3), 25, 28, and 29, etc.,
are incomplete in its applications, unless the privacy right is read as integral part of these
guaranteed rights under the Indian Constitution.

The contours of this right are not possible to demarcate once for all time, as Justice S. A. Bobde
rightly explained, “The future developments in technology and social ordering may well reveal
that there are yet more constitutional sites in which a privacy right inheres that are not at present
evident to us In the 1980s and 1990s, computerization and digitization were perceived as a threat
to the privacy rights of citizen due to the advancement of digital technology and its incredible
capacity to collect, store, accumulate, process, aggregate, use, and offer access to constantly
snowballing extents of personal information. Further, information mirroring and personal
profiling were enabled by the ease of processing of data held by diverse consumers and at
various geographical regions.

The way of violation of privacy rights have changed with the advanced technology; be it data p
rincipal, corporation, governmental and non-governmental organizations, for the sake of
personal, commercial, educational, and recreational adventures. Further, the scattered nature of
such universal network makes it challenging to get any useful and exact estimation of the total
sum of consumers, much less the relative extents of the various kind of use6.

6
Adam D. Moore, Privacy Rights: Moral and Legal Foundations,89(Pennsylvania University Press, Pennsylvania,
3rd edn 2010)
New technological inventions and cyber threats may be indiscernible but their impacts are very
real, and interrelated computers and other devices that are virtually reachable are intrinsically
prone to infringements of privacy rights. Since, scales of data, which are moving through virtual
world has extended, so too has its value to private firms, state, and those having malicious
intentions. Our information trail has a larger footprint across virtual world, making us more
prone to online crimes and privacy violations Progress in sophisticated technology and science
have rapidly grown the capacity of data that can be collected, generated, processed and collated
virtually promptly.

Huge quantity of personal data is stored by several bodies, both public and private, investigating
agencies, IT wing, banking sectors, health insurance companies, credit-rating agencies, stock
brokers, employers, medical practitioners, advocates, wedding sites and apps, spy agencies,
flights companies, guesthouses, and so on. Until recently, this data was held offline; the sheer
and a deficiency of centralization made it hard to collate with the result that it was very
challenging for one institution or individual to utilize such data effectively. In the advancements
of technological age, data is too centralized and so easily accessible that one tap on a button
could throw up startling amounts of data about an individual.

1.2 RIGHT TO PRIVACY IN INDIA

In India, since ancient times the idea of privacy exists. The perception of the work ‘privacy’
refers to the personal space. This idea of personal space being subjective depends on the
individual’s culture, economic condition, environment, etc. The privacy law in India is however
weak owing to the fact that there is no exclusive legislation for the same, however the concept
cannot be disregarded. Privacy is neither expressed in the Indian Constitution nor in any other
statutes, though some of the provisions in some laws do recognize similar interests 7. However,
drafting a comprehensive legislation for such a right would be a difficult task. In UK, law of torts
cover privacy related right whereas Indian privacy laws are based on foreign case laws and also
certain Supreme Court decisions under Article 21 of the Indian constitution pertaining to the
ancillary rights such as to sleep, human dignity, to access justice, education, water, sanitation etc.

7
Basu, Durga Das, Law of Press in India,100(New Delhi, Lexwas Nexwas Buttersworths 1st edn 1980)
The world has recognized and accepted privacy rights as an essential human right and an
important component of human personality. Privacy is a fundamental right enshrined under the
UNDHR31 and several other international conventions and treaties. Privacy is not just inclusive
of human dignity but also other freedoms such as of association, speech and expression, etc.,
which hold importance in today’s era. In most the countries around the world their constitutions
recognize privacy as a right and if not in constitution, then have incorporated it in other
provisions. In 1970’s, there was a general notion to adopt privacy laws throughout the world.

In 1995, the European Union passed directive which provided its citizens with a wide range of
protection over data abuse. The principles pertaining to individuals’ protection with regard to
handling of his personal data provides for a base for national laws. It also obliges member States
to legally cover personal information of European citizens, creating a pressure on other counties
to pass privacy laws. As many as forty-five counties in the world have privacy laws relating to
data protection and many other counties are coming up with enactment of such laws.

1.3 INTERNATIONAL PERSPECTIVE ON RIGHT TO PRIVACY

The explanation "focal opportunities" might be utilized in a speculative and philosophical sense,
either as showing a bewildering class of good case that all that people might bring or, generally
more even-mindedly8, as the sign of these cases in certain law, for instance, as favored
clarifications to consider Governments talented under open honest to goodness cycles. While the
vital impression of the verbalization might be proposed as "ordinary freedoms", the second is
portrayed in like manner as "key opportunities law".

