Contemporary discussions on privacy must pay homage to Samuel Warren’s and Louis Brandel’s article in the 1890 Harvard Law Review, The Right to Privacy (goo.gl/3KB8 nv). This writing essentially injected the idea of privacy rights into public discourse, pioneering a debate that continues unfettered today.
Although conceptions of privacy have since radically transformed with paradigm shifts in technology, the essence of Warren’s and Brandel’s argument remains steadfast: privacy must be a fundamental right. These paradigm shifts, and a world inundated with digital technology, legitimises —indeed, demands — a reconceptualisation of what constitutes a ‘right’.
Judicial intervention, time and again, has reinterpreted and expanded the fundamental rights secured in the Constitution of India to accommodate these evolving conceptions of rights, as it should be with the right to privacy — without which the constitutionally guaranteed right to personal liberty would be severely compromised. During my tenure as Union minister of state for communications and information technology, I launched India’s first National Cyber Security Policy in July 2013. The policy was aimed at tackling some of the threats that a rapidly digitising and information-driven world poses for individual privacy and national security in order to create a safe and secure cyber world.
But merely six years since I first assumed charge at the ministry, and four years since the introduction of the policy, the breakneck pace of evolution in the digital ecosystem has compelled me to restructure my opinion on this issue in order to assimilate those changes. I hope that our government and courts take cognisance of this evolution as they debate the fate of privacy rights in India.
The debate on privacy extends far beyond the Aadhaar-fuelled rhetoric within which it is currently ensconced in the country, and the images of an ‘Orwellian State’ that it conjures. Privacy in constitutional or legal vocabulary eludes a concrete definition precisely because of its vast and ever-evolving scope.
Addressing issues of consent and autonomy, the most obvious implication of privacy rights is a safeguard against unlawful surveillance, including an intrusion into different forms of personal correspondence, medical records, financial records and biometric and other kinds of personal data. Courts in the US have invoked the right to privacy in diverse cases, ranging from abortion and contraception to homosexuality, free assembly, defamation and identity theft.
The EU, on the other hand, has some of the world’s most comprehensive privacy laws for its citizens, including the rather unconventional ‘right to be forgotten’, which grants an individual the freedom to erase her digital footprints.
Canada has a dedicated Privacy Commissioner to ensure oversight and implementation of the Privacy Act and the Personal Information Protection and Electronic Documents Act. The lack of such regulations in India is essentially akin to inviting the State, or any private player, into our homes and lives, granting them access to our private conversations, chats, emails, phone calls, gym schedules and dinner plans.
In the absence of a privacy law regulating the collection, storage and use of private information, we are essentially surrendering control of our data, completely vulnerable to misuse and exploitation without connotations of illegality or mechanisms for redressal. A larger, more dangerous threat looms in potential attacks on sovereign data, the consequences of which could range from economic loss to a paralysis of essential government services such as electricity and transportation.
Privacy, Not Pry-vacy
This is why privacy laws are crucial. When we provide for strong privacy regulations, we create the infrastructure necessary to implement those laws, and this becomes our first line of defence against cyberattacks from hostile internal or foreign entities. This lacuna is analogous to leaving our national borders unmanned.
Opponents — that is, law enforcement agencies — who cite the ‘existential terrorist threat’ argument as the basis for rejecting the right to privacy must understand that this is an extremely slippery slope. We must strike the delicate balance between safeguarding national security and sovereign interest, and ensuring that individual privacy is not imperilled.
Taking inspiration from the EU, we can circumvent the problem by establishing lawful mechanisms to intercept terrorist threats and prevent criminal activity, rather than subscribing to a blanket surveillance policy.
There is a larger philosophical debate to be had here, however. What is lawful may not always be ethical. Sensationalised exposés of ‘scandalous’ information, even if obtained through means technically within the legal ambit, are still unethical in the context of privacy rights of the individuals involved. Any structures we establish for surveillance and monitoring of suspected anti-social elements must, therefore, be accountable not only to a legal framework but also to a moral one.
There is a compelling need to introduce accountability into the system, where stakeholders are able to seek legal redressal for violation of their right to privacy and offenders are brought to justice. As the band Pearl Jam sang in their song ‘Pry’, ‘P-R-I-VA-C-Y is priceless to me.’