22. How information technology has affected right to privacy? Discuss

Posted on by Durga Medida
information technology

The advent of information technology (IT) has radically transformed modern life. From how we communicate and work to how we shop, travel, and consume information—everything is now digitally driven. While technology has enhanced accessibility, speed, and convenience, it has also brought unprecedented challenges to the individual’s right to privacy. The massive collection, storage, and transmission of data raise concerns over unauthorized access, surveillance, profiling, and misuse of personal information.

In the Indian context, the Right to Privacy was not originally recognized as a fundamental right. However, with technological advancements posing new threats, it became imperative for the legal system to evolve. This essay explores how IT has impacted privacy in India and how the legal framework, including the Information Technology Act, 2000, and newer legislations, attempt to protect it.

Recognition of the Right to Privacy

The recognition of the Right to Privacy as a fundamental right came after years of legal debate. The Supreme Court of India, in the landmark case of Justice K.S. Puttaswamy (Retd.) v. Union of India (2017), unanimously ruled that the Right to Privacy is protected under Article 21 (Right to Life and Personal Liberty) of the Constitution. The judgment acknowledged that in the digital age, privacy includes informational privacy, bodily integrity, and personal autonomy.

This decision was critical in shaping the legal discourse on privacy in the era of digital surveillance, data collection, and information technology. It laid the foundation for creating robust data protection frameworks to protect citizens from technological misuse.

Role of the Information Technology Act, 2000

India’s primary legislation for regulating cyber activities is the Information Technology Act, 2000. While the original Act was primarily focused on electronic commerce and cybercrimes, its 2008 amendment introduced key provisions to address concerns related to data protection and privacy.

Key Privacy-Protecting Sections of the IT Act:

  1. Section 43A
    • Applies to body corporates (companies) that handle sensitive personal data.
    • Requires them to adopt “reasonable security practices.”
    • Failure to do so, resulting in wrongful loss or gain, invites compensation.
  2. Section 72
    • Penalizes any person who, in the course of providing services under the IT Act, accesses confidential information and discloses it without consent.
    • Punishable with imprisonment up to 2 years or a fine of up to ₹1 lakh, or both.
  3. Section 66E
    • Introduced to specifically address bodily privacy.
    • Criminalizes capturing, publishing, or transmitting images of a person’s private area without consent.
    • Punishable with up to 3 years imprisonment and fine up to ₹2 lakh.

These provisions offer legal recourse for victims of privacy breaches, unauthorized access, and misuse of digital information.

Emerging Challenges Due to Technology

With the rise of the internet, cloud computing, social media, AI, IoT, and facial recognition technologies, the volume of personal data being collected is staggering. This gives rise to several challenges:

  • Data Mining & Profiling: Companies collect user data to build behavioral profiles for advertising or other purposes, often without informed consent.
  • Surveillance: Government and private surveillance activities have expanded, raising concerns over mass monitoring.
  • Data Breaches: With increased digital storage, there are frequent instances of personal data being leaked or sold.
  • Consent Issues: Users often agree to terms without fully understanding the implications of data collection.
  • Anonymity vs. Traceability: In cyberspace, the balance between user anonymity and law enforcement is delicate.

Despite the IT Act, the absence of a comprehensive and enforceable personal data protection law has left many of these issues only partially addressed.

Digital Personal Data Protection Act, 2023

Recognizing these limitations, the Indian government enacted the Digital Personal Data Protection (DPDP) Act, 2023, which is modeled along the lines of global standards like the EU’s General Data Protection Regulation (GDPR).

Key highlights of the DPDP Act:

  • Defines “personal data” and “sensitive personal data”.
  • Emphasizes “consent-based data processing.”
  • Grants individuals the right to access, correct, and erase their personal data.
  • Introduces data fiduciaries responsible for ensuring compliance.
  • Establishes a Data Protection Board of India for redressal and regulation.
  • Imposes heavy penalties for non-compliance (up to ₹250 crore).

This Act significantly strengthens individual rights and corporate responsibility in the digital age, aiming to restore the balance between technology and privacy.

Judicial and Policy Developments

Courts in India have been proactive in responding to new privacy threats:

  • The Aadhaar case (2018) led to restrictions on the mandatory use of Aadhaar for availing services, citing privacy concerns.
  • Courts have insisted on purpose limitation, data minimization, and proportionality while evaluating surveillance systems.
  • There is a growing recognition that algorithmic transparency and non-discrimination must be ensured in automated decision-making systems.

In addition, the government’s National Cyber Security Policy and CERT-In guidelines aim to improve digital infrastructure security and protect user data from cyber threats.

Conclusion

Information technology has undoubtedly enriched human lives, but it has also created complex challenges for privacy. As data becomes a commodity, the risks of surveillance, profiling, identity theft, and data misuse increase exponentially. In response, India has begun strengthening its legal framework through judicial activism, the IT Act, and the DPDP Act.

However, the effectiveness of these laws depends on robust implementation, awareness among citizens, and ethical use of technology by both public and private sectors. Safeguarding the Right to Privacy in a digitally connected world requires a careful balance between innovation and individual rights.

Mnemonic Sentence to Remember Key Points

“PRIVACY IS GOLDEN CODE”

Each word represents a key theme or law:

  • PPuttaswamy Judgment (Privacy = Fundamental Right)
  • RReasonable Security (Sec 43A, IT Act)
  • IIT Act, 2000
  • VViolation Penalties (Sec 72, 66E)
  • AAadhaar Case (Data misuse concerns)
  • CConsent-based Processing (DPDP Act)
  • YYour Rights (Access, Erasure, Correction)
  • IInformation Transparency & Data Fiduciaries
  • SSurveillance Restrictions by Courts
  • GGDPR-inspired DPDP Act, 2023
  • OOversight by Data Protection Board
  • LLegal Provisions on Sensitive Data
  • DData Breach Challenges
  • EEmerging Tech (AI, IoT) Risks
  • NNeed for Enforcement & Awareness

Related Posts

26. When a property is received on inheritance or as a gift, it is not taxable for the received. When the inheritor or receiver of this property sells it, capital gain aspiring to the sale of that property is taxable to him.

1. Facts of the Case 2. Issues in the Case [Questions] 3. Legal Principles Covered A. Section 56(2)(x): Gift Taxation Conclusion: The receipt of property […]

Leave a Reply

Your email address will not be published. Required fields are marked *