While the beginning of "standard freedoms" lies in the chance of the ensured individual, as
passed on in the proportion of the world's goliath religions and wonderful viewpoint, "head
openings law" is a later unprecedented occasion that is distinctly connected with the move of the
liberal vote based State. In such States, majoritarianism legitimizes supporting and the clearly
bureaucratized working of the pioneer. Regardless, greater parts every so often may have little
respect for "mathematical" minorities, as charged violators, semantic or authentic gatherings,

8
Ibid
non-nationals, close by fulfilling classes and the socially upbraided. It as such becomes basic for
ensure the presence and benefits of mathematical minorities, the powerless and the delicate.

This is finished by presenting to the standards controlling society as an unavoidably settled in

and justiciable bill of rights containing head standard opportunities for all. Through this bill of
rights, "customary freedoms law" is made, becoming fundamental for the general system of laws
and better than standard law and chief new development.
A few pieces of the undeniable foundation of ordinary freedoms law at the all through the planet,
neighbour hood and sub regional levels are followed. The part falls on the new, rather than the
more distant, past. As an issue of, a couple of insights are made about the "three ages" of head
openings law.

1.4 STATEMENT OF PROBLEM

Even with the implementation of legal and other measures, privacy abuses persist. Many
countries' regulations have lagged behind technological improvements, resulting in significant
protection gaps9. Other countries have provided significant exemptions to law enforcement and
intelligence agencies. Finally, in the absence of adequate inspection and enforcement, the mere
existence of a law may not provide adequate protection. Even in the most democratic countries,
there are rampant violations of communications eavesdropping laws.

According to the US State Department's yearly report on human rights violations, over 90
countries illegally monitor the communications of political opponents, journalists, human rights
workers, and labour activists. In 1996, a government inquiry in France found that private
businesses had conducted over 100,000 wiretaps, many on behalf of government officials. In
Japan, police were recently fined 2.5 million yen for illegally listening in on Communist Party
members. It is now widely accepted that the power, capacity, and speed of information
technology are quickly growing. As a result, the breadth of privacy invasion - or the risk of
privacy invasion - expands.

1.5 OBJECTIVE OF THE STUDY

9
Goyal Gaurav and Ravinder Kumar, The Right to Privacy in India: Concept and Evolution, 89 (Partridge, New
Delhi, 2016)
The privacy issue in the twenty-first century was triggered by the need for data privacy
legislation and civil rights of privacy for all individuals, regardless of sexual orientation. Privacy
is an important component of life and liberty, and it is one of the fundamental rights guaranteed
by the Constitution. It exists in everyone, regardless of social class, socioeconomic situation,
gender, or sexual orientation.

It is essential for the growth of a person's personality, integrity, and dignity. However, because
privacy is not an absolute right, any breach of this treasured privilege must be justified by
legality, proportionality, and necessity The study's main goal is to assess the substantial threat
that information technology poses to privacy of an individual's right, as well as the effectiveness
of the current legal framework for dealing with it.

● To critically analyze the existing privacy laws in India as a basic human right and bring out the
loopholes in the existing laws governing the privacy rights in India.

● To compare the law of privacy in India with the developed countries like US and UK and look
into contradictory judicial approach relating to privacy10.

● To identify the lacuna if any, in the law of Privacy in India and to find the need for evaluation
of new standards governing privacy rights in India.

● To suggest changes required to be undertaken by the parliament in the law of privacy in India
in the era of technological invasions of privacy rights of the citizenry

1.6 SIGNIFICANCE OF THE STUDY

Although modern telecommunications technology such as computers, the Internet, and wireless
communications provide enormous convenience and productivity benefits, they also present a
slew of problems and legal challenges. These concerns and issues give system managers
additional obligations, law enforcement new tasks, and individuals new questions. Privacy is one
of the most important legal issues.

On loan applications, medical, dental, and insurance paperwork, and two friends, clergy, and
counselors, most everyone readily discloses highly specific private information about

10
Robertson, A.H., Privacy and Human Rights,100 (Manchester Univ. Press 1st edn 1973)
themselves. They do, however, expect control over what and how the information is collected,
how and what purpose it is used, to whom the information is revealed or shared, how long the
information is kept, what information is retained in files, and the security of the information
while it is stored in order to prevent data theft in the system.

