THE RIGHT TO PRIVACY IN THE DIGITAL AGE

THE RIGHT TO PRIVACY IN THE DIGITAL AGE

The right to privacy is a fundamental entitlement that underpins numerous other human rights and is crucial for personal autonomy and the protection of human dignity. By enabling individuals to establish boundaries and establish barriers to shield themselves from external influences, privacy grants us the liberty to determine our interactions with the outside world and shape our own identities. Setting boundaries for who can access our bodies, places, and belongings, as well as our communications and information, is made easier by privacy.

Right to Privacy means the ability of an individual to determine when, how and to what extent their personal information can be shared with communicated with others. This personal information can be someone’s name, location, contact, online or real-world behaviour.

According to the Oxford Dictionary of Law, privacy is the “right to be left alone.” We may comprehend this term to mean that the right to privacy is the freedom to maintain the confidentiality of our personal data. Electronic communication, sexual orientation, professional activity, and even emotions or intelligence can all be considered forms of personal information.

Just as someone may want to exclude people from their private communications, many online users want to control or restrict their personal data from collection.

EVOLUTION OF RIGHT TO PRIVACY

In the ancient Hindu literature, the idea of privacy can also be pragmatic. Considering the Hitopadesh, which lists subjects that should be kept private from public view, including religion, sex, and family matters.

When addressing the authority to search and confiscate documents from the Dalmia Group in the 1954 case of M.P. Sharma v. Satish Chandra, an eight-judge Supreme Court bench rejected the existence of a right to privacy on the basis that the makers of Constitution. As there is no provision in Constitution of India that deals with the right to privacy, it can’t be violated as well.

After ten years (about), our quest for a private existence reappeared before a six-judge Supreme Court bench in the case of Kharak Singh v. State of Uttar Pradesh, only to be turned down once more. The Supreme Court ruled that there is no such thing as a basic right to privacy, but it also struck down the part that permitted night time visits on the grounds that it violated “personal liberty.” As expressed in opposition by Justice Subba Rao, who claimed that although while the Indian Constitution does not explicitly recognize the right to privacy as a basic freedom, it is nevertheless a necessary component of individual freedom. This famous disagreement helped initiate the development of the right to privacy.

After eleven long years (approx.), the Supreme Court ruled in Gobind v. State of Madhya Pradesh that there is a fundamental right to privacy under Article 21. This decision was made by a smaller three-judge bench. Even though Gobind was defeated, privacy won for the first time and received small recognition under the Indian Constitution’s provisions for personal liberty. Supreme Court recognise the significance of right to privacy but said that it should give way to a larger state interest.

By this time, our fundamental rights were the foundation of privacy. It has never seen a more formidable opposition to its continued existence than it did in the 2017 case of K.S. Puttaswamy v. Union of India, the decision delivered in 2018 by a 9 judge bench read the right to privacy within the ambit of Art. 21.

The fundamental right to privacy is crucial for individuals, and the personal liberty court overturned a previous ruling by M.P. Sharma and Kharak Singh, which stated that the Indian Constitution did not safeguard privacy.

In its ruling, the bench stated the following:

1. Recognizing the right to privacy does not necessitate altering the constitution; instead, it simply requires interpreting its existing provisions.

2. Privacy protects personal relationships, marriage, procreation, sexual orientation, and other aspects.

3. Privacy can also be defined as the ability to be alone.

4. Entering a public space does not automatically mean forfeiting one's right to privacy.

5. The constitution should be interpreted broadly to accommodate technological advancements and foster growth and development.

6. Although the right to privacy is a fundamental right, it is not absolute.

7. Acknowledging the right to privacy as a fundamental right safeguards an individual's inner life from interference by both governmental and non-governmental entities.

CONCERNS ABOUT PRIVACY IN THE DIGITAL AGE

With technology becoming increasingly integrated into all aspects of modern life, the issue of privacy has become more prominent. It is undeniable that we now exist in a digital age where information is readily available on screens. Various sectors, such as data, currency, entertainment, and commerce, have all transitioned into digital formats. Our personal and non-personal information is also being transferred in this digital era, where everything is stored on electronic devices. The extensive use of social media, smartphones, and other internet-connected gadgets means that individuals are constantly producing vast amounts of personal data, often without fully understanding the implications of their actions.

In its report, the UN High Commissioner for Human Rights acknowledges that, if not handled carefully, technology advancements “carry very significant risks for human dignity, autonomy, and privacy as well as the exercise of human rights generally.”

Numerous international human rights instruments, including the 1948 Universal Declaration of Human Rights (Article 12), the 1966 International Covenant on Civil and Political Rights (Article 17), the European Convention on Human Rights (Article 8).

