In just a few months' time, the world had been locked down due to an ongoing pandemic that has taken a toll in the personal and professional life of every individual on this planet. However, if suppose the same pandemic had happened ten years ago, situations may seem much more difficult than what we see today, the primary reason being the advancement of technology in today's world. Therefore, it is needless to point out how much people across the world depend and rely on technology for their day-to-day activities.
While technology plays a major role in storing, gathering, retrieving, and distributing information, it also creates the possibility of accessing and manipulating a wide range of information, thereby making it easier to access private information of any individual. One could say that we are all living in a world where information is the most valuable asset one could possess and all economic activities that take place are based on this valuable information. Hence, this technological shift invites several issues related to access to information and the right to privacy which primarily arises due to the free flow of information.
PRIVACY AND DATA PROTECTION
Privacy is a term we hear every day in the newspapers, along with the ways in which it has been compromised. But what is privacy? Privacy can be defined as an individual condition of life characterized by exclusion from publicity.[1] The Indian Constitution has granted the citizens of the country the Right to Privacy under Article 21[2] after the landmark case K.S. Puttaswamy v. Union of India[3]. But to what extent is our personal information safe?
Internet privacy relates to how one's personal information can be accessed either through hacking, tracking, data sharing and other cyber security threats. Every time a person sign's up for an app or a website, post on social media, does online banking putting forth credit/debit card details, fill out applications or even save images on the system's storage, one is releasing information into the cyberworld which may not be significant at that particular point of time but has the potential to ruin someone's life in the future. At times, sensitive information can be shared in ways one may not apprehend. Hence, in the context of privacy concerns, new technologies often make us question what kind of protection of privacy can a person anticipate in a world where access to information by invisible hands is just a press of a button away. Technology and privacy are like the two ends of a boat where one should ensure that a fine balance is maintained, otherwise the boat may sink.
Privacy as observed is a multifaceted concept and has a much deeper meaning politically, legally, and ethically in this world of technology[4]. Data protection, on the other hand is a much wider concept as it not only encompasses protection of private data but also ensures that our rights such as freedom of speech, expression, and thought are not curtailed and compromised. When an image or a message is put into the cyberspace, individuals have no control over it, risking their privacy. Thus, it is important to ensure that our data is protected by channeling and controlling the manner in which it is processed.
LATEST MISHAPS IN APPS
During this pandemic, we have tried to keep up with our day-to-day routines and activities online by exploring new options and better alternatives. Apps like Zoom, Tik Tok and WhatsApp have seen a tremendous spike in usage during this period booming their business. But what one had failed to notice was the privacy issues these apps offered.
Zoom claims to follow an end-to-end encryption policy, a policy that assures users that their messages are secured and cannot be leaked. However, the company later introduced a policy that would probably give them permission to use messages and confidential files for the purpose of advertisement targeting making it highly unreliable and insecure. Similarly, Tik Tok, a Chinese entertainment app, is banned in India due to the possibility of personal data being stored in the servers in China which can pose a high risk for individuals as well as for the country.
WhatsApp, on the other hand, has recently introduced a new policy which explicitly states that they will share certain details including phone number and basic information of their users to Facebook to “facilitate, support, and integrate their activities and improve their services.” This is a sheer violation of all the user's privacy which need to be dealt with utmost seriousness.
PRIVACY LAWS IN INDIA AND ITS INTERPRETATIONS
The Indian constitution has guaranteed all its citizen the 'Right to Privacy' under Article 21 after the Supreme Court had recognized this very right as a fundamental right in the landmark judgment given in the case of K.S. Puttaswamy v. Union of India. However, India has not yet enacted a specific legislation with regards to privacy and data protection. The Central Government is on course to develop a mechanism for regulating the collection, storage, and usage of personal data and non-personal data separately.[5] There have been efforts by the government in formulating a non-personal data bill along with the Personal Data Protection Bill, 2019. This will be India' first law with regard to data protection.
However, privacy or data protection related laws are mentioned under the (Indian) Information Technology Act, 2000. The (Indian) Information Technology Act, 2000 deals with the issues relating to payment of compensation (Civil) and punishment (Criminal) in case of wrongful disclosure and misuse of personal data and violation of contractual terms in respect of personal data.[6]
Under section 43A of the (Indian) Information Technology Act, 2000, a body corporate who is possessing, dealing or handling any sensitive personal data or information, and is negligent in implementing and maintaining reasonable security practices resulting in wrongful loss or wrongful gain to any person, then such body corporate may be held liable to pay damages to the person so affected.[7]
Under section 72A of the (Indian) Information Technology Act, 2000, disclosure of information, knowingly and intentionally, without the consent of the person concerned and in breach of the lawful contract has been also made punishable with imprisonment for a term extending to three years and fine extending to Rs 5,00,000 (approx. US$ 8,000).[8]
According to the IT Rules, every individual is granted rights with regards to their sensitive personal information. These rules have made it compulsory for all corporate bodies to produce a privacy policy and ensure that consent is obtained before disclosing sensitive information of individuals except if it is required for the purpose of law enforcement.
For years now, privacy violation has become a major concern. When the entire world uses the internet for purposes as trivial as checking the temperature to online banking, one fails to think about how much of our personal information is out there which can be misused. Despite the risks, it is not possible to stay completely out of it, therefore, what one can do is to take precautions and always be alert while putting sensitive information into this dark world with the thought that this information is no more under one's control.
REFERENCES
· Michael Friedewald & Ronald J. Pohoryles, Technology and privacy, Innovation: The European Journal of Social Science Research, 2013, 26:1-2, 1-6, DOI: 10.1080/13511610.2013.768011
· Britz, J. J, Technology as a threat to privacy: ethical challenges to the information profession, Department of Information Science, University of Pretoria, South Africa, 2010
· Kirsty Hughes, A Behavioural Understanding of Privacy and its Implications for Privacy Law, The Modern L.REV. Sept. 05, 2012.
· Bhumesh Verma and Pruchuri Baswanth Mohan, Data Privacy: Need for Stronger Laws, (2020) PL (CL) August 60.
· Vijay Pal Dalmia, India: Data Protection Laws in India- Everything You Must Know, Vaish Associates Advocates, 2017, https://www.mondaq.com/india/data-protection/655034/data-protection-laws-in-india--everything-you-must-know
· Rajnish Kumar, Data Protection and Liability, National Academy of Indian Railways. Sept, 2017.
· Beatriz Botero Arcila, We need privacy and data laws to tackle this global pandemic, Harvard Law Review, 2020.
· Dhiraj R. Duraiswami, Privacy and Data Protection in India, Journal of Law & Cyber Warfare, 2017.
FOOTNOTES [1] Britz, J. J, Technology as a threat to privacy: ethical challenges to the information profession, Department of Information Science, University of Pretoria, South Africa, 2010 [2] Indian Const., art. 21 [3] K.S. Puttaswamy v. Union of India, AIR 2017 SC 996. [4] Kirsty Hughes, A Behavioural Understanding of Privacy and its Implications for Privacy Law, The Modern L.REV. Sept. 05, 2012. [5] Bhumesh Verma and Pruchuri Baswanth Mohan, Data Privacy: Need for Stronger Laws, (2020) PL (CL) August 60. [6] Rajnish Kumar, Data Protection and Liability, National Academy of Indian Railways. Sept, 2017. [7] Information Technology Act, 2000, §43A. [8] Information Technology Act, 2000, §72A.
Submitted by,
Devika Reshma,
Symbiosis Law School, Hyderabad.