RIGHT TO PRIVACY OVER INTERNET: GOVERNMENT,CHILDREN AND POLICY OF INDIA
WHAT IS IT ALL ABOUT?
Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via the Internet. … In fact, it has been suggested that the “appeal of online services is to broadcast personal information on purpose.
Used by government agencies are array of technologies designed to track and gather internet users’ information are the topic of much debate between privacy advocates, civil liberties advocates and those who believe such measures are necessary for law enforcement to keep pace with rapidly changing communications technology.
CHILDREN AND INTERNET PRIVACY
Internet privacy is a growing concern with children and the content they are able to view. Aside from that, many concerns for the privacy of email, the vulnerability of internet users to have their internet usage tracked, and the collection of personal information also exist. These concerns have begun to bring the issues of internet privacy before the courts and judges.
INDIA’S TAKE ON IT
In India, the Constitution accords the right to privacy of every individual, and internet privacy is protected by the Information Technology Act, 2000. This paper analyses laws relating to the right to privacy on the internet.
The Constitution of India encompasses Right to Privacy under Article 21, which is a requisite of right to life and personal liberty. Stressing on the term ‘privacy’, it is a dynamic concept which was needed to be elucidated. The scope of Article 21 is multi-dimensional under the Indian Constitution.
CURRENT POLICY FOR INTERNET PRIVACY IN INDIA
Currently, India’s most comprehensive legal provisions that talk to privacy on the web are often found within the Information Technology Act (ITA) 2000. The ITA contains variety of provisions that may, in some cases, safeguard online privacy, or in other cases, dilute online privacy. Provisions that clearly protect user privacy include: penalizing pornography, penalizing, hacking and fraud and defining data protection standards for body corporate.
Provisions that serve to dilute user privacy speak to access by enforcement to user’s personal information stored by body corporate collection and monitoring of internet traffic data and real time monitoring, interception, and decryption of online communications. Additionally, legislative gaps within the ITA serve to weaken the privacy of online users. as an example, the ITA doesn’t address questions and circumstances just like the evidentiary status of social media content in India, merging and sharing of information across databases, whether individuals can transmit images of their own “private areas” across the web, if users have the proper to be notified of the presence of cookies and do-not track options, the utilization of electronic personal identifiers across data bases, and if individuals have the proper to request service providers to require down and delete their personal content.
ONLINE PRIVACY IN INDIA
The main piece of legislation in India dealing with the world of cyberspace is the Information Technology Act, 2000 (hereinafter, IT Act, 2000) which lays down the penalties for various cyber-crimes and other offences concerning technology committed via digital or electronic media. This Act was not passed for the purpose of protecting individuals’ data but is in fact a generic legislation covering a broad range of technology related issues like digital signature, e–governance, cyber contraventions, cyber offences, confidentiality and privacy. The issue of online privacy has been summarily addressed in the IT Act, 2000 and further elaborated on in the Information Technology (Amendment Act, 2008) and the Data Privacy Rules, 2011 which safeguard personal and sensitive data.
Position under the Information Technology Act, 2000
The following provisions of the IT Act, 2000 address the issue of privacy in cyberspace:
1. Breach of confidentiality and privacy (Section 72)
Section 72 of the IT Act, 2000 entails penalty for breach of confidentiality and privacy and is vital for safeguarding internet privacy. It provides imprisonment of a maximum of two years, or with fine upto one lakh rupees, or with both that if any person in pursuance of the powers conferred under the Act secures access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned and discloses such electronic record etc. to any other person. This section imposes criminal liability ie imprisonment upto 2 years or fine upto one lakh rupees for an individual breaching the privacy or confidentiality of another individual.
This Section of the IT Act, 2000 is rather narrow in its scope as it specifically states “person who in pursuance of any of the powers conferred under this Act…” while the infringement need not be committed by a person authorised by law. This means that any user of the internet is allowed to make an infringement for which there exists no legal remedy. For instance six million passwords of LinkedIn users were released by hackers on the internet via a Russian web forum. This can definitely be classified as a breach of privacy without the consent of the person but the hacker would not be liable under Section 72 of the IT Act, 2000 since this particular Section covers only those individuals with whom powers have been have been vested by this Act.
2. Disclosure of information in breach of lawful contract (Section 72A)
This Section was added as a measure to further strengthen data privacy laws by the IT (Amendment) Act, 2008. It lays down punishment for disclosing information in breach of a lawful contract. This section prevents any person from disclosing personal information obtained from a user without the consent of that particular user and is thus an additional safeguard of online privacy.
3. Cyber Voyeurism (Section 66 E)
Section 66 E is a Section added by the IT (Amendment) Act, 2008 is another provision with the intention to protect online privacy and provide punishment for a violation of said privacy. As the title suggests, this section is a safeguard against cyber voyeurism which results in a breach of privacy. It provides a punishment of upto 3 years or fine of upto two lakh rupees in case of any intentional capturing, publishing or transmitting the image of a private area of any person without his or her consent. Privacy as used in this section has been understood in the physical sense without any regard being given to personal information. Voyeurism not only infringes the privacy of the person but also is a serious violation of human dignity.
