Cyber Privacy

Cyber Privacy in India

The global use of internet for electronic communication and e-commerce over the past few years has become a common phenomenon of modern life. No doubt it facilitated our life a lot, but on other hand it has created a grave concern for governments in India and other countries as it is posing a threat to personal privacy in an online environment. These concerns have created an alarming situation to Indian government, media, private entities and policy- makers, waking up to this challenge now we can see that some efforts are being made by our government to develop some policies and strategies to protect the privacy of electronic transactions and personal information in cyberspace. The use of new and advanced technologies has increased the fear of privacy intrusion as the new types of PII (Personal Identifiable Information) are now available while it was quite difficult to get them earlier. Biometrics such as, DNA, finger prints, iris-scanning which are becoming popular as a method to secure identification. These biometric devices are being used to prevent fraud in various organizations but they have also raised some concerns about the storage and access of these digital data. The Internet has affected a lot upon the privacy rights of a person both in their identities and their personal data. The use of smart phones or internet enabled phones is the biggest challenge now days as it intrudes upon the privacy rights of a person. Each computer, mobile phone or other device attached to the internet has a unique IP address, which provides a unique identifier for every device and which in turn the can be traced. The amendments in the IT act (2008) and recently produced bill namely (The Privacy Protection Bill (2013)) in the parliament are the signs that the Indian government is waking up towards this problem and trying to combat it. Earlier there were a very few provisions in Indian law to intercept, block and monitor internet communications or to regulate the flow of personal information. The Privacy Protection Bill (2013) deal with all the major concerns like the protection of personal data, interception of communication, surveillance etc. about which we mostly confront within daily life. Certainly this bill will help to meliorate the trust of people in E-commerce. Because this implies the rule that no person shall collect any personal data of another person without obtaining the prior consent of the person to whom it pertains and such consent may be

obtained in any manner, and through any medium, but shall not be obtained as a result of a threat, duress or coercion. But apart from all the steps taken by the government to maintain privacy in cyberspace it is also our responsibility to decide up to what extend do we need to share our personal information over the internet. In India people share their personal information over the social networking sites, matrimonial sites and on several other places regardless of the fact that this information can be misused easily. It is important to understand the criticalness of the fact that even if we share anything on an Indian website it can be accessed globally thus making our information available across the globe. This is due to the nature of the internet so we too have to limit ourselves in sharing personal information despite of making so many polices and passing bills for regulating personal information in cyberspace.

Legal Regime to Combat Cyber Privacy in India

Information Technology Amendment Act, 2008

• Section 43(A): Compensation for failure to protect data
• Section 66(E): Punishment for violation of privacy
• Section 72: Breach of confidentiality and privacy
• Section 72(A): Punishment for Disclosure of information in breach of lawful contract

Indian Penal Code, 1860

• Section 499 - Defamation
• Section 500 - Punishment for Defamation
• Section 292 - Sale, etc., of obscene books etc.
• Section 447 - Punishment for Criminal Trespass
• Section 509 - Word, gesture or act intended to insult the modesty of a woman

Code for Criminal Procedure, 1973

• Section 320 - Compounding of offences

Right to Information Act, 2005

• Section 8 - Exemption from disclosure of information

The Privacy Protection Bill (2013)

As the bill says that it is a bill “to establish an effective regime to protect the privacy of all persons and their personal data from Governments, public authorities, private entities and others, to set out conditions upon which surveillance of persons and interception and monitoring of communications may be conducted, to constitute a Privacy Commission, and for matters connected therewith and incidental thereto10.” Following are the chapters of the privacy protection bill (2013):

1. Preliminary
2. Right to privacy
3. Protection of personal data
4. Interception of communications
5. Surveillance
6. The privacy commission
7. Offences and penalties

This bill deals with all the major aspects of the privacy concern. It states that no person shall collect, store, process, disclose or otherwise handle any personal data of another person, intercept any communication on another person or carry out surveillance of another person except as provided in the act.16 It also put a bar on collecting data or personal information of individuals without obtaining prior consent of the person whom it pertains. If made applicable privacy commission would be formed so that no one can carry out any surveillance of any person without taking permission from the privacy commission though it has some exceptions too.

First, Right to privacy is a fundamental right as guaranteed by Indian Constitution in Article 21, so every individual has a right to privacy but with some limitations. Though new methods of tracking and tracing a person are available, also new types of Personally Identifiable Information (PII) can be retrieved; government should take responsibility of a person’s privacy and personal information from being invaded. Government has also prescribed the method and rules for monitoring and collecting data or information in IT Act but it should also be implemented. Second, it’s also our responsibility to know that as internet is a global platform we should try to regulate or minimize the amount of information we usually share without being aware about the possible risks and threats related to it. Because as it is always said that, “precaution is better than cure".