In short, everyone is prepared to give private information under certain situations, but they do
not want it to be broadly publicized without their consent. People want their communications to
be as secure as those in a sealed envelope, whether they are sent via phone, email, the Internet, or
other means

1.7 RESEARCH LIMITATION

However, with computerized databases, technology now allows individuals to collect, organize,
and store huge amounts of personal data in databases over which they have little or no control for
the first time in history. Information may now be accessed, analyzed, and moved across the
county or around the world at never-before-seen speeds because to modem telecommunications
networks.

People's personal information, which they once thought was private and confidential, is now
being accumulated and used without their knowledge or consent. Customers and system
suppliers are equally affected by these difficulties11.

In order to defend the Right to Privacy in the Information Technology Era, an objective
examination of national and international laws and policies is required to determine if they are
effective in protecting the Right to Privacy. The current study will be extremely valuable to
legislators and administrators since it aims to strengthen the legal system for preventing the
exploitation of technology to infringe on people's right to privacy

1.8 LITERATURE REVIEWS

It is true that no research can be done without the use of books and articles. One of the basics of
the research is to view the existing literature on the subject. It will provide clarity of concepts

11
Bloustein, E. J., Privacy as an aspect of human dignity, 100(New Era Law Publication, Haryana, 4th edition 2011)
and understanding of different aspects of the research work and also helps avoid repetition. A
number of articles, websites, and lectures have been over viewed. Here is the list given under:

1.9 RESEARCH METHODOLOGY

The study's methodology is purely doctrinal in nature. The data was gathered from a variety of
sources, including books, journals, periodicals, international papers, treaties and conventions,
and so on. Materials from many sources were evaluated and used to acquire the most up-to-date
knowledge in studying the scenario. Secondary data from a variety of sources has been used to
back up some of the conclusions and findings.

Jim Bronskill and David Mckie Your Right to Privacy Minimize Your Digital Footprint
written by It talks about hacking, snooping, data mining in the current digital era. It highlights
the actions that need to be taken in order to keep important personal information from the reach
of new technologies. It also discusses as to how digital footprints can be minimized in order to
protect one’s own vital information from being misused.

The Right to privacy by Richard A. Glenn is a book published in the year 2003 it gives a-z
background covering important laws and concepts related to privacy. The book takes the readers
through the landmark cases, historic findings and controversies pertaining to the right to privacy
and also the influence of “War on terrorism” on the growing concerns on right to privacy. It also
discussed the common law heritage and evolution of privacy rights from a tort law to a
Constitutional right12.

Privacy Law – Principles, Injunctions and Compensation by Rishika Taneja and Sidhant
Kumar is a book published in the year 2014 containing the laws and the remedies available to a
person when rights are violated by the State including the government and by individual which
includes media houses, news channels, etc. This book also explains the implication of
International Privacy Principles on the privacy law of India and its importance with relation to
search and seizure, telephone tapping, online interception, etc. along with Indian and foreign
case laws.

12
Bratman, B., The Right to Privacy and the Birth of the Right to Privacy,78 ((Manakin Press New Delhi 1st edn
2017)
International Libel & Privacy Handbook by Bloomberg edited by Charles J. Glasser Jr. is a
book published in the year 2013. It gives a brief idea to journalist about laws related to media
and explains the risk publishers should acknowledge before publishing anything. It also
addresses the new emerging media markets around the globe such as Malaysia, Singapore and
the Middle East. It clearly explains the risks that a publisher would face and the defences
available to the publishers along with the claim process.

Right to Privacy under Indian Law by Kiran Deshta is a book published in the year 2011.41 The
book specifies that privacy is a dynamic concept and that the concept of privacy in India is a
combination of constitutional law and common law along with customary practices which can be
seen in various legal fields. It deals with the legal framework in the Indian scenario. It talks
about how Article 21 has miraculously safeguarded privacy by attaching it as an essential
element of personal liberty. It also talks about how certain customary and constitutional
provisions related to privacy cannot be protected without a strong statutory provision

“The Right to Privacy in the Light of Media Convergence – Perspectives from Three Continents
by Dieter Dorr and Russell L. Weaver is a book published in the year 2012”. 42 It discussed
the cultural and communal changes that endanger right to privacy and its violation at the hands
on not just the State but also private actors. The book specifically deals with the concept of
privacy in Europe, Australia and USA

The Right to Privacy in India- Concept & Evolution by Ravinder Kumar and Gaurav Goyal
is published in the year 2016 by Partridge Publishing India. It examines how the laws differ in
India from that of the west countries and how politicians have failed to address such a major
issue in our country.

