Neither the Aadhar Project nor the UIDAI are supported by any "Legal Framework" and are well beyond the Parliamentary Oversight.
Indian Holocaust My Father`s Life and Time - SEVEN HUNDRED THIRTY NINE
Palash Biswas
http://indianholocaustmyfatherslifeandtime.blogspot.com/
http://basantipurtimes.blogspot.com/
In the Context of Biometric Identification with UID, the Proposed Privacy Bill is NOTHING but to Save Corporate Interests! It would not Protect the Sovereignty of a Citizen! The Emergence of Super Police Civil Society, Media and NGO Combined, Free Market Economy and Corporate Agenda remains Topmost Priority! The Nobel Peace Prize to Arab Spring confirms the Global Phenomenon Remote Controlled by the New Global Order Zionist Brahaminical!
Neither the Aadhar Project nor the UIDAI are supported by any "Legal Framework" and are well beyond the Parliamentary Oversight.
In fact, the recent events have clearly proved that Aadhar Project and UIDAI are portraying themselves as a part of Welfare Scheme but in reality they are Nefarious and Unconstitutional in nature.
Dr. Singh must have at least ensured "Constitutionally Sound Legal Framework" for Aadhar Project and UIDAI and inbuilt "Procedural Safeguards" so that Aadhar Project may not be misused as a Big Brother Project. However, he did not prefer to do so. On the contrary, he is actively supporting the Aadhar Project and UIDAI.
Draft Right To Privacy Bill 2011 Of IndiaThe right to privacy bill 2011 of India may be the first attempt to regulate privacy related issues. However, as per media reports it seems to be more like a data protection initiative rather than a privacy safeguarding law.
India has created a problem for itself by neglecting the privacy protection requirements for long. India has been launching projects without any legal framework and procedural safeguards. For instance, we have projects like central monitoring system (CMS), national intelligence grid (Natgrid), Aadhar, crime and criminal tracking network and systems (CCTNS), etc that are not governed by any legal framework and procedural safeguards. Even we do not have any lawful interception law in India that can be claimed to be constitutionally sound.
According to Praveen Dalal, managing partner of New Delhi base law firm Perry4Law and leading techno legal expert of India, India is the only country of the World where Phone Tapping and Interceptions are done without a Court Warrant and by Executive Branch of the Constitution of India. Phone Tapping in India is "Unconstitutional" and the Parliament of India has not thought it fit to enact a "Constitutionally Sound Law" for Phone Tappings and Lawful Interceptions. Even the Supreme Court's directions in PUCL case have proved futile and presently the Court is dealing with the issue once more, informs Dalal.
What is more surprising is the fact that the law enforcement agencies and the intelligence agencies that indulge in unconstitutional e-surveillance and phone tapping are themselves governed by no law. It is no surprise that the central bureau of India (CBI) is also not governed by any law and it is operating in India without any law. It is only now that the central bureau of investigation act 2010 was drafted. Till now it is a mere draft and has not become an enforceable law. Even the constitutional validity of the national investigation agency act 2008 is doubtful. Even the draft Intelligence Services (Powers and Regulations) Bill, 2011 has been recently circulated in the Parliament of India.
If the proposed privacy bill sees the light of the day, a data protection authority of India may be constituted. This authority must be constituted through an Indian regulatory services examination so that it can perform the challenging tasks that it would be entrusted with. For the time being, let us wait for the final draft of privacy bill available for public discussion.
http://cyberlawsinindia.blogspot.com/2011/04/draft-right-to-privacy-bill-2011-of.html
-
UID Card | UID Card info | UID Card Status | Aadhar UID Card ...
-
www.myuidcard.com/
-
23 Jun 2011 – Please note that UID authority or any other firms is not awarding any UID... UID Card Franchise | UID Card Agency | UID Number Franchise ...
-
UID Enrollment Form | Aadhaar Form - AADHAAR: What is & Why - UID Views
-
AADHAAR UID Card India, AADHAR Card Form Status Camps ...
-
uidnumber.org/
-
AADHAAR UID Card India, AADHAR Card Form Status Camps Website.
-
UIDAI
-
uidai.gov.in/
-
Aadhaar number valid Proof of Identity and Proof of Address for new mobile connections · Sukrithy becomes the one ... UID enrolment Proof of Concept Report ...
-
Unique Identification Authority of India - Wikipedia, the free ...
-
en.wikipedia.org/wiki/Unique_Identification_Authority_of_India
-
The UID will link a person's Passport Number, Driving License, PAN card, Bank Accounts, Address, Voter ID, etc. and all this information will be checked through ...
-
[PPT]
-
What is UID
-
www.acq.osd.mil/.../uid/Small_Label_UID_Format_for_Part_Trackin...
-
File Format: Microsoft Powerpoint - Quick View
-
What is UID. Set of Data Elements for tangible assets. Enterprise Identifier, SerialNumber; Enterprise Identifier, Part Number, Serial Number. Assigned by an ...
-
UID No will improve national security: Nilekani - Indian Express
-
www.indianexpress.com/news/uid-no-will-improve.../551492/
-
8 Dec 2009 – UID No will improve national security: Nilekani - The Unique Identification (UID) number would be useful in improving security in the country, ...
-
Say No to UID
-
www.nouid.in/
-
Say no to UID. In Uncategorized on October 14, 2010 by admin. Welcome to "Say no toUID!" campaign website! Please wait patiently as the site gets populated ...
-
No UID, no salary, Thane teachers told - Times Of India
-
26 Aug 2011 – MUMBAI: Teachers from schools and colleges in Thane are a worried lot.A Government Resolution (GR) dated April 18 states that all those ...
-
What Is Aadhaar Number?, What Are The Benefits Of UID/ Aadhaar ...
-
www.fingyan.com/must-know-facts-about-uidaadhaar-india-card/
-
27 Sep 2011 – FinGyan - Your Guide To Finance, Banking & Insurance Fundamentals.
-
UID applications pile up, no processing dates till Nov. | Deccan ...
-
www.deccanchronicle.com/.../uid-applications-pile-no-processing-dat...
-
7 Sep 2011 – Over 90 centres across the city are now issuing only limited number of forms as any fresh forms can be processed only after November. Over 3 ...
UID Cards
Unique Identification Authority of India (UIDAI) rolls out one of the most ambitious and innovative projects, UID Cards, in next few days. Its chairperson, Nandan Nilekani says UID won't be a proof of citizenship but will effectively verify a person's identitiy. Overly emphasized, will UID (Aadhar) live up to its exaggerated image? Read our extensive coverage.
08 October 2011 Last updated at 22:33 GMT
Latest Articles on UID Cards
Why won't Anna wait for bill to be passed: Congress
Terming Hazare's decision to campaign against as unfortunate, Congress said the government was committed to setting up Lokpal.
UIDAI wins court battle against HCL Technologies
HCL had taken Unique Identification Authority of India to court after the latter forfeited a bank guarantee for non-bidding by HCL Tech.
UIDAI gets first complaint of misuse of personal data
The UIDAI is looking into a complaint of misuse of personal data while issuing unique 'Aadhaar' numbers to individuals.
