Right to Privacy

Topic : Media laws

Rajesh Cheemalakonda

Right to privacy can be defined as individual right to safeguard certain personnel

information from public sharing.

The Constitution of 1950 does not expressly recognize the right to privacy.[1467] However,
the Supreme Court first recognized in 1964 that there is a right of privacy implicit in the
Constitution under Article 21 of the Constitution, which states, "No person shall be deprived of
his life or personal liberty except according to procedure established by law."[1468]

There is no general data protection law in India. In June 2000 the National Association of
Software and Service Companies (NASSCOM) urged the government to pass a data protection
law to ensure the privacy of information supplied over computer networks and to meet European
data protection standards.[1469] The National Task Force on IT and Software Development had
submitted an "IT Action Plan" to Prime Minister Vajpayee in July 1998 calling for the creation
of a "National Policy on Information Security, Privacy and Data Protection Act for handling of
computerized data." It examined the United Kingdom Data Protection Act as a model and
recommended several cyber laws including ones on privacy and encryption. [1470] No legislative
measures, however, has been considered to date.

In May of 2000, the government passed the Information Technology Act, a set of laws intended
to provide a comprehensive regulatory environment for electronic commerce.[1471] The Act also
addresses computer crime, hacking, damage to computer source code, breach of confidentiality
and viewing of pornography. Chapter X of the Act creates a Cyber Appellate Tribunal to oversee
adjudication of cyber-crimes such as damage to computer systems (Section 43) and breach of
confidentiality (Section 72). After widespread public outcry, sections requiring cyber-cafes to
create detailed records about their customers' browsing habits were dropped. The legislation
gives broad discretion to law enforcement authorities through several provisions. Section 69
allows for interception of any information transmitted through a computer resource and requires
that users disclose encryption keys or face a jail sentence up to seven years.Section 80 allows
deputy superintendents of police to conduct searches and seize suspects in public spaces without
a warrant. This section in particular appears to be targeted at cyber-cafe users where an estimated
seventy-five percent of Indian Internet users access the web.[1472] Section 69 gives tremendous
powers to Controller of Certifying Authorities (CCA) to direct interception of any information

1|Page
 Right to Privacy
Topic : Media laws
Rajesh Cheemalakonda

transmitted through any computer resource. This direction is only to be given if the CCA is
satisfied that it is necessary or expedient so to do in the interests of the following:-the
sovereignty or integrity of India, the security of the state, friendly relations with foreign states,
public order, or for preventing incitement to the commission of any cognizable offence.
[1473]
Section 44 imposes stiff penalties on anyone who fails to provide requested information to
authorities, and Section 67 imposes strict penalties for involvement in the electronic publishing
of materials deemed obscene by the government. Chapter III of the Act gives electronic records
and digital signatures legal recognition, and Chapter VI authorizes the Government to appoint a
CCA, who will license certifying authorities before they can operate in India and will act as the
repository of all Digital Signature Certificates issued under the Act.

Following the enactment of the IT Act the Ministry of Information Technology adopted the
Information Technology (Certifying Authorities) Rules in October 2000 to regulate the
application of digital signatures and to provide guidelines for Certifying Authorities.[1474] The
Digital Signature regime in India has become operational with effect from February 2002. The
CCA has also appointed numerous licensed Certifying Authorities includingSafe Script, National
Informatics Centre, the Institute of Development and Research in Banking Technology, and Tata
Consultancy Services.

There is also a right of personal privacy in Indian law. Unlawful attacks on the honor and
reputation of a person can invite an action in tort and/or criminal law.[1475] The Public Financial
Institutions Act of 1993 codifies India's tradition of maintaining confidentiality in bank
transactions.

In March 2000 the Central Bureau of Investigation set up the Cyber Crime Investigation Cell
(CCIC) to investigate offences under the IT Act and other high-tech crimes.[1476] The CCIC has
jurisdiction over all of India and is a member of the Interpol Working Party on Information
Technology Crime for South East Asia and Australia. Similar cells have been set up at the state
and city level, for example in the state of Karnataka and the city of Mumbai. In June 2002 the
central government authorized the National Police Academy in Hyderabad to prepare a
handbook on procedures to handle digital evidence in the case of computer and Internet-related
crimes.[1477] The government is also considering establishing an Electronic Research and

2|Page
 Right to Privacy
Topic : Media laws
Rajesh Cheemalakonda

Development Centre of India to be responsible for developing new cyber-forensic tools. India's
Intelligence Bureau is reported to have developed an e-mail interception tool similar to the
Federal Bureau of Investigation's Carnivore system, which it claims to use in anti-terrorist
investigations.[1478] In April 2002, India and the United States launched a cyber-security forum to
collaborate on responding to cyber security threats.[1479]