They also examine the subjectivity of one’s privacy and its dependence on one’s culture,
environmental and economic conditions. They have classified enjoyment of privacy amongst
certain classes than that of others. They have highlighted changing of technology as an approach
to privacy. They have also mentioned with regard to how people compel themselves to put their
nose into the personal space of others13

13
Glenn, R. A, The right to privacy: rights and liberties under the law,65 (Regal Publications, New Delhi 2nd edn
2017)
 The Right to Privacy by Samuel Warren and Louis Brandeis is an article published in
Harvard Law Review in 1890. It was among the few articles in the USA that advocated privacy
rights as a concept of one being ‘let alone’ and was one of the most influential articles to be
published in America. It is a brief article with just 7222 words excluding citations. Right to
privacy is discussed in this article as originally a common law which later got recognised as a
civil law and how it has evolved over the years.

The Right to Privacy in the Light of Media Convergence – Perspectives from Three Continents
by Dieter Dorr and Russell L. Weaver is a book published in the year 2012.46 It discussed the
cultural and communal changes as a threat to right to privacy and its violation at the hands on not
just the State but also private actors. The book specifically deals with the concept of privacy in
Europe, Australia and USA14.

The Right to Privacy by David L. Hudson is a book published in the year 2009 by Chelsea
House Publishers. It examines the evolution of Right to Privacy. This book specifies the law
which is created more than 80 years ago by US Supreme Court. It includes the idea of controlling
one’s personal information, protection from law enforcement and freedom from someone else’s
eyesight into personal spheres.

1.10 RESEARCH QUESTION

Q1 Whether right to privacy assumes more significance in the context of technological

expansion?

Q2 What is the comprehensive and workable approach to the law of privacy?

Q3 Whether the law of privacy in India is better placed than the law of privacy in USA and UK?

14
Kacedan, B. W., The Right of Privacy, 65 (Kamal Law House, New Delhi.3rd edn 2012)
 CHAPTER 2

BASIC CONCEPT OF PRIVACY

2.1 INTRODUCTION

Privacy is a state of affairs where information regarding individual’s life and conditions that are
private in nature is beyond the reach and knowledge of others 15. In the current technological
milieu where one can access the personal details and information regarding individual’s diverse
affairs, all what privacy means is that people want to have a control over what information needs
to be there in the public domain. Privacy ordains that the individual is at liberty to avoid
unsanctioned intrusions in his life and personal affairs and pre-supposes that the individual will
have unqualified control over the information pertaining to him. Privacy is an interest of the
human personality. It protects the inviolate personality, the individual’s independence, dignity
and integrity . The reason behind protecting one’s privacy are varied. Some people want to
maintain anonymity, some others want to conceal facts about themselves that are embarrassing,
discreditable or which may put them under some risk to their life and property, whereas a few
may like to have peace and solitude.

Thus, one can safely argue that basically there are three elements in privacy: secrecy, anonymity
and solitude. It is a state which can be lost, whether through the choice of the person in that state
or through the action of another person. The Discourse on privacy interests and the
corresponding legal rights have seen drastic changes from one technological era to another.
Privacy intrusions, in the old legal order, when there was no telecom, communication and
computational technologies available were primarily treated as trespassing, assault, or
eavesdropping Privacy in those days had not attained the intensity and magnitude as it has
achieved in today’s modern world where we have telephone wiretaps and microphones for
overhearing, digital photography and spy cams for undercover and intelligence operations,
computers, mass storage devices and database software for storing, collating and circulating
personal and financial information. With these inventions no one can be rest assured that his
personal information shall remain within the confines of his home or personal archives. New

15
Gross, H., Concept of privacy, 78 (Eastern Law House, New Delhi 2nd edn 2015)
technologies have made it possible to clandestinely transmit and broadcast information
pertaining to individual without his knowledge16. Organized collection, collation and storage of
an individual’s private and personal information on databases, has made it possible to invade
people’s privacy. The data storage and surveillance potential of computer systems has given a
new direction to the discourse on privacy rights. The question could no longer be whether the
information could be obtained, but rather whether it should be obtained and, where it has been
obtained, how it should be used. Technological inventions such as data matching, profiling, data
mining, smart cards, cookies and spam have created an increased threat to the privacy of persons.