Following the K.S. Puttaswamy case, the adoption of robust data privacy regulations in India has gained greater significance.

SOCIAL MEDIA AND PRIVACY

The expansion of social media has had a significant impact on privacy. Individuals are now encouraged to disclose personal information and details about their lives on platforms like Facebook, Instagram, and Twitter. As a result, the line between public and private online spaces has become increasingly blurred, leading to greater visibility and transparency. However, many users do not fully comprehend the potential risks to their privacy that come with oversharing on social media. Social media companies collect, analyze, and profit from user data, raising concerns about potential misuse or unauthorized access. Moreover, the heightened connectivity associated with social media exposes users to various cybersecurity threats. The introduction of new technologies in social networking applications, such as location tracking and facial recognition, has further complicated the issue of privacy.

GDPR (GENERAL DATA PROTECTION REGULATION)

The purpose of this legislation on data privacy is to protect the personal data of individuals residing in EU member countries. It was put into effect on May 25, 2018, following approval by the European Union in 2016. At the core of GDPR are these individuals, also known as data subjects. The purpose of this data privacy regulation is to safeguard the human rights of those whose data has been acquired.

The protection of EU citizens’ privacy is the main objective. Additionally, it is among the strongest data protection regulations that businesses must abide by while handling the personal information of Union citizens.

Organizations must adhere to the regulations set forth by the GDPR to ensure the lawful collection of personal data while following stringent guidelines. Additionally, those responsible for managing this data must take necessary measures to safeguard it against any form of misuse or exploitation, while also upholding the rights of data owners. Failure to do so may result in facing penalties.

Any organization that conducts business in the European Union or that provides goods and services to clients or businesses in the EU is subject to GDPR.

In the Article 5 of GDPR 7 principles are given relating to the processing of the personal data, that are:

•        Lawfulness, fairness and transparency [Art.5(1(a))]

•        Purpose limitation [Art.5(1(b))]

•        Data minimisation [Art.5(1(c)]

•        Accuracy [Art.5(1(d))]

•        Storage limitation [Art.5(1€)]

•        Integrity and confidentiality [Art.5(1(f))]

•        Accountability [Art.5(2)]

By virtue of the EU regulation, individuals in EU member states now have greater control over the personal data they disclose, how it is used, and who can access it. A corporation is often required to obtain explicit consent prior to gathering personal information from an individual. This usually involves requesting the individual to "opt-in" to the collection or usage of their data. Whether it is an online purchase or the establishment of a social media account, businesses should only collect and process the necessary data for the provided service.

DPDP ACT (DIGITAL PERSONAL DATA PROTECTION ACT), 2023

In a 21st-century world where technology has become the defining paradigm, India’s ongoing Data Protection regulation highlights the country’s commitment to establishing a robust data privacy framework. The Digital Personal Data Protection (DPDP) Act, 2023 governs the handling of digital. Personal information collected either online or offline in India and then transformed into digital format is subject to the Digital Personal Data Protection Act (DPDP Act). This law applies not only to the processing of digital personal data within India's borders but also to data processed outside the country if it involves offering products or services to individuals in India.

The DPDP Act underscores the importance of user control over their personal data, emphasizing that consent must be freely given, specific, informed, unconditional, unambiguous, and accompanied by a clear affirmative action. Users must willingly agree to the use of their data for a specific purpose, with full understanding and without any form of coercion. Consent is the only basis for the processing of the personal data of the individuals.

The individual can withdraw the consent given at any time under Section 7(3) of DPDP Act.

In cases where personal information pertains to a child under the age of 18 (referred to as a “child” under the DPDP Act), the parents or legal guardian of that person shall be included as the corresponding data principal. Likewise, in the event that an individual is disabled, the legal guardian functioning on their behalf will be considered a data principal. The processing of such data is subject to some unique requirements, such as the requirement to have verifiable consent from parents or guardians.

The DPDP Act's legal framework places obligations and restrictions on the processing of personal data by “data fiduciaries,” or those entities that decide the purpose and method of data processing, including in collaboration with other entities, because the ultimate goal of this framework is to protect the data for the benefit of specifically identifiable individuals related to the data (“data principals”).

CONCLUSION

In the current era of digital advancements, safeguarding the right to privacy has emerged as a crucial concern, demanding the establishment of robust legal structures to ensure the protection of individuals' personal data from unauthorized intrusion. As technology continues to progress at a rapid pace, our daily lives are increasingly intertwined with digital platforms and services, intensifying the challenges and significance of preserving privacy. In this context, there is a need for strong privacy laws are required to protect individual’s rights as well as to ensure transparency, fairness and accountability in the digital space. We cannot fully utilize technology without compromising the rights and liberties of every person unless we work together to preserve privacy in the digital era.