Need for making digital privacy a human right: requirement for digital privacy legislation in India.
Introduction
Privacy is not a new concept. The term comes from the Latin word ‘privatus’ which means something which is not public or a personal belonging on which state has no right. The term was most notably used by Aristotle in his distinctions between public sphere and domestic life. However, historic use of the term is still shrouded in confusion.
In early years, the legal protection for privacy was mostly derived from American views while the basis of the same was largely on morality. However, many scholars tended to deny privacy as right as they viewed it as an ingredient under right to property and bodily security. Other arguments made against privacy was that it protected economically inefficient interests or it may deter protection needed by vulnerable groups by covering up abuse or that there is lack of adequate legal doctrine grounding this concept.
However, soon privacy was seen as integral part of human dignity. Countering the arguments against privacy, many scholars explained privacy being necessary to build meaningful interpersonal relationships. The extend of intimacy and control over the access to others is part of privacy which requires protection for societal functions.
With evolving and advancing technology, all that we used to do in physical world can now be done on digital platforms. Today, individuals, companies, public employees, etc. are exposing personal details on daily basis on digital platforms or using those platforms to store sensitive information. For instance, in November 2022 All India Institute for Medical Sciences (AIIMS), New Delhi faced a strong cyber-attack which targeted data of 3-4 crore of patients including VIPs such as MPs, judges, Prime Minister etc.
The above-mentioned example gives more than sufficient explanation on need for digital privacy protection. Therefore, it is requirement of current society to make digital privacy a human right and for India to make legislation protecting digital privacy.
Impact of breach of digital privacy
It is an open secret that most organisations capitalise digital information of an individuals. For instance, the kind of online games one played or which platforms one tent to use more often or which kind of services a person may sought online generate incredible amount of intangible assets for a company.
These assets help an organization to learn about the capacity of market, consumer needs, improving goodwill of the company, etc. it cannot be denied that it is important for organisations to collect and work on such data for further improving their products and services to their customers. However, there must be an extend to such collections and a strategic protection must be provided to customer’s digital data. For instance, any leak of information submitted under online KYC (know your customer) process of a bank could lead to severe consequences.
People are becoming more and more distrustful of their governments and companies. According to one survey, around 86% of people in 2020 were victims to some form of online fraud or data breach. Scholars believe that this is likely to lead to if not happening already, to ‘privacy self-defence’. People will not simply withhold the data but may also give false information to protect their privacy.
Therefore, it can no longer be denied or ignore that the technological development threatens human dignity, autonomy and privacy and the exercise of human rights. hence, governments are working on preparing safeguards.
The countries need more robust mechanisms, minimising exposure and maximising privacy is a core value proposition. Data security needs to be built at both the enterprise and the user levels. Governments must work with private entities to build further as there remains a need to design-in digital defences while also managing their digital presence.
A 2021 report by OHCHR states that with steady growth in AI application and monitoring of public spaces and abuse of intrusive tools, it has become important that some serious safeguards are put in place to comply with international standards of Human Rights. Other international organisations also report similar findings with constant warning of threat to human rights and security if digital privacy is not taken seriously.
Need for legislation in India
The governments have taken the issue of digital privacy much more seriously in recent years. They have established Center for Digital Government and Digital Privacy council to probe in the matters of digital privacy and work and to elevate digital privacy education, take policies and practices to the next level, and engage elected and executive leaders in the digital privacy cause.
In India the Supreme Court has declared the right to privacy a fundamental right under article 21. This can be viewed as first step towards digital privacy protection. However, there remains many challenges for government to make laws over this matter. These issues include (but not limited to)-
Changing nature of information- defining information as private is becoming hard because seemingly harmless data such IP address, key words used in searches, websites visited, can now be combined, and analysed to identify individuals and learn personal information about an individual.
Also, most people are unaware of how much information they share online voluntarily much less about what they share involuntarily. This brings a serious problem to government to categorise what kind of information can be protected for being private and what can be kept public.