2.1 CONCEPT OF PRIVACY

Privacy is a valuable aspect of personality. Sociologists and psychologists agree that a person has
a fundamental need for privacy. A person’s right to privacy entails that such a person should
have control over his or her personal information and should be able to conduct his or her
personal affairs relatively free from unwanted intrusions . Privacy is also at the core of our
democratic values. An individual has an interest in the protection of his or her privacy as
preserving privacy encourages dignity, self-determination, individual autonomy and ultimately
promotes a more robust and participatory citizenry. Among all the human rights in the
international catalogue, privacy is perhaps the most difficult to define . Despite attempts of
jurists, scholars and theorists to define privacy, there remains confusion over the true meaning
and scope of privacy. One of the problems is that, the very breadth of the idea, and its tendency,
produces a lack of definition which weakens its force in the political discourse5 . Despite the
difficulties to ring fence the concept of privacy, Privacy International6 has suggested that privacy
can be said to comprise four separate nonetheless related aspects:

1. Information privacy, which involves the establishment of rules governing the Concept of
Privacy collection and handling of personal data such as credit information, and medical and g
overnment records. It is also known as “data protection

2. Bodily privacy, which concerns the protection of people’s physical selves against invasive
procedures such as genetic tests, drug testing and cavity searches
16
Rengel, Alexandra, Privacy as an International Human Right and the Right to Obscurity in Cyberspace,89
(LexisNexis, publication Gurgaon 5th edn 2018)
3. Privacy of communications, which covers the security and privacy of mail, telephones, e-mail
and other forms of communication17

4. Territorial privacy, which concerns the setting of limits on intrusion into the domestic and
other environments such as the workplace or public space. This includes searches, video
surveillance and identity checks.

2.3 PRIVACY HISTORICAL AND CULTURAL PERSPECTIVES

Though the interest in the right to privacy increased worldwide in the 1960s and 1970s with the
advent of information technology, the concept of right to privacy has historical, cultural and
religious connotations which reinforce the view that privacy is extensively valued and preserved
in various cultures. Psychological and anthropological evidence suggest that every society, even
the most primitive, adopts mechanisms and structures that allow individuals to resist
encroachment from other individuals or groups

Historical origins of concept of privacy can be traced in the well known philosophical
discussions, most notably Aristotle’s distinction between the public sphere of political activity
and the private sphere associated with family and domestic life Lord Denning has articulated the
need of recognizing the ‘right to privacy’ as, “English law should recognize a right to privacy.
Any infringement of it should give a cause of action for damages or an injunction as the case
may require. It should also recognize a right to confidence for all correspondence and
communications which expressly or impliedly are given in confidence. None of these rights is
absolute. Each one of them is subject to exceptions.

Therefore exceptions are to be allowed whenever the public interest in openness outweighs the
public interest in privacy or confidentiality. In every instance it is a balancing exercise for the
courts. As each case is decided, it will form a precedent for others. So a body of case law will be
established

2.4 MODERN PRINCIPLES OF PRIVACY LAW

17
Anderson, Scot, A. "Privacy Without the Right to Privacy, 89 (Eastern Book Company, New Delhi 2nd edn 2011)
However, the impact of Warren and Brandeis’ article was not the sole basis for the development
of a legally protected right to privacy in the U.S. In 1960, a renowned tort scholar William
Prosser surveyed over 300 privacy cases which came after the Warren and Brandeis article.
Thus, Prosser codified the principles of privacy law in his article24 which also found a place in
the Second Restatement of Torts at pages 652A-652I (1977).

The four categories of privacy rights having a tortious remedy, as enumerated by Prosser, are:

1. Unreasonable intrusion upon the seclusion or solitude of another

● Instances of physical intrusion in a person’s home, namely, undesirable entry, peeping into the
house, through windows with binoculars or camera, telephone tapping, obtrusive telephone calls,
scanning and collating financial and personal data without person’s consent and information.

2. Appropriation of a person’s name or likeness for advantage of other

● Unlawful use of a person’s name or likeness for advertising and soliciting clients/consumers
on a product label which injures the personal feelings of the person

3. Public disclosure of embarrassing private facts

● Financial position, sexual orientation, personal correspondences, family feuds, medical history,
person’s private photographs clicked at his/her home.

4. Publicity placing one in a false light in the public eye

● Instances of putting information in public domain to create a false impression about the person.

2.5 CONCEPT OF PRIVACY IN CERTAIN COUNTRIES

Even if all you are doing is collecting email addresses for your newsletter, you may get required
in many countries to inform your audience of the facts and policies that pertain to your site 18. If
you don't follow data privacy regulations, you could end up with huge fines or legal action from

18
Chetan Nagendra, Privacy and the Concept of Data Protection in India, 65 (Kips Publishing World, New Delhi 3rd
2015)
website visitors. What is data privacy, and how will it affect your customers both domestically
and internationally Let's take a look.