More Articles about UID Cards
30 Sep:
Aadhaar cards valid proof of residence...
30 Sep:
UIDAI chairman Nandan Nilekani defends...
29 Sep:
Denial of funds to UIDAI not a setback...
29 Sep:
Aadhaar a valid residence proof for op...
29 Sep:
UIDAI working under the powers delegat...
28 Sep:
One million people to enroll per day f...
28 Sep:
UID tender delay: IT companies like Ac...
28 Sep:
Planning Commission wants Nandan Nilek...
27 Sep:
UID to miss September deadline, govern...
27 Sep:
Is Nandan Nilekani's UID dream run ove...
26 Sep:
Tripura leads in enrolments for Aadhaa...
14 Jul:
Panel headed by Montek suggests UID to...
06 Jul:
Nilekani panel wants cap on subsidized...
03 Jul:
UIDAI ties up with Dept. of Post to ex...
24 Jun:
UIDAI: Nandan Nilekani plans to create...
17 Jun:
Unique ID project set to meet target: ...
15 Jun:
BOI launches UID enrolment project
http://economictimes.indiatimes.com/fullcoverage/uid-cards
MONDAY, JUNE 6, 2011
Right To Privacy Bill Of India 2011Law minister Veerappa Moily is planning to introduce the privacy law of India in the forthcoming monsoon session of the parliament. Till now we have no dedicated statutory privacy law in India. The Supreme Court of India has interpreted right to privacy as a fundamental right under article 21 of the constitution of India.
The need to have a privacy law in India has arises as Indian government has launched many e-surveillance and national security related projects without proper privacy and civil liberties safeguards. Projects like Aadhar, National Intelligence Grid (Natgrid), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), etc. None of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny.
Now law ministry is trying to give some minimum privacy safeguards from these projects. The right to privacy bill 2011 of India would provide for such a right to citizens of India and to regulate collection, maintenance, use and dissemination of their personal information. The Bill also contains penal provisions for violation of privacy rights.
The Bill says, "every individual shall have a right to his privacy — confidentiality of communication made to, or, by him — including his personal correspondence, telephone conversations, telegraph messages, postal, electronic mail and other modes of communication; confidentiality of his private or his family life; protection of his honour and good name; protection from search, detention or exposure of lawful communication between and among individuals; privacy from surveillance; confidentiality of his banking and financial transactions, medical and legal information and protection of data relating to individual."
The bill gives protection from a citizen's identity theft, including criminal identity theft (posing as another person when apprehended for a crime), financial identify theft (using another's identity to obtain credit, goods and services), etc.
The bill prohibits interception of communications except in certain cases with approval of Secretary-level officer. It mandates destruction of interception of the material within two months of discontinuance of interception.
The bill provides for constitution of a Central Communication Interception Review Committee to examine and review the interception orders passed and is empowered to render a finding that such interception contravened Section 5 of the Indian Telegraphs Act and that the intercepted material should be destroyed forthwith. It also prohibits surveillance either by following a person or closed circuit television or other electronic or by any other mode, except in certain cases as per the specified procedure.
As per the bill, no person who has a place of business in India but has data using equipment located in India, shall collect or processor use or disclose any data relating to individual to any person without consent of such individual.
The bill mandates the establishment of a Data Protection Authority of India, whose function is to monitor development in data processing and computer technology; to examine law and to evaluate its effect on data protection and to give recommendations and to receive representations from members of the public on any matter generally affecting data protection.
The Authority can investigate any data security breach and issue orders to safeguard the security interests of affected individuals in the personal data that has or is likely to have been compromised by such breach.
The bill makes contravention of the provisions on interception an offence punishable with imprisonment for a term that may extend up to five years or with fine, which may extend to Rs. 1 lakh or with both for each such interception. Similarly, disclosure of such information is a punishable offence with imprisonment up to three years and a fine of up to Rs. 50,000, or both.
Further, it says any persons who obtain any record of information concerning an individual from any officer of the government or agency under false pretext shall be punishable with a fine of up to Rs. 5 lakh.
For some strange reasons, the law ministry has not made the Bill public. By making the Bill public useful public inputs could have been obtained. Without analysing the copy of the Bill, we cannot comment upon the legality and constitutionality of the same. All we can say at this point of time is that the proposed Bill must protect human rights in cyberspace to be valid and constitutional and it must respect the privacy rights of Indian in the information age.
http://ictps.blogspot.com/2011/06/right-to-privacy-bill-of-india-2011.html
Publication of Radia tapes infringes on right to privacy: Tata
J. VENKATESAN
SHARE · COMMENT (3) · PRINT · T+
Unauthorised publication of his private conversations with business woman Niira Radia recorded by the Directorate-General of Income Tax has infringed his right to privacy, industrialist Ratan Tata asserted in his writ petition filed in the Supreme Court on Monday.
Mr. Tata said that since April-May 2010, there had been reports in the media that the DGIT had authorised the interception and recording of telephone conversations Ms. Radia had with various people. The reports also suggested that these recordings made by the IT department for the purpose of its investigations were thereafter handed over to the CBI.
Mr. Tata made it clear that he was not challenging the right of the statutory authorities to make a recording of private telephone conversations and the power of the CBI to use the transcripts for the purpose of investigations. He was aggrieved by the failure of the authorities to take adequate steps to protect the privacy of those whose conversations were recorded and to act in accordance with the Rules under the Indian Telegraph Act in dealing with these transcripts. Even if the transcripts were illegally obtained by someone, no steps were taken to retrieve them and prevent their dissemination in public.
He said the unauthorised publication of a private conversation between two citizens was protected by the "right to privacy" under Article 21 of the Constitution as the publication of such conversations could seriously damage their reputation. Quoting a series of Supreme Court judgments, he said telephone tapping, unless it was permitted under the procedure established by law, would infract Article 21 of the Constitution and any restriction imposed on making such tapes public would come under the purview of reasonable restrictions under Article 19 (2) of the Constitution.
CONSTITUTIONAL DUTY
Mr. Tata said that Article 21 would extend to the protection of his reputation and that of those similarly situated. There would be a constitutional duty on the part of the Union of India and its agencies to exercise their power under the law to recover the data obtained without authorisation and prevent its further dissemination.
He sought a direction to the authorities to take all steps as might be necessary to retrieve as far as possible all the recordings; a direction to the CBI to conduct a thorough enquiry into the matter; and a direction to ensure that there was no further publication of these recordings — either as audio files through the Internet or as transcripts in any media, print or electronic.
Keywords: 2G spectrum scam, Radia tapes
http://www.thehindu.com/news/national/article924243.ece-
Nobel Peace Prize 2011: President Barack Obama praises female winners
Telegraph.co.uk - 6 hours ago
Mr Obama won the Nobel Peace Prize himself in 2009 for his efforts to reduce the global stockpile of nuclear weapons and bring about world peace.
ABC News
Nobel prizes 2011 The Voice of Russia
Stay true to yourself, advises previous woman winner of Nobel ... CNN
* -
Kenya Says Final Goodbye to Wangari Maathai
Voice of America - 4 minutes ago
October 08, 2011 Kenya Says Final Goodbye to Wangari Maathai VOA News ... in 2004 when she was awarded the Nobel Peace Prize for her environmental work, ...
