A Study on Privacy Policy

Related issues in India with special reference to Cyberspace

Introduction    

Every one of us has our individual and unique identity. We are always protective towards this identity. Our identity is our property. We do not want to share it. We do not want what we are doing, eating or where are we going or with whom are we meeting, should be known to the strangers. We are comfortable to share these facts with friends, relatives, etc. but not so convenient to share with strangers. The reason behind is considered to be our protectiveness towards our privacy. The concept of privacy has now gained a special status in our life. Even the Government and Judiciary are taking interest to make laws to protect our privacy.

Historical Background

The issue of privacy, however, is not new. It has been in question since time immemorial. It was our concern regarding privacy that we forced the women to use parda (Pardanasheen women). Though we are considered to be biased as we developed such restrictions only for women, but during that time it was necessary. Since technological development was meager, it would take time to reach information from one place to another. There were no social media, which would have our personal data, so, it was the least risk of breach of privacy. There were only a few ways in which people could breach their privacy during that time. It was either through some papers, documents, letters, through snooping or peeping, etc.

Relevancy of Privacy in Present Era

Privacy has been one of the most debatable topics in recent years. Recently, the banning of 59 Chinese apps has added fuel to the fire in the discussion. The Government took the defence of privacy and security alleging that these sites were collecting personal information of the citizens, thereby, breaching the privacy norms in India.

Today, this topic is of much more relevancy than at any other point of time in history because our privacy is the verge of being destroyed because of the online world. The 21st century is also called the Age of Information and Communication Technology era [1], the same being true because we have the most advance means of communication and reach than at any other point in history. However, with these pros, some cons are attached to it. Since most of us are connected with social media, which have a lot of information about our life, endangering our privacy. So, there is an urgent need to protect it. Otherwise, it may be misused to any extent.

Various issues related to Privacy in Cyber Space

  1. Privacy in Social Media

    There are thousands of various social media platforms used by us. Some of them are very popular among us and used by millions of peoples. They are as following:

    a) Facebook – This is one of the most popular social media platforms, with about 2.6 billion active monthly users all over the world. [2] People share almost every tiny detail of theirs in their profile. It is just like a diary to the people where they share their information and emotions. This is a vast data which contains a lot of our personal information. Hackers frequently try to steal this data, and many of the times they succeeded in doing so. Recently, reports came that data of millions of people were stolen and sold in markets.

    b) Tik Tok – It is another video sharing platform popular among youths. Recently, it was banned in India along with numerous other apps which were thought to be breaching the privacy of its users by collecting data. [3]

    c) Yahoo – It is another site used for sending and receiving messages. A few years back, hackers stole the data from the servers, hence posing a threat to the privacy of its users. [4]

  2. Aadhaar

    It is a biometric-based unique identification number for residents containing very sensitive and personal information related to our fingerprints as well as other information. [5] Most of the people alleged and opposed the introduction of this system saying that if leaked, then this data can be used cause harm to a higher level of crime. It is regulated by the Aadhaar (Targeted Delivery of Financial and Other Subsidies Act) 2016 (Aadhaar Act).

  3. Data storage centres

    These are the places where our data are being stored either by an institution or any network for various purposes. They hold valuable information about any person. Though they have the best security features, it cannot be denied that they are often attacked and loses data, posing a threat to privacy.

  4. Identity theft

    It is another form of breach of privacy. Sometimes, the culprit tries to hide behind a mask with someone else’s picture and commit crimes in his/ her names. They use valuable information and represent themselves as someone else and create a problem for an innocent person, who is not even aware of this situation. [6] The main cause of identity theft is that their privacy was breached and someone used that information to pose as a particular person.

  5. Is our data protected?

    It is one of the burning issues that what information do we give to others either online or through other means, is it protected and safe? This issue is regarding our privacy which may be breached because of leakage of data. We frequently hear in the news that data of the students being sold at very cheap rates after the medical or engineering exams. All these news indicate that our data and information are not safe, and our privacy is at stake.