2.5.1 The United States

In short, data privacy is a branch of security connected with the handling of data. It deals with
how you store and collect data, as well as how information gets shared with third parties. Data
privacy policies may require you to disclose how you will use the information before people
share it with you. In the United States, the Federal Trade Commission regulates privacy laws.
The Federal Government, however, leaves the details up to each state.

The data privacy bill in California, for example, requires businesses to disclose what information
they collect, what business purposes they collect it for, and which third parties they share it with.
Businesses must comply with official consumer requests to delete the data. Data is an important
aspect of any organization. Loss of information can lead to direct losses in the form of sales,
fines, or monetary judgments. Privacy laws in your area are therefore of utmost importance. 

2.5.2 The United Kingdom

Data privacy in the UK gets regulated by the Information Commissioner's Office. The law
requires transparency about why you are collecting personal data and how you plan to use it.
If you use browser cookies, you need to clearly explain how you will use them. The law requires
the informed consent of your users. UK policies focus on data protection fees, data offenses, the
protection of children, and law enforcement.

2.5.3 The European Union

The General Data Protection Regulation became enforceable in 2019 in all countries in the
European Union. These include Belgium, German, France, and Italy. The GDPR protects
citizens of the EU from unlawful data collection 19. It increases consent requirements. Businesses
who collect data are required to supply users with privacy policies that are easy to understand. It
imposes punishments on any who violate its requirements. Personally identifying information,
19
D. S. Chauhan, Data Surveillance, Privacy and Public Administrators,96 Asia Publishing House, New Delhi 5th
edn 1965)
such as names, emails, passport information, and bank details get regulated by GDPR. Sensitive
personal data, such as health, political, ethnic, and religious information, also gets protected.

Under the GDPR, individuals are required to give informed consent about how their data gets
processed. Companies need to implement click wrap methods that utilize checkboxes and clearly
labeled buttons. If you use cookies, you will probably need customer consent. Companies get
required to report data breaches within seventy-two hours, including the nature of the breach,
consequences, and proposed measures taken. Data protection assessments are required when data
processing poses a threat to the rights and freedoms of a person. This may happen when a
company possesses a lot of specialized personal data, or when they use new technology

2.5.4 Brazil
Brazil is one example of a country that was inspired by the GDPR in the European Union. Its
new General Data Privacy Law, which took effect in 2018, is nearly identical in terms of its
scope, applicability, and penalties for noncompliance. 

2.5.5 Australia
Australia's Privacy Principals (APP) is a collection of thirteen principals related to the handling
of personal information. The law details how and why you may collect personal information, as
well as how individuals can access that information. In order to avoid complaints, the APP
requires businesses to have a clear and accurate privacy policy that includes all requirements laid
out by the APP. Larger organizations must disclose data breaches within thirty days.

2.5.6 Canada
Canada’s Personal Information Protection and Electronic Data Act governs how you collect,
store, and use information about users online. Privacy policies must get made readily available to
customers.

2.5.7 China
The Standardization Administration of China unveiled the final version of its privacy bill in
2018. It contains provisions related to transparency and personal rights over data and consent.
The law is similar to the GDPR. It contains guidance on user consent, data protection, data
access, and obligations for disclosure20. 

2.5.8 Japan
In Japan, the Personal Information Protection Act protects the rights of individuals when it
comes to their personal data. The definition of personal data in Japan is very broad, and it even
applies to information found in public directories. In order to share personal information with a
third party in Japan, you must obtain third-party consent. The law also contains provisions for
third-party transfers, record-keeping, anonymity, and breaches. Japan has created a "white list" o
f EU countries that use sufficient caution when handling personal information.

2.5.9 India
In India, The Information Technology Act requires every company to have a privacy policy on
its website. The privacy policy is required to describe what data you collect, the purpose of the
data, any third parties it could get disclosed to, and what security practices are used to protect the
data.
There is some private information that cannot get collected without the consent of the user. This
may include passwords or financial information.