Kenyans bid farewell to Wangari Maathai, the first African woman ... Washington Post
Kenya gives fitting send-off to Nobel laureate Wangari Maathai Africa Review
Kenyan Nobel laureate Maathai cremated in Nairobi Middle East North Africa Financial Network
* -
Nobel Prize winners
Washington Post - Fredrik Sandberg - 1 day ago
Charles Dharapak / AP Liberian peace activist Leymah Gbowee, left, was among three women who won the 2011 Nobel Peace Prize, announced Oct. 7, 2011. ...
AP Interview: Nobel Peace Prize winner 'obvious' San Francisco Chronicle
Nobel Prize to Ralph Steinman remains valid Microfinance Monitor
2011 Nobel Prize in Medicine Under Review Voice of America (blog)
* -
A look at the winners of the 2011 Nobel Prizes
Hindustan Times - 1 day ago
Nobel Peace Prize: Liberian President Ellen Johnson Sirleaf, Liberian activist Leymah Gbowee and Tawakkul Karman of Yemen were honored "for their nonviolent...
* -
Offbeat: Winners of the 2011 Ig Nobel Awards
The Express Tribune - 9 hours ago
The 2011 Ig Nobel winners, awarded at Harvard University by the Annals of ... We've all heard of the Nobel Peace Prize, but have you heard about the Ig ...
Science humor: 2011 Ig Nobel Prizes Johns Hopkins News-Letter
Improbable research has extraordinary results The Simmons Voice
Using one's brain is artful Comet 24
* -
Nobel Laureate's Wife a Prisoner in China as Well
Voice of America - 21 hours ago
Related Articles Obama Salutes New Nobel Laureates Paying tribute to three winners of 2011 Nobel Peace Prize, president says this year's award is testament...
For Chinese Nobel Laureate's Wife, Peace Prize Means Silence TIME (blog)
Nobel peace prize: the contenders The Guardian
China's Jailed Nobel Laureate One Year Later ABC News (blog)
* -
3 women share Nobel Peace Prize
Chicago Sun-Times - Bjoern H. Amland - Karl Ritter - 12 hours ago
Africa's first ... regime won the Nobel Peace Prize on Friday Oct. 7, 2011 for their work to ...
-
Abaal Marinta Noble Peace Prize
Voice of America - 17 hours ago
Jimco, 07 October 2011 Abaal Marinta Noble Peace Prize Sadex haween oo laba ka mid ah ay ka soo jeedaan Liberia iyo Gabar reer Yemen ah ayaa ku guuleeystay ...
-
Tawakkol Karman's Moral Vision
New Yorker (blog) - Dexter Filkins - 17 hours ago
Photographs: Tawakkol Karman in Sanaa, in March, 2011. ... When the news reached Tawakkol Karman that she'd won a Nobel Peace Prize, she was sitting in a ...
Yemen's Woman-Hero Revolutionary Daily Beast
Yemen: Descending Into Despair World Policy Institute (blog)
NOBEL-LD PEACE 2 IBNLive.com
* -
Nations Cup 2012: Guinea Edges Out Nigeria
The Streetjournal - 1 hour ago
Africa's first elected female President; Ellen Johnson-Sirleaf has been named as a winner of the 2011 Nobel Peace Prize. The Liberian President emerged ...
*
Keep up to date with these results:
-
Create an email alert for nobel peace prize 2011
"Right to privacy," like other fundamental rights in the Constitution and statutory rights under various laws, will soon become a reality. Union Law Minister Veerappa Moily indicated that a bill in this regard would be introduced in the monsoon session.
The Right to Privacy Bill (a copy is with The Hindu) is to provide for such a right to citizens of India and to regulate collection, maintenance, use and dissemination of their personal information.
Talking to The Hindu, Mr. Moily said the bill also provided for penal action for violation of such right.
The bill comes in the backdrop of the Centre's assurance in the Supreme Court during the course of hearing of a writ petition filed by industrialist Ratan Tata, challenging the publication of "Niira Radia tapes," alleging that such publications violated his right to privacy.
The bill says, "every individual shall have a right to his privacy — confidentiality of communication made to, or, by him — including his personal correspondence, telephone conversations, telegraph messages, postal, electronic mail and other modes of communication; confidentiality of his private or his family life; protection of his honour and good name; protection from search, detention or exposure of lawful communication between and among individuals; privacy from surveillance; confidentiality of his banking and financial transactions, medical and legal information and protection of data relating to individual."
The bill gives protection from a citizen's identity theft, including criminal identity theft (posing as another person when apprehended for a crime), financial identify theft (using another's identity to obtain credit, goods and services), etc.
The bill prohibits interception of communications except in certain cases with approval of Secretary-level officer. It mandates destruction of interception of the material within two months of discontinuance of interception.
The bill provides for constitution of a Central Communication Interception Review Committee to examine and review the interception orders passed and is empowered to render a finding that such interception contravened Section 5 of the Indian Telegraphs Act and that the intercepted material should be destroyed forthwith. It also prohibits surveillance either by following a person or closed circuit television or other electronic or by any other mode, except in certain cases as per the specified procedure.
As per the bill, no person who has a place of business in India but has data using equipment located in India, shall collect or processor use or disclose any data relating to individual to any person without consent of such individual.
The bill mandates the establishment of a Data Protection Authority of India, whose function is to monitor development in data processing and computer technology; to examine law and to evaluate its effect on data protection and to give recommendations and to receive representations from members of the public on any matter generally affecting data protection.
The Authority can investigate any data security breach and issue orders to safeguard the security interests of affected individuals in the personal data that has or is likely to have been compromised by such breach.
The bill makes contravention of the provisions on interception an offence punishable with imprisonment for a term that may extend up to five years or with fine, which may extend to Rs. 1 lakh or with both for each such interception. Similarly, disclosure of such information is a punishable offence with imprisonment up to three years and a fine of up to Rs. 50,000, or both.
Further, it says any persons who obtain any record of information concerning an individual from any officer of the government or agency under false pretext shall be punishable with a fine of up to Rs. 5 lakh.
http://www.thehindu.com/news/national/article2082643.ece-
Senators Propose Privacy Bill of Rights - WSJ.com
- online.wsj.com/.../SB1000142405274870338540457625894226854...
- 13 Apr 2011 – The bill, labeled the Commercial Privacy Bill of Rights Act of 2011, would impose new rules on companies that gather personal data, including ...
- [PDF]
-
"The Commercial Privacy Bill of Rights Act of 2011" Summary
- kerry.senate.gov/.../...
- File Format: PDF/Adobe Acrobat - Quick View
- "The Commercial Privacy Bill of Rights Act of 2011". Summary. The Kerry-McCain Commercial Privacy Bill of Rights Act of 2011 would establish rights to protect ...
-
Well-Meaning "Privacy Bill of Rights" Wouldn't Stop Online Tracking ...