Wiretapping is regulated under the Telegraph Act of 1885. There have been numerous phone tap
scandals in India, resulting in a 1996 decision by the Supreme Court which ruled that wiretaps
are a "serious invasion of an individual's privacy"[1480] The Supreme Court recognized the fact
that the right of privacy is an integral part of the fundamental right to life enshrined under Article
21 of the Constitution. However, the right is only available and enforceable against the state and
not against action by private entities. The Court also laid out guidelines for wiretapping by the
government. The guidelines define who can tap phones and under what circumstances. Only the
Union Home Secretary, or his counterpart in the states, can issue an order for a tap. The
government is also required to show that the information sought cannot to be obtained through
any other means. The Court mandated the development of a high-level committee to review the
legality of each wiretap. Tapped phone calls are not accepted as primary evidence in Indian
courts. However, as is the case with most laws in India, there continues to be a gap between the
law and its enforcement. According to prominent NGOs, the mail of many NGOs in Delhi and in
strife-torn areas continues to be subjected to interception and censorship.

In March 2002 the Indian Parliament, in a rare joint session, passed the Prevention Of Terrorism
Act (POTA) over the objections of several Opposition parties and in the face of considerable
public criticism. The National Human Rights Commission, an independent government entity,
criticized the measure finding that the existing laws were sufficient to combat terrorism.[1482] The
law codifies the Prevention of Terrorism Ordinance that in turn builds on the repealed Terrorists
And Disruptive Activities (Prevention) Act (TADA). It gives law enforcement sweeping powers
to arrest suspected terrorists, intercept communications, and curtail free expression. Critics argue
that the experience of TADA and POTA shows that the power was often misused for political
ends by authorities and that POTA does little to curb those excesses. Chapter V of POTA deals
with the interception of electronic communications, which also creates an audit mechanism that
includes some provision for judicial review and parliamentary oversight; however, it remains to

3|Page
 Right to Privacy
Topic : Media laws
Rajesh Cheemalakonda

be seen how effective such mechanisms will be in practice. In certain high-risk states such as
Jammu and Kashmir, search warrants are not required and the government from time to time
bans the use of cellular telephones, long distance phones, and cyber-cafes.[1485] India's
Enforcement Directorate, which investigates foreign exchange and currency violations, searches,
interrogates and arrests business professionals, often without a warrant. On December 13, 2001,
the Indian Parliament was attacked by five heavily armed intruders and gun men. A case was
duly registered, investigated and prosecuted under the provisions of POTA after it was enacted.
The trial court judge convicted the accused persons. On appeal, the New Delhi High Court held
that intercepted telephone conversations of the three persons charged under POTA for plotting
the attack on the Parliament, were not admissible evidence, although the High Court had
previously held that telephone conversations could qualify as admissible evidence under the
Indian Evidence Act, the Indian Telegraph Act and the Indian Penal Code, and that it was open
for the trial court to consider the intercepts under these laws while deciding the case. The Central
Bureau of Investigation appealed against the High Court order and on September 5, 2003 the
Supreme Court set the Delhi High Court judgement aside, allowed the appeal and decided that
intercepted communications between the accused in the House of Parliament are admissible.

A prominent expose of government corruption by the web portal Tehelka sparked a growing
debate on the appropriate balance between the press and personal privacy. Telehka's
investigative journalists covertly filmed high-level officials accepting bribes and army officers
groping call girls as part of their expose on how official corruption operates in India. While some
critics admit that the journalists did shed much needed light on a murky subject, they argue that
there should be some restrictions on the press' behavior. India authorizes the use of illegally
obtained evidence that wouldtherefore allowjournalists to present such evidence in court. Similar
questions arose in relation to the transcripts of tapped phone calls released to the press in a match
fixing scandal surrounding the national sport of cricket in April 2000.

The Government of India has initiated steps for enacting a law on Convergence. The proposed
Communications Convergence Bill 2001 was tabled in both Houses of Parliament in the second
half of 2001. The Parliament referred it to the Standing Committee on Information Technology
which gave detailed recommendations at the end of 2002 and forwarded them to the
government.The government is likely to make changes to the Bill in line with some of the

4|Page
 Right to Privacy
Topic : Media laws
Rajesh Cheemalakonda

Committee's recommendations, and to submit it to the Parliament. The bill aims to create a
"super regulator," the Communications Commission for India, to oversee voice and data
(including telecom, broadcasting, and Internet) communications.Chapter XIV of the Bill covers
the interception of communications and penalties for unlawful interception. Section 63 has been
criticized by business groups for placing a significant burden on service providers to provide the
government information about their customers, and allow law enforcement to intercept any
communication under a very low standard.

In February 2003, India convicted its first cyber-criminal when a Delhi High Court sentenced
Arif Azim on the charges of online cheating. In the said case, Arif Azim, while working for a
call centre near Delhi stole the credit card information that belonged to an American citizen and
used it to order a color television and a cordless hand phone. This case has highlighted the
security and privacy risks for companies to outsource some of their processing operations in
India where there is a lack of a clear privacy legal framework.

5|Page