Вы находитесь на странице: 1из 14





Right to privacy under Cyber Law

B.Com L.L.B (H)
6th semester

Submitted to:

Submitted by:

Mr. Bhanu Pratap


Malvika Bajpai

This project added new insights to my personality. It infused in me

spirit of analysis, experimentation, curiosity and judgement. It also

helped to inculcate the qualities of self-leading and of taking


decisions. To the best of my ability and with my teachers guidance

moral support, I have been able to complete this
privacy under Cyber Law.


project on Right to

Typically the education of a project requires the support of many people. In
these words I would like to show my gratitude to my
Bhanu Pratap who gave me the golden
wonderful project on the topic

opportunity to



Right to privacy under Cyber

which also helped me in

and I came to


know about so many


a lot of


new things. Im really thankful to


Malvika Bajpai

With the development of the Internet into a global market place,
the world has seen a sudden emergence of new, speedy means of
communication. Not only has the internet emerged as a lucrative
centre for the commercial transactions, it has also grown into an
area where individuals from different corners of the world get to
communicate freely and cost-effectively.
Communication, speech and expression undoubtedly constitute
some of the most basic liberties of individuals and, to a large
extent, can be considered inalienable. In the Indian context these
rights are given statutory recognition in part III of the
As a necessary corollary to the freedom to communicate and
speak, is the fact that this must be allowed with as little state
interference as possible, i.e., in the absence of state intrusion and
interference into the content of the communication. This
immediately raises the controversial issue of the right to privacy.
The right to privacy, it can be said, is considered a logical
corollary to the liberty to speak and express oneself.
An important point to note is that the Indian constitution does
not include the right to privacy as a fundamental right. Its
existence, therefore, as a constitutionally guaranteed fundamental
right is debatable. Nevertheless, the judiciary has, on more than
once occasion, opined that the right is implicit in the right under
Article 21, which provides that no person shall be deprived of his
life and personal liberty without a procedure established by law.


There is a common misconception that the right to privacy is
merely a weapon to ensure confidentiality in human affairs.
Confidentiality is, no doubt, one element in the panorama of
rights covered by the right to privacy, but it is just that one
element. It must not be forgotten that the right to confidentiality
only arises after information regarding human transactions or
affairs have reached third parties. It has to be recognised that the
right to privacy extends over the entire gamut of collection,
retention, use and disclosure of information. It stems out the
basic human desire for a secure identity of ones own and, to that
extent, cannot be denied.
In this context, it may be said that privacy involves the right to
control ones personal information and the ability to determine if
and how that information should be obtained and used.
It may be necessary to examine the guidelines along which the
extent of the right to privacy may be determined. The guidelines,
which may be generally taken as accepted, have been framed by a
European organization, named the Organisation for Economic
Co-operation and Development, in 1980.

The principles are as follows:

Firstly, collection of personal data should be done with the
consent of the person and lawfully.
Secondly, the data collected should be pertinent to the
subject under investigation. Therefore, for example, a mans
medical problems ought not to be investigated while data on
his tax returns is being collected.
Thirdly, the purpose as to collection ought to be clearly
Fourthly, such data should not be further used except
without express consent of the subject and under the
sanction of the law.
Fifthly, there ought to be adequate security safeguards so as
to prevent leakage of data into the hands of unauthorised
persons or the destruction of classified material.
Sixthly, there ought to be a higher degree of accountability
detailing the persons who are in charge of the process of
collection and this is linked with the next point, which deals
with the individuals participation in the process of data
Seventhly, the individual should have the right to confirm
whether there is any data on him and whether such data is
pertinent or relevant to the purpose for which it is collected.

He should also have the right to access any data dealing with
him at any time as may be convenient to him and such data
should be made completely available to him in a reasonable
manner and if the data collected is not entirely accurate he

should have the opportunity to point out the facilities that

may exist.
These then may be said to be the broad principles governing the
existence of the slightly ambiguous right to confidentiality.
The right to privacy has been held by the Honble Supreme Court 1
as an integral part of the fundamental right to life under Article 21
of The Constitution of India. Privacy concerns exist wherever
uniquely identifiable data relating to a person or persons are
collected and stored, in digital form or otherwise. In some cases
these concerns refer to how data is collected, stored, and
associated. In other cases the issue is who is given access to
information. Other issues include whether an individual has any
ownership rights to data about them, and/or the right to view,





various types of personal information often come under privacy

concerns. For various reasons, individuals may not wish for
personal information such as their religion, sexual orientation,
political affiliations, or personal activities to be revealed. 2

This may be to avoid discrimination, personal embarrassment, or

damage to ones professional reputation.
1 R. Rajagopal v. State of T.N. [(1994) 6 SCC 632]
2 http://astrealegal.com/right-of-privacy-in-the-light-of-cyber-law; 03/02/2014; 06:32 p.m