- www.eff.org › Deeplinks Blog › April, 2011
- 14 Apr 2011 – On Tuesday, Senators John McCain and John Kerry introduced the long-awaited Commercial Privacy Bill of Rights, a sweeping bill that covers ...
-
US senators introduce online privacy 'bill of rights'
- www.physorg.com/.../2011-04-senators-online-privacy-bill-rights.ht...
- 12 Apr 2011 – US senators John Kerry and John McCain introduced an online privacy bill Tuesday that seeks to strike a balance between protecting the ...
-
The "Privacy Bill of Rights" – A WatchGuard Perspective ...
- watchguardsecuritycenter.com/2011/.../the-"privacy-bill-of-rights"-–...
- The "Privacy Bill of Rights" – A WatchGuard Perspective. April 12, 2011 by Chris McKie 9 Comments. "Whenever industry fails to self-regulate, government will ...
-
Commercial Privacy Bill Of Rights Act Of 2011 | Threat Level | Wired ...
- www.wired.com/.../commercial-privacy-bill-of-rights-act-of-2011/
- 12 Apr 2011 – Still, the measure was met with resistance from privacy advocates who said the Commercial Privacy Bill of Rights Act of 2011 did not go far ...
-
The Commercial Privacy Bill Of Rights Act Of 2011 – What Does It ...
- www.site-reference.com/.../commercial-privacy-bill-rights-act-2011-...
- 27 Apr 2011 – If passed into law, The Commercial Privacy Bill of Rights will have a huge impact on how personal information is collected, used, and shared by ...
Video: Is the Proposed Privacy Bill of Rights Needed?
* - videos.webpronews.com/2011/.../is-the-proposed-privacy-bill-o...15 Apr 2011 - 6 min
- Earlier this week, U.S. Senators McCain and Kerry introduced a privacy bill. The bill is aimed to give users more control ...
- More videos for privacy bill of rights 2011 »
-
Privacy Legislation's Potential Impact on Online Media — Tech ...
- gigaom.com/2011/.../privacy-legislations-potential-impact-on-online-...
- ... the bipartisan Kerry-McCain bill proposed legislation on a Commercial Privacy Bill of Rights that ... By David Card Apr. 18, 2011, 4:30pm PT Comments Off ...
-
Draft "Commercial Privacy Bill of Rights Act of 2011" Published : HL ...
- www.hldataprotection.com › Consumer Privacy
- 23 Mar 2011 – This blog entry details the major provisions of the draft Kerry/McCainprivacy legislation that is circulating around Washington. As explained in ...
Analysis of the Privacy Bill, 2011
BY APAR GUPTA ⋅ JUNE 27, 2011 ⋅ POST A COMMENT
FILED UNDER PRIVACY
Image by anitakhart via UpdateFlickr
Update 18.08.2011 - PIB Release says, "The Government proposes to bring out a legislation that will provide protection to individuals in case their privacy is breached through unlawful means. For the purpose it is working on 'Right to Privacy' Bill. The drafting of the legislation is at a very preliminary stage and details of the legislation are yet to be finalized." (Ministry of Personnel, Public Grievances & Pensions, Right to Privacy Bill, Release ID :74743)
This post contains a summary of the third working draft of the Privacy Bill, 2011 dated 19thApril, 2011 which aims to create a statutory right to privacy in India (download here). This note also contains an analysis on the significant features of the enactment. I will be posting comments on its provisions in the coming weeks.
It is important to note that the Privacy Bill, 2011 which as per media reports is to be introduced by the government in the next session of parliament has not been formally made public or a consultation process has been followed in its drafting (Prashant writes on the drafting process here). In case of any questions or comments please contact me atmail@apargupta.com. I would like to acknowledge the work put in by an Akansha Nehra, an intern at my office in helping me with this note.
The readability of this post is somewhat hampered due to a lack of formatting which is not carried forward from Mircrosoft Word to WordPress. To counter this I am embedding a PDF towards the end of the post.
-
1. The Privacy Bill, 2010 : a broad level view
a) It creates a statutory Right to Privacy by means of a broad definition and then creates specific of protections for it. Recognising the Right to Privacy not to be absolute, the Bill identifies various privacy breaches that are permitted. In the Bill, certain prohibited acts are also identified for which civil remedies as well as criminal sanctions are created.
b) The government interception and telephone tapping mechanism is changed moderately from the existing system. The modification is with respect to several procedural safeguards which are put into place to avoid unauthorised and unnecessary tap orders.
c) A regulatory mechanism is created through the Data Protection Authority of India. It will exercise supervision over private parties which will engage in the collection and storage of personal data.
d) Further, in the system suggested, the Bill identifies specific officers/position holders in various entities (that may be involved in various breach of the right) who shall be held responsible, in case of any wrong act or any default.
e) Disputes under the Bill will be referred to the Cyber Appellate Tribunal which has been set up under the Information Technology Act. These disputes are primarily in the nature of claims by individuals against private data controllers.
- 2. INDEX: CONSTITUENTS OF THE BILL
The Bill contains fifteen chapters and ninety four sections and has been divided in the following manner
Chapter Section Number Name I 1, 2 Preliminary II 3 Right to Privacy III 4-13 Privacy of Communication and Prohibition from its Interception IV 14-23 Procedure for Interception of Communication V 24 Prohibition of Surveillance and its Regulation VI 25-26 Use of Photographs, Fingerprints, Body samples of persons, DNA samples, and other samples taken at Police Station VII 27-28 Health Information Privacy VIII 29-31 Privacy relating to Data IX 32-42 Obligation and Procedure for collecting or processing or using or disclosing data X 43-48 Residuary XI 49-62 The Data Protection Authority of India XII 63-66 Grants, Funds, Accounts and Audit and Annual Report XIII 67 Settlement of Disputes XIV 68-84 Offences and Penalties XV 85-94 Miscellaneous - 3. SCOPE OF RIGHT TO PRIVACY
- Section 3(1) provides for the Right to Privacy and stipulates that every individual has a right to privacy and the same is subject to any law for the time being in force or an order of the Court. It is important to bear that this acts as an carve out since any the privacy right under the Privacy Bill which is created is subject to existing laws. The privacy rights are in addition to existing laws and not in derogation to them. Hence any existing law which is in conflict with any of the mandates of the Privacy right under Section 3 enjoys preference and legal validity.
- Interestingly though, several laws have been made exempt from the privacy right under Section 90. Though ordinarily these laws would have been exempt as per Sec. 3(1), the draftsman seems to be leaving nothing to chance by excluding statutes such as the Right to Information Act; The Prevention of Corruption Act; from the ambit of the privacy right. It is also important to comment on a saving provision under Section 89, which makes space for any nature of right to be also included in the scope of the statutory right of privacy, which may be subsisting already.
- Section 3(2) provides for an inclusive definition by providing for 12 kinds of manifestations of privacy, which are listed below:
a) Confidentiality of communication
b) Confidentiality of private/ family life
c) Protection of honor and good name
d) Protection from search, detention, or exposure of lawful communication between and among individuals
e) Privacy from surveillance
f) Confidentiality of banking and financial transactions
g) Confidentiality of medical and legal information
h) Protection from identity theft (criminal, financial, identity cloning, medical)
i) Protection from use of photographs, fingerprints, DNA samples, and other samples taken at police stations or other places
j) Privacy of health information
k) Protection of data relating to an individual.
