On August 24, a historic judgement was passed by the Supreme Court of India, declaring privacy to be a fundamental right. A nine-judge Constitution bench unanimously overturned two earlier rulings, that stated that the right to privacy was not protected by the Constitution.
The new ruling by the SC states, “right to privacy is protected as an intrinsic part of the right to life and personal liberty under Article 21 and as a part of the freedoms guaranteed by Part III of the Constitution.” This verdict brings right to privacy at par with the right to liberty and will make it harder for anyone, including private corporations or government agencies, to obtain private data from users. This also means that the state will have to present concrete reasons for accessing someone’s data now.
“This is a milestone in a large history across the world on understanding of the right to privacy. The largest democracy in the world has now spoken on the question which we all face because 20th century constitutions, let alone earlier constitutions did not tend to speak of right to privacy and they certainly didn’t speak of it in terms which allowed its application to the needs of human beings in the 21st century networked society. Supreme Court of India has taken an enormous step which is going to be looked upon by societies of law around the world with enormous importance,” said Mishi Choudhary, President, SFLC.in.
The SC’s verdict could have real effects on the government’s drive to make Aadhaar mandatory for various schemes, bank accounts etc. In addition, tech companies using your data will also have to take right to privacy into account now. It’s worth noting that the Supreme Court did not say that right to privacy is absolute. Instead, the apex court has said that given enough reason, your data can still be accessed.
The Aadhaar issue
While it is all too early to predict repercussions of the SC’s verdict, it’s sure to play a part in ongoing cases around Aadhaar. A number of petitions have been filed against enforcing of Aadhaar as a mandatory requirement for admission to schools, government schemes and more. Even buying a JioPhone today requires an Aadhaar card.
With Aadhaar data leaks surfacing online, the protection of such important data is in question. The petitions claim that enforcing Aadhaar as compulsory is a violation of privacy. The petitioners insist that the Aadhaar scheme was started as a voluntary program, however, the current government seems keen on making biometrics-based Aadhaar mandatory for availing various benefits of various social welfare schemes.
Recently, about 210 websites of the Central and State government were displaying Aadhaar details and personal information of its beneficiaries. Also, a database containing data of millions of Reliance Jio users was leaked online. With Aadhar being linked to bank accounts, PAN and many other essential services, it is of outmost importance that this data is secured and not misused.
The Whatsapp case
Currently, a five-judge constitution panel are deciding on this case, focusing on the change in privacy policy of Whatsapp, enforced in 2016. Whatsapp changed its privacy policy to start sharing user data with Facebook, its parent company. The change in privacy policy affects millions of Indian users as their personal conversations are analysed and ads are targeted on Facebook. The Delhi High Court had directed WhatsApp to stop sharing data with Facebook and delete all user data generated by Indian users before September 25, 2015. However, WhatsApp did not adhere to this ruling.
The IT Act, 2000 provides for data protection but not privacy protection. Companies found guilty of data breach can be fined upto Rs 1 crore, however, there is no compensation for an individual’s personal information loss or their personal data being leaked. The current ruling by the top court will likely impact the WhatsApp case, although we cannot yet predict what the verdict will be.
Internet
Major tech companies such as Google, Facebook, Microsoft and many more have access to millions of user’s data and they make use of this data for their own purposes such as targeted ads, data mining, drawing inferences and more. If it were left at that, there would be no problem at all, however, these companies are also responsible for the security and privacy of the data they possess.
The Supreme Court’s hearing may have major impact on the ways major tech companies make use of a user’s data. Various concerns have already been raised regarding the storage and use of private user data, as many of the leading websites and companies have failed to protect them.
Companies like Facebook, Google and other tech majors use, and more importantly, share user data with their partners. The right to privacy may have an impact on how this process is carried out.
Businesses using data from their customers are tasked with protecting that data any way. With the right to privacy, companies could be disallowed from accessing certain information, and also from sharing it with others.
Welfare schemes
Many citizens have voiced concerns with Aadhaar being made mandatory for availing various government schemes. The SC had, in March 2016, ruled that Aadhaar will not be mandatory for availing welfare schemes. The court also said that the government cannot be stopped from using Aadhaar in other schemes, such as the opening of bank accounts.
It is unclear whether Aadhaar attachment for government schemes will remain mandatory. However, one can be almost sure that the government will have to strengthen data protection behind information saved on the Aadhaar database.