2.6 LEGAL REGIMES FOR PROTECTING PRIVACY

History of modern day statutory and legislative framework protecting privacy can be traced as
far back as 1361, where the Justices of the Peace Act in England provided for the arrest of
peeping toms and eavesdroppers21. Various countries developed specific protections for privacy
in the centuries that followed. In 1776, the Swedish Parliament enacted the Access to Public
Records Act that required that all government-held information be used for legitimate purposes.
France prohibited the publication of private facts and set stiff fines for violators in 1858. The
20
Ibid
21
Dhrwasmitha Goswami, "Right to Privacy,99 (Anmol Publication, New Delhi 3rd edn 2017)
Norwegian Criminal Code prohibited the publication of information relating to “personal or
domestic affairs” in 1889

Modern privacy jurisprudence developed during the latter half of the 1960’s which saw The
Concept of Privacy a flurry of legislative activities across the globe stimulated by exponential
growth in the area of computational technologies and other forms of telecom and information s
ystem automation, such as audio-video devices, and telecommunications. Many countries saw
the emergence of new information technologies systems as a challenge which the existing legal
regime were incapable to redress. Thus, in the decade of 1970’s, many western nations
proactively enacted legislations and provided privacy protocols to protect privacy rights. In 1973,
the United States Department of Health Education and Welfare (HEW) issued a report, Records,
Computers, and the Rights of Citizens, which analysed these problems in depth and
recommended the passage of a code of Fair Information Practices.

The Fair Information Practices “played a significant role in framing privacy laws in the United
States and influenced privacy law around the world. Legislation in Europe began even earlier,
with the West German Land of Hesse passing the very first Data Protection Act in 1970, and
Sweden’s Data Act of 1973 being the first comprehensive legislation at national level. In the
United Kingdom, Private Members’ Bills were introduced in the late 1960’s. Since the early
1970’s, most of the advanced western nations have legislated. In addition, many of the states of
the U.S.A., provinces of Canada and West Germany have also passed privacy laws. Some of
these apply to all personal data systems, while others are restricted, e.g. to the public sector, or to
automated or computerized systems.

In an endeavour to achieve some amount of consistency in the highly varied approaches, the
European Economic Community adopted a Convention in 1980 (EEC 1980). The United
Kingdom ignored the recommendations but finally responded to commercial pressure to ensure
that British companies were not disadvantaged against their European competitors, and finally in
1984 passed the Data Protection Act. A detailed discussion on the international legal framework
for protecting privacy has been provided in Unit 3 of Block 1 of this course material22.

22
Faizan Mustafa, "Emerging Jurisprudence of Right to Privacy in the Age of Internet,100(LexisNexis, publication
Gurgaon 5th edn 2017)
2.7 PRIVACY AS A LEGAL RIGHT

I n the earlier times, legal remedies were only available for physical interference with life and
property, however, with the passage of time and change societal behavior and norms gave the
recognition to the individual’s right to keep his feelings, emotions and intellect private. Changes
in the legal framework are necessitated because of the transformation in culture mores,
commercial practices, and technologies of the time. Most of the laws which still govern the
commercial transactions, data privacy, and intellectual property were developed for a time when
telegraphs, typewriters, and mimeographs were the commonly used office technologies and
business was conducted with paper documents sent by mail.

Technologies and business practices have dramatically changed, but the law has not been able to
match pace with the advancement in technologies. Computers, electronic networks, and
information systems are now used to routinely process, store, and transmit digital data in most
commercial fields. Electronic commerce, trans border data flow, and digital databases have
necessitated a change in the legal order governing the modern day’s communication and
information technologies.

Privacy as a justiciable, legally redressable right claimed much wider recognition with the wide-
spread intrusion in individual’s privacy invariably involving new telecom, surveillance, data s
torage software and technologies. Prior to such technological advancement, private affairs and
personal data were confined to the realm of private houses, offices or paper thereby making it
difficult for the intruders to collect, collate and exploit such information harming the individual.
Countries around the world have enacted different legal models for legal protection of privacy in
the new technological milieu23. While some countries have comprehensive general law
governing the collection, use and dissemination of personal information by both the public and
private sectors, other countries such as the United States, have avoided enacting general data
protection rules in favour of specific sectoral laws governing, for example, video rental records
and financial privacy.

23
Govind Mishra, "Privacy : A Fundamental Right under the Indian Constitution,63 (M D Publications New Delhi
1st edn 2009)
A detailed discourse on the national (India) and international legal framework has been provided
in Unit 2 and Unit 3, respectively of Block 1 of this course material. Further, in a number of
countries, corporates and industries have established their own self regulating codes, security and
privacy patrolling policies protecting data privacy. A detailed discussion on the subject is
attempted in Unit 4 of Block 3 of this course material.

