Internet Privacy in India: A socio-legal perspective

Rachiyta JainLaw

Everybody has their own way of defining “Privacy.” In simple words, “Privacy” is the right of an individual to make a personal decision regarding his personal matters secluded from public scrutiny. Often people confuse between the terms “privacy” and “security”. They are close cousins but different. With the advent of the Internet, a new term called “Internet Privacy” has come into the limelight. The use of the internet affects the privacy rights of an individual greatly. There is a huge amount of personal data about everyone on the internet and what we fail to realize is that we give away this data ourselves. Such internet privacy issues relating to personal data arise from insecure electronic transactions, data trails and logs of email messages, online banking and the tracking of web pages.

Internet Privacy Laws in India

There is no specific legislation on Internet Privacy and data protection in India. However, the Information Technology Act, 2000 contains specific provisions intended to protect electronic data (including non-electronic records or information that have been, are currently or are intended to be processed electronically).

  • Section 43 and Section 43A of the Act lay down provisions for damaging, stealing, illegally accessing, misusing etc. one’s data, computer/computer system etc.
  • Section 72 of the Act also discusses punishment for a person breaching confidentiality by sharing data without consent to which he has secured access.
  • Section 66E talks about an individual’s privacy and punishment for violating the same in any electronic form such as transmitting a photo of one’s private part without consent or anything which would violate his privacy.
  • Section 354 A to D, introduced by the Criminal Law Amendment Act, 2013, after the famous Nirbhaya rape case in December 2012 emphasized the privacy of females in India. India’s IT Ministry adopted the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules (Privacy Rules).

The Privacy Rules, which took effect in 2011, require corporate entities collecting, processing and storing personal data, including sensitive personal information to comply with certain procedures.

What can we do from here?

Technological advancements such as micro-cameras and video surveillance have had a profound effect on personal privacy. Everyone, be it an individual or an organisation has a right to protect and preserve their personal, sensitive and commercial data and information. India at the moment needs a dedicated law protecting the data and personal privacy of an individual. A national privacy policy is still missing in India. A right-to-privacy bill of India 2011 was suggested in the year 2011. However, to date, we do not have any conclusive draft introduced in the Parliament of India. In fact, we are still waiting for public disclosure of the final and conclusive proposed draft Right to Privacy Bill 2011 of India introduced in Parliament.

Laws enacted must keep both genders in mind, instead of focusing on only female rights. After all, in cyberspace, both males and females are equal victims. A gender-neutral law is as crucial as a technological-neutral legislation. Protecting the privacy rights of individuals requires a re-conceptualization on both personal as well as professional grounds keeping in mind human privacy in the context of Information and Communication Technologies (ICTs).