4. PRIVACY OF COMMUNICATION AND INTERCEPTION
-
After creating the right to privacy under Sec. 3(2), the Bill provides prescriptions for the confidentiality of communication and safeguards for their interception under Chapters III and IV of the Bill. It is important to bear that the privacy right in India is essentially a set of procedural safeguards. The more safeguards the stronger the privacy right. The expanse of the legal provisions recognises that the most prevalent privacy breach is with respect to the interception of communications.
-
The terms, "confidentiality" has been defined as, "a process of sharing facts, ideas, opinions, thoughts, and information through speech, writing, gestures, sound, images, signals or pictures, graphs, symbols, diagrams between two or more individuals through telephonic conversations, radio messages, electronic mode (including internet or satellite) or postal letter or any other mode". Interception further has been defined as, "undertaking the stopping of transmission of any communication, or interception or detention thereof (including tapping of the telephone conversation or copying of data)". The interception safeguards are explained in a tabular form below:
Feature Provision Rule of Privacy Privacy is not Absolute Section 4 stipulates the right of any citizen of India, to have his communication protected from interception. But, the same is not an absolute right and is limited by the provisions of the Bill under discussion. Condition [Procedure] There are two conditions precedent to intercept a communication legally.Firstly, the conditions under Section 5(2) of the Indian Telegraph Act, 1885 must be satisfied. Secondly, an order must be issued by an officer not below the rank of Home Secretary [Ministry of Home Affairs, Government of India] and the Home Secretaries of the State Governments which records the satisfaction of these conditions. Application The provision applies to any surveillance. It also applies to activities incidental to interception. Exception An exception is created with respect to the authorities that can make such an order, and it is permitted that this power can be delegated to another officer of a stipulated rank. Further, in emergent situation (the kinds have been specified) interception can be made without an order under Section 5, after obtaining subsidiary approvals from the Central and the State governments (stipulated officers). Secondary Procedure Under Section 6(2), such subsidiary approval giving authority has to within 3 working days place the order before an appropriate authority and seek confirmation. Such authority should send a confirmation within 7 working days. Deemed Discontinuance If no confirmation is received, then the interceptions will have to be discontinued and any further interception will require permission of the Union Home Ministry or the State Home Secretary, as the case maybe. System Employed The system proposed by the Bill identifies two bodies. One is the Requisitioning Service Agency (Government) and the other is the Service Provider (the Telecommunications Company or the ISP). Each has been required to appoint nodal officers and the transaction of exchange of any information collected shall occur only between them. Strict guidelines are provided for such exchange, as the same has been asked to follow a method of exchanging appropriate acknowledgement letters, etc. Liability of Service Provider Further, the Service Providers have been placed with responsibility, as they have to every fifteen days submit a list of authorizations, to the Security agencies for confirmation of authenticity of the directions received by them. Further, stipulations are provided with respect to secrecy, maintenance of data, destruction of records etc. This will check unauthorized tap orders purportedly emanating from government as noticed in the recent decision of Amar Singh v. Union of India WP(C) 39/2006 (available at http://www.indiankanoon.org/doc/1082001/) . Liability of Requisitioning Security Agency The authority must maintain the records of such orders, the intercepted communication, etc. The Order must contain appropriate details with respect to the communication being intercepted, the authority permitting the same, etc. Validity of Order The Bill provides that the option of intercepting a communication should be limited to that much as is necessary,[1] and that the said permission will cease to have effect on the expiry of 2 months, unless renewed.[2] It also provides that if any other alternative mechanism exists to collect the said information, it should be used instead. Review Committee The order or confirmation should be tabled before the concerned Review Committee, within one week, which should look into the relevancy of each order on its own motion. The interception mechanism sought to be created by the Privacy Bill, 2011 is represented in a process flow below:
5. OTHER MANIFESTATIONS OF RIGHT TO PRIVACY
Along with the provisions for the breach of communications privacy, the Privacy Bill, 2011 also prescribes various safegaurds for the other forms of privacy which are mentioned under Sec. 3(2). These forms of privacy as well as the permissible breaches are presented in the table below:
Kind of Right Stipulations and Limitations Use of materials collected at a Police Station Nature of Material The right identified herein is in the light of use of materials like photographs, fingerprints, DNA samples, of any citizen of India. User The use of such material by another person is the ambit of the said provision and includes Government officer as well. Nature of Prohibited Use This is applied in context of revealing material (one's personal or private information) in public which will adversely affect his right to privacy, such as to amount to a civil wrong. Permitted Use This rule is relaxed by stating that such materials maybe collected with the consent of the individual or if it is needed under any other law (such as the Code of Criminal Procedure, 1973). Procedure to be taken care of This is implied to be used for the purposes stipulated (by means of law or consent) and after such use should be destroyed or returned. Health Information Privacy Nature of Information This rule applies to collection of health information in respect of an individual User The use that is being analysed under this provision is by another person, including a Government officer as well. Nature of Prohibited Use This is applied in context of revealing such health information in public which will adversely affect his right to privacy, such as to amount to a civil wrong. Nature of Permitted Use The use that is permitted is by collecting with his consent or under any other law. Procedure to be taken care of This is implied to be used for the purposes stipulated by his consent and after such use should be destroyed or returned. Without Consent The information collected by said means, the nature of use, duration of retaining of such information, and manner of disposal shall be as per the law. Conditional Use Such information, collected by whatever means, should not be revealed to the public Privacy relating to Data Category of User This provision covers such person which has a place of business in India or if does not have a business in India, but has a Data Using Equipment in India Persons not having business in India, shall nominate a representative for collecting/using/processing/disclosing data. Nature of Permitted Use May be collected with his consent or under the said Bill or any other law Nature of Use Excluded If the processing of data meant for transmission outside India is by using equipment located in India, solely for the purpose of such transmission, it is permitted. Violation of right to privacy Any disclosure by a person of information (as stipulated under this kind) of a person without his consent or not in accordance with any law, shall be violation of the Right to Privacy. Exceptions 11 exceptions to this right have been provided for under which a person may collect/process/use/disclose, under Section 30. Nature of Collectable Personal Data Data is a part of the public record, or has been made public by said individual Individual has consented on collection of such data from an alternative source (other than public records) Restriction on Collection of Personal data If it is collected directly, appropriate details must be disclosed to the individual. Restriction on Processing of Data It has been provided that the data must be collected for the purpose for which permission has been sought and in a fair, appropriate and lawful manner. Right of a Data Subject in situation of Data Processing In case of data processing for an Unsolicited Commercial Communication, the data subject has the right to make an application to the Data Controller to discontinue such processing. Features No individual can be coerced to disclose certain details as a pre-condition to the provision of goods or services, in addition to information that is needed to functionally provide it. A separate category of sensitive personal data has been identified and the use of such data requires distinct permissions, etc. Further there are specific provisions for Data Retention, Data Security and its Breach, Data Access and its correction as well Residuary Provisions Chapter X acts as the Residuary manifestations of an individual's right to privacy, and provides for acts of maintenance of records, use and disclosure of information, etc. - 6. BODIES UNDER THE PRIVACY BILL, 2011
-
Data Protection Authority of India
The Data Protection Authority of India has been set up as a regulatory body to administer the Privacy right created under the Privacy Bill, 2011. The Bill provides for 13 functions that the Authority performs. These include, ensuring compliance with the provisions with respect to data under the Bill by the bodies to which it applies, monitor developments in science and technology and policy to keep them upbeat with the rights, maintain appropriate network with respect to data controllers and the Registry, to attempt to increase and spread literacy in this aspect and involve public and also includes its power to investigate any data breaches, etc. The Authority has power to pass three types of orders, those seeking, disclosure, inquiry or inspection.