Spamming, sending unsolicited mails and websites collecting

information about individual surfers and selling it off for
monetary considerations lead to violation of their privacy in
Telephone Tapping is a serious invasion of an individuals
privacy. With the growth of highly sophisticated communication
technology, the right to a telephone conversation, in the privacy of
ones home or office without interference, is increasingly
susceptible to abuse.3
There is no comprehensive legislation on privacy in our country.
As such it has been left to the Judiciary to interpret privacy within
existing legislations. On April 11, 2011, Indias Ministry of
Communications and Information Technology notified the
Information Technology (Reasonable security practices and
procedures and sensitive personal data or information) Rules,
2011 under the Information Technology Act, 2000. India now has
a privacy law, brought into force with immediate effect with wide
ramifications on the way companies will do business in India.
The firm is competent to deal with cases involving invasion of
privacy even in the absence of a suitable law governing this issue.

The firm puts all its experience into use in handling cases arising
out of:
3 http://astrealegal.com/right-of-privacy-in-the-light-of-cyber-law; 08/02/2014; 12:45 p.m

Insecure electronic transmissions

Data trails and logs of email messages
Online transactions
Tracking of web pages visited
Phone tapping
Unauthorized Access
Identity theft

In this information technology era a special attention must be

paid to the privacy rights in India in the information age. We
believe that data protection requirements are essential part
of civil liberties protection in cyberspace. With the growing use of






protection requirement has become very important. It would not

be wrong to assume privacy and data protection rights as integral
part of human rights protection in cyberspace.4
However, despite the importance of these fields, till now we lack
legal frameworks in the fields of data security, data protection
and privacy protection. We urgently need to formulate data
protection law in India and privacy laws in India.

It is safe to assume that the privacy of individuals is certainly a

concern of the law. Taking this as a given, we can go on to
examine what the legal and policy response is and what it ought
to be. Fundamentally, there are various approaches that may be
4 http://perry4law.org/cecsrdi/?topic=privacy-rights-and-laws-in-india; 08/02/2014; 01:00 p.m

Reliance on Trustworthy Third Parties who will set and
enforce standards
Most legal systems will be a mixture of these approaches,
something that can easily be seen in the US.


The Federal Trade Commission (FTC) has made a key role in the
development of the response of the US Federal Legal system to
the issue of information and data. In 1998, it brought out a report
called Privacy Online, which was a report to the Congress which
was the result of a three year privacy initiative. The report
recognised of four core principles:
1. Notice Principle:
Consumers must be given notice of an entities information

2. Choice Principle:
They must have a choice with respect to use and
discrimination of information.
3. Access Principle:
Data provider should have access to current data.
4. Security Principle:
Consumers must have sufficient security from the data

The Data Protection Act, 1998 came into force recently, on the 1 st
of March, 2000. It lays down rules for processing personal
information and applies to paper records as well as those held on
computers. The Rules provide that anyone processing personal
data must comply with the eight enforceable principles of good
practice. That data must be:

Fairly & lawfully processed

Processed for limited purposes
Adequate, relevant & not excessive
Not kept longer than necessary
Processed in accordance with the data subjects rights
Not transferred to countries without adequate protection

PRIVACY UNDER INDIAN IT ACT, 2000 [section 72]

This provision deals only with information collected by a person
who secures the information in pursuance of powers that he/she
exercises under the act. When it comes to protection, TRUST is
an independent NPO and it was the first online privacy SEAL 5
programme. It provides a monitoring and oversight programme
and even a complaint procedure. It includes third party
monitoring and periodic reviews of licenses to ensure compliens
5 The online SEAL programme require these licenses to abide by course of online information
practices and to submit to various types of complaints, in order to display a SEAL on their

with programme requirement. TRUST examines and monitors

changes in licenses privacy statement and tracks unique
identifiers in their database to determine whether consumers
requests to remove themselves from the database.
Licensee must respond to all the reasonable enquiries within five
days. TRUST also plays a part in resolving consumer complaints.
It also provides for public reporting of complains and
inappropriate circumstances it will refer the cases to the
commission. In case of breach, imprisonment for a term is
sentenced which may extend to 2yrs and there is also a provision
of fine up to Rs. 100,000.

True, the right to privacy is recognised as inherent in the right to
life with dignity in Article 21 and the right to freedom of speech
and expression in Article 19. Neither of these can and should e
allowed to stand as an impediment in curbing activities
prejudicial to national security and interests. Not surprisingly,
both these rights contain express conditions when they may be

At the same time, he balance cannot be allowed to tilt completely

to one side, so as to negate the basic liberties, even when not
absolutely essential. The only way out is a compromise between
the two extremes. The Supreme Court of India must expand
privacy rights in India as that is the need of hour.
However, in the ultimate analysis, it is the constitutional duty of
Indian Parliament to do the needful in this direction. Indian
Parliament must enact sound and effective privacy and data
protection laws for India as soon as possible.

Law Relating to Computers, Internet & E-commerce by Nandan
Referred to Notes given teacher