A human being is born free, subject to the restraints and constraints placed upon him or her by the state in which he or she is born. Thus every human being has some basic privileges- to wander around, to speak, to have their secrets kept; that's to say, we possess certain rights by virtue of our very existence. This is of course in accord with, and subject to the implicit, tenuous relationship that exists between a citizen and the state.
There is an unsaid agreement between the two that every citizen should live in ways that the state desires, for a citizen must forego some of his rights and freedom in order to seek services from the state. A good state is one which deprives its citizen of minimal rights and has established a good 'system of governing'; not good 'governance' per se. This relationship is created out of the compulsion to create a civilized society.
Presently, we are in a state where majority of the components of our everyday life are dominated and manipulated by technology. We get access to numerous free services in return for our private information: name, phone numbers, e-mail addresses, house address, bank account details etc. This hub of information acts as a goldmine for the corporate sector, which has several tools like 'intended advertisement' at its disposal. Seemingly, our privacy exists no longer. And so the need to talk of the necessity of the 'right to privacy'- a basic, integral privilege one ought to possess as a free citizen, at least to a certain extent.
'In the 21st century, a government that cannot protect its citizens 'right to privacy' cannot credibly maintain a democratic regime of equal treatment under the law.' - The Supreme Court
The right to privacy pertains not to physical protection but to the protection of information of an individual citizen. Since this right is not mentioned as a distinct fundamental right in the Indian constitution or in any Indian codified law, we do not hold a concise definition of it. However, Supreme Court judgments have, throughout history, made specific attempts at interpret its definition, based on which we can infer that privacy extends to the following of its components, namely:
- Bodily integrity: i.e. inviolability of one's physical body,
- Personal autonomy: i.e. capacity of choosing one's own course of action, protection from state-surveillance, and dignity,
- Informational self-determination: i.e. having own choice as to where ones information goes, and confidentiality.
Reference can also be made to the International Covenant on Civil and Political rights, 1966, which was signed and ratified by India in 1979 without reservation.
Article 17: International Covenant on Civil and Political Rights, 1966
1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation.
2. Everyone has the right to the protection of the law against such interference or attacks.
ROOT OF CONTROVERSY:
The need for having this right delineated and its constitutional validity/role properly construed has realized huge significance since the legal validity of Aadhaar, a 12 digit unique-identity number issued to all residents in India, which requires one to submit his or her demographic data (house address, phone number, etc) as well as biometric data (finger-prints and iris scans,) had been brought under question by a constitution bench of the Supreme Court of India in April this year. (The Supreme Court has reserved its final judgement on the matter which shall likely be announced by the end of this month.)
What started as a mere idea to obtain biometric identity cards for the borderline states in India in an attempt to ward off against increased terrorist activity, fully materialized eventually into UID's scheme (Unique Identification Authority of India) to issue an identity in the form of Aadhaar to all residents of the country. The underlying goal was to create an identity a) which is robust enough to eliminate all duplicate as well as forged identities, and (b) which can be verified and authenticated in an easy and cost-effective way through all physical and virtual platforms.
India is a rapidly expanding digital economy. It's a nation of a billion cell phones, and of millions of users of the internet who daily part with personal details on an unconscious basis as they indulge in online monetary proceedings and engage in social platforms. Several national schemes are also being implemented through IT platforms. (Hence, collection of information by several distinct platforms leads to the creation of 'informational silos.') Thus problems of ID theft, fraud, and misrepresentation are already ever-expanding. With more and more transactions occurring online, the scope of possible theft and misuse of information has risen.
The furthermore issue that Aadhaar poses is it has worked towards dismantling the silos which exist between different databases, such that all personal information pertaining to an individual citizen is accessible at one go through their Aadhaar number, be it their medical record or bank account details. Consider the recent case in May this year where, as per a study conducted by the Centre for Internet and Society, Bengaluru, data of over 130 million Aadhaar cardholders had been leaked from four government websites.
The problem is further burdened with the fact that India currently has no provision on privacy based on which one would be entitled to a cause of action in the Court of Law. The chairman of Unique Identification Authority of India, who proposed Aadhaar card's concept and design, suggested himself that there would be further need for data protection and privacy law in India.
The Supreme Court has expressed its apprehension that the collection and use of data has the risk of personal information falling into the hands of private players (companies) and service providers.
'I don't want the state to pass on my personal information to some 2000 service providers who will send me WhatsApp messages offering cosmetics and air conditioners. That is out area of concern. Personal details turn into vital commercial information for private service providers.' - Justice Chandrachud on the 9-judge bench
Both the government and service providers collect personal data. This adds to the danger of data leakage. Without any provision, there would be no limit to the harassment caused by private companies to individuals through innumerable advertisement phone calls and text messages being made to the latter every day. The Supreme Court points out that the state is obliged to put a robust personal data protection mechanism in place in this digital age.