2. National Data Controller Registry
This is in the form of an online database in order to facilitate the efficient and effective entry of particulars by data controllers. A data controller has the permission to process any personal data of any data subject, only after the data controller has made an entry in the registry. The database shall contain details of the purpose with which a data controller seeks to process any data. This shall be available to public free of cost. Appropriate data protection protocols and correction procedure are proposed to be prepared.
3. Cyber Appellate Tribunal
Civil disputes such as claims for compensation under the Privacy Bill, 2011 are proposed to to be reffered to the Cyber Regulations Appellate Tribunal which is established under Section 48 of the Information Technology Act, 2000. The jurisdiction of the Tribunal conferred under Section 67 of the Privacy Bill, 2011 confers two types of jurisdictions. Firstly, original jurisdiction with respect to any dispute arising between an individual and a data controller. Secondly appellate jurisdiction with respect to any appeal from any order or direction or decision of the Authority [Data Protection Authority of India]. It is of interest that this Appellate Tribunal through this Bill will be given original jurisdiction where earlier it only sat as a court of appeal.
- 7. OFFENCES AND PENALTIES
Section Provisions Offence Offender Penalty Other Details Imprisoment upto Fine upto Both 68 Chap. III and IV Unauthorised Interception of Communication undertakes interception of any Communication 5 yrs 1 lakh Both - 69 Disclosure of Intercepted Communication intercepts or has any personal information 3 yrs 50,000/- Both Exceptions 70 Chap. VIII Obtaining personal information on False Pretence requests for such information on false pretence - 5 lakhs - From any person or Officer of the Government 71 Chap. III and IV Violation of conditions of License to Service Providers Service Provider Suspend/Revoke license Conditions pertaining to maintenance of secrecy and confidentiality of information and unauthorised interception of communication Without Prejudice to liability under license or any other law 72 Chap. V Undertaking surveillance in contravention of Section 24 undertakes the surveillance 5 years 1 lakh Both For each surveillance 73 Chap. VIII Disclosure of other Personal Information Any officer or Employee of the Service Provider or the Government (who has possession of or access to Records of the Service Provider or Government - 5 lakhs - Records which contain Individually identifiable Information or personal information Information is such that disclosure is prohibited under this Bill or any other law or which affects the right of an individual The offender knows disclosure is prohibited and wilfully discloses to one not entitled to know the same 74 Chap. VI taking and using of photographs, fingerprints, DNA samples in public takes such material and uses them 5 years 1 lakh Both of any Citizen of India 75 Chap. VII Not permitted declaration of Health Information discloses it 6 months 1 lakh Both Information with respect any citizen of India (in contravention of provisions of this Bill) Section With respect to Offence Offender Penalties 1st Time offence Second or Subsequent Offence [Extend to] Continuing Offence [For every day] 77 Chapter XI Contravention of Directions of the Data Authority Violator 1 lakh 2 lakhs 2 lakhs (for every day) 78 Chapter VIII Data Theft Person who (intentionally and without authorisation from Data Subject or Data Controller) acquires or gains access to any personal data 7 lakhs 10 lakhs - 79(1) Chapter IX Unauthorised Processing of personal data Any person processing any personal data in contravention of Chapter II 1 lakh 5 lakhs [For each subsequent offence] - 79(2) Any person processes personal data without first making an entry in the Registry 5 lakhs - - 80 Chapter X Contravention of Chapter X - 1 lakh 5 lakhs [For each subsequent offence] - - 8. REMEDIES UNDER THE BILL
The Bill recognises the right to privacy, in its various ambits. Hence, it also provides what all can be pursued in case of its violation. The following remedies are available to an aggrieved person.
a) Compensation
Any person who suffers damage can claim for compensation any damage caused to him by any data controller, under section 76. The damage must be due to any contravention on part of the data controller. Here it is sought to be clarified that the amounts described in the table are with respect of penalties. These penalties operate as fines. They are intended to deter illegal conduct. However, compensation which is provided under Sec. 76 acts as a remedy aims to restitute the loss of the person complaining of damage.
b) Civil Remedies
Section 84 provides that the individual, whose right to privacy has been adversely affected, may bring a civil action against such persons have caused such violation. This is addition to any criminal proceedings existing against such person (violator).
c) Criminal Remedies
Chapter XIV provides for various offences that may be committed under the nature of right provided for under this bill. But, the rider is provided for under Section 82, where any Court may take cognizance of offence under this Bill, solely on the compliant made by the Authority.
[1]Section 9
[2] Section 10(1)
PDF
http://www.iltb.net/2011/06/analysis-of-the-privacy-bill-2011/
Republic of India
The Constitution of 1950 does not expressly recognize the right to privacy.[1467] However, the Supreme Court first recognized in 1964 that there is a right of privacy implicit in the Constitution under Article 21 of the Constitution, which states, "No person shall be deprived of his life or personal liberty except according to procedure established by law."[1468]
There is no general data protection law in India. In June 2000 the National Association of Software and Service Companies (NASSCOM) urged the government to pass a data protection law to ensure the privacy of information supplied over computer networks and to meet European data protection standards.[1469] The National Task Force on IT and Software Development had submitted an "IT Action Plan" to Prime Minister Vajpayee in July 1998 calling for the creation of a "National Policy on Information Security, Privacy and Data Protection Act for handling of computerized data." It examined the United Kingdom Data Protection Act as a model and recommended several cyber laws including ones on privacy and encryption.[1470] No legislative measures, however, has been considered to date.