  6. Misuse of information and data

    One of the measure issues regarding data is that if the data of an individual or group reaches to some other person or institution and it is collected by it and misused by it then who will be held liable. We already know that finding the accused in the cyberworld is almost impossible, making it difficult to trace the agency misusing the data. The worst scenario would be when the data may be used to commit a heinous crime. It poses a significant risk for any nation, especially India, where people are not aware of their privacy. So, this is a measure as to how the misuse of data can be prevented, and the privacy of an individual be protected.

  7. The sudden change of circumstances after the pandemic of COVID-19

    Circumstances regarding privacy have suddenly changed after the pandemic of COVID-19. People are forced to share their medical history as well as travel history, so that, in case of emergency, this data can be useful. However, it poses a significant threat to privacy and people are avoiding submitting this information to the Government. Various petitions have been filed in the Court regarding this concern.

Laws and Regulations regarding Privacy

Various laws have been enacted that either directly or indirectly deals with the issue of privacy in India.  However, there is no Act to date that expressly deals with data protection. Some of those laws and provisions are as follows:

  1. Article 21 of the Indian Constitution – The Right to Privacy is a central right and a natural piece of Article 21 that ensures life and freedom of the residents and as a piece of the opportunities ensured by Part III of the Constitution. In the milestone instance of Justice K S Puttaswamy (Retd.) and Anr. v. Association of India and Ors., [7] the Hon’ble Supreme Court has held Right to Privacy as a fundamental right, subject to certain sensible limitations.  

  2. Information Technology Act, 2000-  The Indian lawmaking body amended the Information Technology Act (2000) (“IT Act”) to incorporate Section 43A and Section 72A, which give the privilege to pay for inappropriate exposure of individual data.

    Section 43A of the IT Act makes an obligation on a body corporate which has arrangements or handles any touchy individual information or data in a PC asset that it possesses, to keep up sensible security practices and strategies to ensure the security of data of the individual. [8]

    Section 72 of the IT Act specifies that any individual who, while offering types of assistance under the conditions of a legal agreement, has tied down access to any material containing individual data about someone else, to cause or realize that he is probably going to cause unjust misfortune or improper addition reveals, without the assent of the individual concerned, or in penetrating of a legitimate agreement, such material to some other individual, will be rebuffed with detainment for a term which may reach out to three years, or with fine which may stretch out to five lakhs rupees, or with both. [9]

  3. Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 – These rules deal with the protection of sensitive and personal information of an individual. This information may consist of passwords, addresses, bank details, biometric information, health records, etc. [10]

    The principles give the sensible security practices and methodology, which the body corporate or any individual who for the benefit of the corporate body gathers, gets, have, store, arrangements or handle data is required to follow while managing  “Individual delicate information or data”. If there should be an occurrence of any break, the body corporate or some other individual following up in the interest of body corporate, the body corporate might be held at risk to pay harms to the individual so influenced. [11]

  4. Data Protection Bill – The Personal Data Protection Bill, 2019 (“PDPB”) was introduced in Lok Sabha on December 11, 2019. [12] The purpose of this Bill is to provide for the protection of privacy of individuals relating to their Personal Data and to establish a Data Protection Authority of India for the said purposes and the matters concerning the personal data of an individual. The Bill proposes to supersede the Information Technology Act, 2000 (Section 43-A) deleting the provisions related to compensation payable by companies for failure to protect personal data. The PDPB, among other things, prescribes how personal data is to be collected, processed, used, disclosed, stored and transferred.

    The PDPB proposes to protect “Personal Data” relating to the identity, characteristics trait, attribute of a natural person and “Sensitive Personal Data” such as financial data, health data, official identifier, sex life, sexual orientation, biometric data, genetic data, transgender status, intersex status, caste or tribe, religious or political beliefs. [13]

  5. Digital Information Security in Healthcare Act (DISHA) –  This Act was made to collect the health data of people at a common data centre. It will regulate and exchange electronic health data. It also provides provision regarding the setup of adjudicating bodies to solve matters related to a data breach.

    These are not exhaustive laws and provision regarding breach of privacy. There are many other provisions which deal with the Right to privacy and punishment in case of a breach. [14]

Suggestive Measures

The following measures could be adopted to protect our privacy, especially in the cyber world:

  1. The first and foremost thing is to make people aware and teach them about safe search, that which sites should they visit and which sites should they not. They should be taught the value of information so that they do not give their personal information to everyone.