4. Failure to protect data (Section 43A)
Section 43A provides that a corporate body must adequately compensate the injured parties for its failure to protect their private data. A corporate body, possessing, dealing or handling any sensitive personal data through a computer resource who is negligent in the maintenance of reasonable security practices and thus causes wrongful loss or wrongful gain to any person, it is held by law to be liable to pay compensation to the individuals affected. The provision is quite wide in its ambit and the corporation is made liable for mere possession of personal data if the manner in which this data or information is handled is not up to the standards expected from a reasonable person. This section specifically deals with only sensitive personal data but at the same time does not lay down criteria for differentiating sensitive personal data from the rest.
5. Online Privacy and National Security (Section 69)
The right to privacy and confidentiality has to be balanced with the need to safeguard national security. No right is ever absolute, i.e. every right has certain limitations and restrictions placed upon it by law. Not even the right to life contained in the Constitution of India is exempt from this rule. Due to the volatile nature of the global scenario, the primary duty of the State is to protect national interests and as a result the protection and enforcement of all other rights become secondary. Section 69 provides for online surveillance by the Central and State Governments by means of intercepting, monitoring and decrypting any manner of electronic communication. This Section was amended in 2008 and was consequently given a wider scope. Another change which has been brought is that it mandates procedural safeguards to be adhered to so as to avoid arbitrariness. Also, reasons must be recorded in writing before exercising the powers under the section. Communication over the internet is a means of utilizing the freedom of speech and expression we possess and hence unless absolutely necessary or in extenuating circumstances, this Section cannot be applied by the Central and State Governments. On a multitude of occasions, the Supreme Court stated that individual privacy can be compromised to further national and public interests.
The Government has been given vast amounts of power when it comes to surveillance. But these powers are exercised with the utmost caution as there is much scope for its misuse for politically motivated reasons.
The intention behind Section 69 is more of a public policy measure and should thus be limited to only that purpose. The defining argument justifying the government’s power of surveillance is that if investigations of crimes committed in the physical world can invade the privacy of citizens’ lives when necessary, then the same principle should be applicable when it comes to online resources too. The constitutionality of this section has been contended repeatedly. It is yet to be seen whether it is challenged in the courts but since there is a system of checks and balances in place to regulate the interception of communications, it is rather unlikely that this Section will be struck down as unconstitutional. A similar line of reasoning was used when the Supreme Court upheld the constitutional validity of MCOCA, 1999 as there were sufficient procedural mechanisms in place so as to prevent it from being misused.
There are an oversized number of cases where Indian Courts have recognised the proper to privacy as a fundamental right. Below may be a list of landmark cases that have elaborated on the proper to privacy together with short points on what the Court has held in those cases:
• Kharak Singh v. The State of U.P. (1962) : during this case before the Supreme Court, a minority opinion recognised the proper to privacy as a fundamental right. The minority judges located the proper to privacy under both the proper to private liberty furthermore as freedom of movement.
• Govind v. State of M.P. (1975) : The Supreme Court confirmed that the proper to privacy may be a fundamental right. It derived the proper to privacy from both the proper to life and private liberty furthermore as freedom of speech and movement. the proper to privacy was said to encompass and protect the private intimacies of the house, the family marriage, motherhood, procreation and child rearing. However, the proper to privacy is subject to “compelling state interest
• R. Rajagopal v. Union of India (1994) : It absolutely was determined by the Supreme Court that the proper to privacy may be a a part of the proper to private liberty guaranteed under the constitution. It recognized that the proper to privacy is both a tort (actionable claim) furthermore as a fundamental right. A citizen includes a right to safeguard the privacy of his or her circle of relatives, marriage, procreation, motherhood, child-bearing and education among other matters and no-one can publish anything regarding the identical unless (i) he or she consents or voluntarily thrusts himself into controversy, (ii) the publication is formed using material which is publically records (except for cases of rape, kidnapping and abduction), or (iii) he or she may be a employee and therefore the matter relates to his/her discharge of official duties.
• People’s Union for Civil Liberties v. Union of India (1996) : This case before the Supreme Court extended the proper to privacy to communications. In doing so, the Court laid down guidelines that form the backbone for the checks and balances in interception provisions in India such as:
o (i) Interception orders to be issued only by Home Secretaries at both the Central and State governments;
o (ii) Issues like the need of the knowledge and whether it is acquired by other means to be considered while making the choice to approve interception;
o (iii) The addresses and therefore the persons whose communication should be intercepted should be per the order, which suggests that the interception order can’t be generic; and
o (iv) Putting a cap of two months on the lifetime of an interception order.
• District Registrar and Collector, Hyderabad and another v. Canara Bank and another (2004) : This Supreme Court judgment refers to private liberty, freedom of expression and freedom of movement because the fundamental rights that make to the proper to privacy. The Court also held that the proper to privacy deals with persons and not places which an intrusion into privacy is also by (1) legislative provisions, (2) administrative/executive orders and (3) judicial orders.
• Petronet LNG LTD vs. Indian Petro Group and Another (2006) : during this case before the Delhi tribunal, it absolutely was established that corporations and firms cannot assert a fundamental right to privacy. Furthermore, the proper to privacy isn’t available against non-state individuals or actors.
Governments have been trying to control and monitor the activities occurring through this relatively new medium since the advent of the internet itself, and because of the absence of a clear definition of what is acceptable, many questions have been raised about the legality of government actions. Ensuring the safety and wellbeing of citizens is one of the primary responsibilities of the government but they must also respect the privacy of citizens unless they have just and probable cause. Although there are many well defined laws and precedents for how to handle invading a person’s life, the laws for monitoring private digital life are very much a grey and ambiguous field.