In May of 2000, the government passed the Information Technology Act, a set of laws intended to provide a comprehensive regulatory environment for electronic commerce.[1471] The Act also addresses computer crime, hacking, damage to computer source code, breach of confidentiality and viewing of pornography. Chapter X of the Act creates a Cyber Appellate Tribunal to oversee adjudication of cyber-crimes such as damage to computer systems (Section 43) and breach of confidentiality (Section 72). After widespread public outcry, sections requiring cyber-cafes to create detailed records about their customers' browsing habits were dropped. The legislation gives broad discretion to law enforcement authorities through several provisions. Section 69 allows for interception of any information transmitted through a computer resource and requires that users disclose encryption keys or face a jail sentence up to seven years.Section 80 allows deputy superintendents of police to conduct searches and seize suspects in public spaces without a warrant. This section in particular appears to be targeted at cyber-cafe users where an estimated seventy-five percent of Indian Internet users access the web.[1472] Section 69 gives tremendous powers to Controller of Certifying Authorities (CCA) to direct interception of any information transmitted through any computer resource. This direction is only to be given if the CCA is satisfied that it is necessary or expedient so to do in the interests of the following:-the sovereignty or integrity of India, the security of the state, friendly relations with foreign states, public order, or for preventing incitement to the commission of any cognizable offence.[1473] Section 44 imposes stiff penalties on anyone who fails to provide requested information to authorities, and Section 67 imposes strict penalties for involvement in the electronic publishing of materials deemed obscene by the government. Chapter III of the Act gives electronic records and digital signatures legal recognition, and Chapter VI authorizes the Government to appoint a CCA, who will license certifying authorities before they can operate in India and will act as the repository of all Digital Signature Certificates issued under the Act.
Following the enactment of the IT Act the Ministry of Information Technology adopted the Information Technology (Certifying Authorities) Rules in October 2000 to regulate the application of digital signatures and to provide guidelines for Certifying Authorities.[1474] The Digital Signature regime in India has become operational with effect from February 2002. The CCA has also appointed numerous licensed Certifying Authorities includingSafe Script, National Informatics Centre, the Institute of Development and Research in Banking Technology, and Tata Consultancy Services.
There is also a right of personal privacy in Indian law. Unlawful attacks on the honor and reputation of a person can invite an action in tort and/or criminal law.[1475] The Public Financial Institutions Act of 1993 codifies India's tradition of maintaining confidentiality in bank transactions.
In March 2000 the Central Bureau of Investigation set up the Cyber Crime Investigation Cell (CCIC) to investigate offences under the IT Act and other high-tech crimes.[1476] The CCIC has jurisdiction over all of India and is a member of the Interpol Working Party on Information Technology Crime for South East Asia and Australia. Similar cells have been set up at the state and city level, for example in the state of Karnataka and the city of Mumbai. In June 2002 the central government authorized the National Police Academy in Hyderabad to prepare a handbook on procedures to handle digital evidence in the case of computer and Internet-related crimes.[1477] The government is also considering establishing an Electronic Research and Development Centre of India to be responsible for developing new cyber-forensic tools. India's Intelligence Bureau is reported to have developed an e-mail interception tool similar to the Federal Bureau of Investigation's Carnivore system, which it claims to use in anti-terrorist investigations.[1478] In April 2002, India and the United States launched a cyber-security forum to collaborate on responding to cyber security threats.[1479]
Wiretapping is regulated under the Telegraph Act of 1885. There have been numerous phone tap scandals in India, resulting in a 1996 decision by the Supreme Court which ruled that wiretaps are a "serious invasion of an individual's privacy"[1480] The Supreme Court recognized the fact that the right of privacy is an integral part of the fundamental right to life enshrined under Article 21 of the Constitution. However, the right is only available and enforceable against the state and not against action by private entities. The Court also laid out guidelines for wiretapping by the government. The guidelines define who can tap phones and under what circumstances. Only the Union Home Secretary, or his counterpart in the states, can issue an order for a tap. The government is also required to show that the information sought cannot to be obtained through any other means. The Court mandated the development of a high-level committee to review the legality of each wiretap. Tapped phone calls are not accepted as primary evidence in Indian courts. However, as is the case with most laws in India, there continues to be a gap between the law and its enforcement. According to prominent NGOs, the mail of many NGOs in Delhi and in strife-torn areas continues to be subjected to interception and censorship.[1481]
In March 2002 the Indian Parliament, in a rare joint session, passed the Prevention Of Terrorism Act (POTA) over the objections of several Opposition parties and in the face of considerable public criticism. The National Human Rights Commission, an independent government entity, criticized the measure finding that the existing laws were sufficient to combat terrorism.[1482] The law codifies the Prevention of Terrorism Ordinance that in turn builds on the repealed Terrorists And Disruptive Activities (Prevention) Act (TADA). It gives law enforcement sweeping powers to arrest suspected terrorists, intercept communications, and curtail free expression. Critics argue that the experience of TADA and POTA shows that the power was often misused for political ends by authorities and that POTA does little to curb those excesses.[1483] Chapter V of POTA deals with the interception of electronic communications, which also creates an audit mechanism that includes some provision for judicial review and parliamentary oversight; however, it remains to be seen how effective such mechanisms will be in practice.[1484] In certain high-risk states such as Jammu and Kashmir, search warrants are not required and the government from time to time bans the use of cellular telephones, long distance phones, and cyber-cafes.[1485] India's Enforcement Directorate, which investigates foreign exchange and currency violations, searches, interrogates and arrests business professionals, often without a warrant.[1486]
On December 13, 2001, the Indian Parliament was attacked by five heavily armed intruders and gun men. A case was duly registered, investigated and prosecuted under the provisions of POTA after it was enacted. The trial court judge convicted the accused persons. On appeal, the New Delhi High Court held that intercepted telephone conversations of the three persons charged under POTA for plotting the attack on the Parliament, were not admissible evidence, although the High Court had previously held that telephone conversations could qualify as admissible evidence under the Indian Evidence Act, the Indian Telegraph Act and the Indian Penal Code, and that it was open for the trial court to consider the intercepts under these laws while deciding the case. The Central Bureau of Investigation appealed against the High Court order and on September 5, 2003 the Supreme Court set the Delhi High Court judgement aside, allowed the appeal and decided that intercepted communications between the accused in the House of Parliament are admissible.
A prominent expose of government corruption by the web portal Tehelka sparked a growing debate on the appropriate balance between the press and personal privacy. Telehka's investigative journalists covertly filmed high-level officials accepting bribes and army officers groping call girls as part of their expose on how official corruption operates in India.[1487]While some critics admit that the journalists did shed much needed light on a murky subject, they argue that there should be some restrictions on the press' behavior.[1488] India authorizes the use of illegally obtained evidence that wouldtherefore allowjournalists to present such evidence in court. Similar questions arose in relation to the transcripts of tapped phone calls released to the press in a match fixing scandal surrounding the national sport of cricket in April 2000.[1489]
The Government of India has initiated steps for enacting a law on Convergence. The proposed Communications Convergence Bill 2001 was tabled in both Houses of Parliament in the second half of 2001. The Parliament referred it to the Standing Committee on Information Technology which gave detailed recommendations at the end of 2002 and forwarded them to the government.The government is likely to make changes to the Bill in line with some of the Committee's recommendations, and to submit it to the Parliament. The bill aims to create a "super regulator," the Communications Commission for India, to oversee voice and data (including telecom, broadcasting, and Internet) communications.[1490] Chapter XIV of the Bill covers the interception of communications and penalties for unlawful interception. Section 63 has been criticized by business groups for placing a significant burden on service providers to provide the government information about their customers, and allow law enforcement to intercept any communication under a very low standard.[1491]
In February 2003, India convicted its first cyber-criminal when a Delhi High Court sentenced Arif Azim on the charges of online cheating. In the said case, Arif Azim, while working for a call centre near Delhi stole the credit card information that belonged to an American citizen and used it to order a color television and a cordless hand phone. This case has highlighted the security and privacy risks for companies to outsource some of their processing operations in India where there is a lack of a clear privacy legal framework. At the time of writing,
The Indian government is currently considering the idea of enacting a detailed law on data protection under the initiative of the Ministry of Communication and Information Technology.[1492]
https://www.privacyinternational.org/survey/phr2003/countries/india.htm
The new Right to Privacy Bill 2011 – a blind man's view of the Elephunt. June 8, 2011
Posted by Prashant in Privacy law, Uncategorized.
trackback
Over the past few days various newspapers have reported the imminent introduction in Parliament, during the upcoming Monsoon session, of a Right to Privacy Bill. Since the text of this bill has not yet been made accessible to the public, this post attempts to grope its way – through guesswork – towards a picture of what the Bill might look like from a combined reading of all the newspaper accounts. I am relying entirely on the following 3 newspaper accounts in the Times of India, the Hindu and the Deccan Chronicle
A Constitutional/Fundamental Right?