2.8 DATA PROTECTION REGIME IN INDIA

Due to the mechanical inefficiency of the provisions of Information Technology Act, 20001 , the
government authorities were compelled to ponder the rising concerns of privacy of individual
data, which is now considered a matter of national security. The Indian government's endeavor to
regulate the collection and use of personal data dates back to 2012 when the committee led by
Justice A.P. Shah released its report on privacy.

To fully comprehend the privacy concerns and to come up with a viable Bill to address all these
issues, the Government of India formulated a data protection committee under Justice B.N.
Srikrishna. The committee filed its report, commonly known as the Srikrishna Committee
Report2 on July 28, 2018. Thereafter, the draft Personal Data Protection Bill, 20183 was tabled
in the parliament. Afterwards, a revised Personal Data Protection Bill, 2019 hereinafter referred
to as PDP Bill, 2019 was introduced by the Ministry of Electronics and Information Technology
in the seventeenth Lok Sabha on December 11, 2019. The committee was constituted by the
Ministry of Electronics & Information Technology, Government of India.

The Bill in August 2022 was withdrawn as there were many amendments suggested in the bill.
Under the vision of our Hon'ble Prime Minister Shri Narendra Modi, India is moving speedily on
the road of digitization, and therefore an efficient data protection law has become an essential.
The Bill was broadly based on the framework of the General Data Protection Regulation
(hereinafter referred to as GDPR) 4 of the European Union and on the principles of the landmark
judgment, of the Hon'ble Supreme Court of India in Justice24

24
Ibid
K.S. Puttaswamy (Md.) & Anr. vs. Union of India & Ors. 5 Bill if made effective would come in
supersession of section 43A of the Information Technology Act, 2000 (the ―IT Act‖) and the
Information Technology (Reasonable Security Practices and Personal Data or Information)
Rules, 2017 (―IT Rules‖)6 which was enacted under section 43A of the IT Act7 . After making
some amendments to the 2018 Bill, the Union Cabinet save the nod for the pending the 2019 Bill
which had been referred by the parliament to a joint select committee' for review. The Bill had
widened the definition of personal data which included any data through which a natural person
could be identified directly or indirectly. Furthermore, the Bill enumerated that every data
fiduciaries8 (any person, including the state, a company, any juristic entity or any individual who
alone or in conjunction with others determines the purpose and means of processing of personal
data) will be required to store one serving copy of the personal data on a server or data center t
hat is located within the territory of India.

According to the Bill, the directors or the officer- in-charge of the company shall be held liable
for conduct of business of the company at the time of commission of any offence under the Bill.
The data fiduciaries will also be under an obligation to conduct periodic reviews of the personal
data stored-with the so that these are not retained, beyond the time period necessary for the
processing of the data.

The Bill established an independent body called the Data Protection Authority of India9 which
shall possess all characteristics of a body corporate and shall consist of a chairperson and six
whole time members.

2.9 PURPOSE OF THE PERSONAL DATA PROTECTION BILL, 2019

Through this Bill, the regulation of the processing of personal data of individuals by government
and private companies incorporated in India and abroad was sought25. It had allowed, processing,
only in case of consent or medical emergency. Exceptions to this were processing in interest of
national or for lawful purpose like legal proceedings. It mandated a copy of ―Personal data‖ be
stored within the territory of India and critical personal data within Indian limits only. ―Section
14(2)(h) of the ―Personal Data Protection Bill, 2019 also included the operation of search
25
H. R. Khanna, Intercepting Letters : Invasion of Right to Privacy,69 (LexisNexis, publication Gurgaon 1st
edn2016)
engines as a possible reasonable purpose to process personal data without obtaining consent from
the data subject. What is the difference between Personal data and Sensitive Personal Data

2.9.1 Personal Data

This data pertains to a natural person who is identifiable directly or indirectly by any
characteristic, trait, attribute, or any aspect of identity or combination of traits. Section 3(28) of
the 2019 Bill expanded the definition of personal data10 to include a reference to online or
offline characteristics, traits, attributes or any other feature of the identity of a natural person, as
well as any inference drawn from such data for the purpose of profiling.

2.9.3 Sensitive Personal Data

This data related to personal data revealing, or relating to or constituting the following: ―(i)
financial data; (ii) health data; (iii) official identifier; (iv) sex life; (v) sexual orientation; (vi)
biometric data; (vii) genetic data; (viii) transgender status; (ix) intersex status, (x) caste or tribe;
(xi) religious or political belief or affiliation and (xii) any other data categorized as sensitive
personal data under Section 15 of the proposed bill‖.