  2. Trusted websites must be promoted for safe search. Use of safe links must be known to every people.

  3. The Government and various institutions must take measure to increase and popularize digital literacy. The Government must also make people aware of their Right to privacy. People should come forward and seek remedy if their Right to privacy has been infringed.

  4. People should understand the value of their information and they should be encouraged to use the original software to ensure maximum privacy and security of their data.

  5. Privacy is not only an issue of cyberspace. It is an important aspect, even in the real world. So, people should be aware of their surrounding and try not to give personal information to a stranger.

  6. Privacy is not only about your data, but it is also about what you do, where do you live, how do you live, what do you eat, etc. So, all steps must be taken to avoid unnecessary interruption in these habits.

Analysis

If we analyze the situation, then we may find that the Government is trying its best to protect our privacy. But, we as an individual are not much serious in protecting privacy. The main reason behind this could be that we do not understand the value of the information collected, and we are ignorant towards it. We do not even try to learn about safe search or try to become an aware citizen. However, the Government must also keep an eye on new cybercrimes, because the ambit of the cyber world is increasing day by day and we are at greater risk than at any other point in the history of mankind. The laws made by the Government should be flexible so that they may be amended to fulfil the present needs and because of the ever-increasing scope of science and technology. For this, the Government must ensure that it is up to date in this regard, and it has the best cyber experts and advisors.

Conclusion

We have already seen that in what fields are we lacking and what measures could be adopted to overcome the situation. However, we always need to be cautious while doing so because new knowledge attracts us and sometimes, we even forget the difference between rights and wrong, so that, we may not fall in the trap of cyber attackers and become a prey to them. 

Frequently Asked Questions

1) Describe briefly about ‘Right to Privacy’.   

2) Describe in details the laws related to privacy.

3) What is the relevancy of privacy in the present era, and what steps could be adopted to ensure this Right?

4) How will our privacy be affected after the pandemic of COVID-19?    

5)  Explain the relation between ‘Privacy’ and ‘Cyberspace’. Give case laws, if any.

References

[1] https://ubiquity.acm.org/article.cfm?id=1399619

[2] https://www.statista.com/statistics/264810/number-of-monthly-active-facebook-users-worldwide/#:~:text=How%20many%20users%20does%20Facebook,network%20ever%20to%20do%20so.

[3] https://www.nytimes.com/2020/06/29/world/asia/tik-tok-banned-india-china.html#:~:text=India’s%20government%20banned%20nearly%2060,the%20highest%20level%20in%20decades.&text=About%2050%20percent%20of%20India’s%201.3%20billion%20citizens%20are%20online.

[4] https://www.bbc.com/news/business-41493494#:~:text=Yahoo%20has%20said%20that%20all,much%20further%20than%20originally%20thought.

[5] https://www.linklaters.com/en/insights/data-protected/data-protected—india#:~:text=Union%20of%20India)%2C%20the%20Supreme,%E2%80%9D%20and%20%E2%80%9Cpersonal%20liberty%E2%80%9D.&text=This%20will%20be%20India’s%20first,43A%20of%20the%20IT%20Act. 

[6]  Talat Fatima, Cybercrimes, Eastern Book Company

[7]  (2015) 8 SCC 735

[8] Bare Act, Information Technology Act,2000

[9] Bare Act, Information Technology Act,2000

[10] https://www.lexology.com/library/detail.aspx?g=08197ebe-aeb4-41d6-a855-ce57a313ea6d

[11] https://www.lexology.com/library/detail.aspx?g=08197ebe-aeb4-41d6-a855-ce57a313ea6d

[12] https://www.mondaq.com/india/data-protection/904330/key-features-of-the-personal-data-protection-bill-2019

[13] https://www.linklaters.com/en/insights/data-protected/data-protected—india#:~:text=Union%20of%20India)%2C%20the%20Supreme,%E2%80%9D%20and%20%E2%80%9Cpersonal%20liberty%E2%80%9D.&text=This%20will%20be%20India’s%20first,43A%20of%20the%20IT%20Act.

[14] https://www.lexology.com/library/detail.aspx?g=08197ebe-aeb4-41d6-a855-ce57a313ea6d

Leave a Reply

Your email address will not be published. Required fields are marked *