The Times of India piece which broke the story seems to have misunderstood/misquoted Law Minister Veerappa Moily. The article is titled "Right to privacy may become fundamental right" which connotes a constitutional amendment. However this is inconsistent with the later portions of the same article as well as subsequent newspaper accounts in DC and the Hindu. So its safe to assume that this will not be a fundamental right to privacy, but a statutory right to privacy – like what the Right to Information Act grants us .
Preamble
I'm extrapolating here from the Hindu article:
"To provide for such a right [of privacy] to citizens of India AND to regulate collection, maintenance, use and dissemination of their personal information".
So it's an omnibus Privacy and Data Protection Law that's being passed. How nice. This addresses some of the misgivings that we had last year against the "Approach Paper on Privacy" released by the Department of Personnel and Training.
Definition of 'Right to Privacy'
The Hindu article appears to quote directly from the Bill.
Every individual shall have a right to his privacy — confidentiality of communication made to, or, by him — including his personal correspondence, telephone conversations, telegraph messages, postal, electronic mail and other modes of communication; confidentiality of his private or his family life; protection of his honour and good name; protection from search, detention or exposure of lawful communication between and among individuals; privacy from surveillance; confidentiality of his banking and financial transactions, medical and legal information and protection of data relating to individual.
This is a wonderfully expansive definition of the right to privacy which spans diverse areas including privacy of communications, reputational privacy, bodily/physical privacy, confidentiality, privacy of records and data protection. I'm especially pleased that this section does not limit this right to privacy only to claims against the state (as in the Right to Information Act).
The Deccan Chronicle article contains a slightly different definition of 'right to privacy' under the Bill. Here the right to privacy includes "confidentiality of communication, family life, bank and health records, protection of honour and good name and protection from use of photographs, fingerprints, DNA samples and other samples taken at police stations and other places"
This wording is slightly more granular, but less broad. I'm wondering if it is a part of the same section, or a different one entirely.
Interception
What is most interesting is the attempt made in this Bill at harmonization of interception rules across all modes of "communication". (Currently there are different rules/procedures that followed depending on the mode of communication used – Indian Post Act, Telegraph Act, IT Act.)
Here are some of the sweeping changes sought to be introduced:
- The bill prohibits interception of communications except in certain cases with approval of Secretary-level officer – not below the rank of home secretary at the Central level and home secretaries in state governments
- Mandatory destruction of intercepted material by the service provider within two months of discontinuance of interception.
- Constitution of a Central Communication Interception Review Committee (CCIRC) to examine and review all interception orders passed (under all Acts?).
- CCIRC empowered to order destruction of material intercepted under the Telgraph Act.
- "unauthorised interception" (by whom?) punishable with a maximum of five years' imprisonment, or a fine of Rs 1 lakh, or both, for each such interception. This makes it a cognizable, non-bailable offense.
- Disclosure of legally intercepted communication by "government officials, employees of service providers and other persons" will be punishable with imprisonment up to three years. (It is unclear whether this will be a cognizable offence or not)
Data Protection
The Bill adds muscle to the newly introduced Data Protection Rules under the IT Act, by creating an overarching statutory regime for Data Protection.
Thus, the bill forbids "any person having a place of business in India but has data using equipment located in India" from collecting or processing, using or disclosing "any data relating to individual to any person without consent of such individual". I assume that there will be exceptions to this section. The wording of this section seems to preclude its application to the government (unless you can interpret the 'government' to mean 'a person having a place of business in India'. I have no views on the likelihood of that argument.
The bill evidently authorizes the establishment of an oversight body called "Data Protection Authority of India" that will investigate complaints about alleged violations of data protection. The following appear to be the functions of this body
- to monitor development in data processing and computer technology;
- to examine law and to evaluate its effect on data protection
- to give recommendations and to receive representations from members of the public on any matter generally affecting data protection.
- to investigate any data security breach and issue orders to safeguard the security interests of affected individuals whose personal data has or is likely to have been compromised by such breach.
Video Surveillance
The bill includes a very interesting prohibition on "closed circuit television or other electronic or by any other mode", except in certain cases as per the specified procedure.
No further details are provided about the exceptions or the procedure and one expects the devil to be in the details.
Bodily Privacy
The bill prohibits "surveillance by following a person".
This innocuously worded provision has the potential to effect sweeping changes in the criminal administration of this country (if it is even applicable to the state police machinery) . Currently, Police Acts in the various states contain no provisions that enable a person to challenge the surveillance imposed on them. This new section could provide a powerful new shield to the victims of police harassment.
Impersonation and Financial Fraud
In a section apparently dealing with identity theft, the Bill criminalises inter alia "posing as another person when apprehended for a crime" and "using another's identity to obtain credit, goods and services".
I think the first (at least) is unnecessary since it is already covered by the crime of Impersonation under the IPC.
Residual
A curious provision appears to be a fine imposed on "any persons who obtain any record of information concerning an individual from any officer of the government or agency under false pretext". Such a person shall be punishable with a fine of up to Rs. 5 lakh.(unclear whether there is a term of imprisonment in addition)
It will be interesting to see how this section conflicts with the Right to Information under which no 'pretext' need be given to the public authority.
I also think it is ill-conceived to penalise the person obtaining the record of information – the government body in custody of the information should be made more responsible in scrutinizing the 'pretext' before handing over such information.
Tailpiece
That's all I can make out from the three articles referenced. Looks like it's going to be a really interesting bill. I'm optimistic about it for the sincere attempt it appears to make to grapple with the protean nature of Privacy concerns we encounter. Veerappa Moily has claimed that this bill will be introduced in the monsoon session in July but has also cautioned that "it's difficult to commit the timeframe". I think we should make haste slowly with this Bill and hope that the Law Ministry will have the wisdom to solicit public comment before introducing it in Parliament.
I'd greatly appreciate someone sending me a copy of the bill if you have access to it.
http://privacyindia.org/2011/06/08/the-new-right-to-privacy-bill-2011/
-
-
Palash Biswas
Pl Read:
http://nandigramunited-banga.blogspot.com/
No comments:
Post a Comment