Privacy Matters — Analyzing the Right to "Privacy Bill"

The conference was organized by Privacy India in partnership with the Centre for Internet & Society, International Development Research Centre, Indian Institute of Technology, Bombay, the Godrej Culture Lab and Tata Institute of Social Sciences. Participants included a wide range of stakeholders that included the civil society, NGO representatives, consumer activists, students, educators, local press, and advocates.

Comments to the Right to Privacy Bill

Welcome

Prashant Iyengar was the Lead Researcher with Privacy India, opened the conference with an explanation of Privacy India’s mandate to raise awareness, spark civil action and promote democratic dialogue around privacy challenges and violations in India. He summarized the five “Privacy Matters” series previously organised across India in Kolkata on January 23, 2011, in Bangalore on February 5, 2011, in Ahmedabad on March 26, 2011, in Guwahati on June 23, 2011 and in Chennai on August 6, 2011.

Keynote Address

Na. Vijayashankar (popularly known as Naavi), a Bangalore based e-business consultant, delivered the key note address on the quest of a good privacy law in India. 

He described the essential features of good privacy legislation. In analyzing the Draft Privacy Bill’s definition of the right to privacy, he suggested it should be defined through the “right to personal liberty” rather than through what constitutes “infringements”.  Mr. Vijayashankar went on to explain that the “privacy right” should be taken beyond “information protection” and defined as a “personal privacy or a sense of personal liberty without constraints by the society”. He explained the various classifications and levels of protection associated with the availability and disclosure of data. He expressed concerns regarding monitoring of data processors and suggested that data controllers have contractual agreements between data processors, so as to ensure an obligation of data security practices. He also called for the simplification and division of offences and suggested numerous reasons as to why the Cyber Appellate Tribunal would not be an ideal monitoring mechanism or authority. See Naavi's presenation here

Session I: Privacy and the Legal System

 Dr. Sudhir Krishnaswamy, Assistant Professor at the National Law School of India

Dr. Krishnaswamy started off the presentation by questioning the normative assumptions the Draft Privacy Bill makes. He referred to the controversy of Newt Gingrich's second marriage, to question the range of moral interests that were involved. The Bill falls short in accounting for dignity in relation to privacy. He described the Draft Privacy Bill as a reasonable advance, given where privacy laws were before. Although, he feels that it does fall short, in terms of a narrow position, on what privacy law should do. He also questioned if it satisfies constitutional standards. He stressed the importance of philosophical work around the Draft Privacy Bill considering that the nature of privacy is not neat and over-arching.

Privacy and the Constitutional Law

N S Nappinai, Advocate, High Court, Mumbai,

Nappinai spoke on the constitutional right to privacy. She explained the substantial development of Article 21 of the Constitution of India to include the ‘right to privacy’ with regards to its interpretation and application. She described the different shift of the application of the right to privacy in the West in comparison to India. The West has moved from the right to privacy pertaining to property to the right to privacy concerning personal rights, whereas India moved from personal rights to property rights. She outlined three aspects of privacy: dignity, liberty and property rights. Ms. Nappinai dissected the Bill in its major components: interception, surveillance, method and manner of personal data, health information, collection, processing and use of personal data. Using these components, she questioned what precedence exists? What should be further protected or reversed? What lessons should legislators draw from?

Shortcomings of the Draft Right to Privacy Bill falls include:

1. The objects and reasons section in the Draft Privacy Bill declares the right to privacy to every citizen as well as delineates the collection and dissemination of data. Nappinai dismisses the need for this delineation on the grounds that data protection is an inherent part of the right to privacy, it is not exclusive.
2. Large focus on transmission of data. The provisions do not account for property rights pertaining to the right to privacy. Therefore, the ‘knock-and-enter’ rule, the ‘right to be left alone’ and the ‘right to happiness’ should be included.
3. Applicability of the Bill should extend to all persons as well as data residing within the territory. It would be self-defeating if it only includes citizens, considering that the Constitution extends to all persons within the territory.
4. The right to dignity is unaccounted for.
   
   See Nappinai's presentation here
   

Session II: Privacy and Freedom of Expression

Apar Gupta, Advocate, Delhi

Apar Gupta is an advocate based in Delhi who specializes in IP and electronic commerce law, spoke predominantly on the interplay between privacy and freedom of expression. He used the example of an advocate tweeting about his criticism of a judges’ ruling, to illustrate how different realms of online anonymity enable freedom of speech. He went beyond the traditional realm of journalistic architecture such as television channels or newspapers and explained online community disclosure. Mr. Gupta provided a practical example of Indian Kanoon, a popular online database of Indian court decisions. Because Indian Kanoon is linked to the Google search engine, many individuals involved in civil and criminal matters have requested Indian Kanoon to remove the court judgments, under privacy claims. This particularly occurs with individuals involved in matrimonial cases. However, as court judgment constitute public records India Kanoon only removes court judgments when requested by a court order. He described the several ways legislators can define privacy and freedom of expression. Considering that the privacy of an individual may border upon freedom of speech and expression, he questioned whether or not privacy should override the right to freedom of speech and expression. In addition, Mr. Gupta discussed the debate on whether or not the Privacy Bill should override all existing provisions in other laws.

Additionally, he analyzed the provisions of the Draft Privacy Bill using three judgments. In these judgments, different entities sought of various forms of speech to be blocked under privacy claims. He spoke about the dangers of a statutory right for privacy that does not safeguard freedom of speech and expression. Considering that the privacy statute may allow for a form of civil action permitting private parties to approach courts to stop certain publications, he stressed the importance for legislators to ensure balanced privacy legislation inclusive of freedom of speech and expression.

Sexual Minorities and Privacy

Danish Sheikh, researcher at Alternative Law Forum

Danish examined the status of sexual minorities in the light of privacy framework in India. The tag of decriminalization has served to greatly alter the way institutions approach the question of privacy when it comes to sexual minorities. He used the Naz Foundation judgment as a chronological marker to map the developments in the right to privacy and sexual minorities over the years. He outlined four key effects on the right to privacy due to the Naz Foundation judgment: Prepared the understanding of privacy as a positive right and placed obligations on the state, Discussed privacy as dealing with persons and not just places, it took into account decisional privacy as well as zonal privacy, Connected privacy with dignity and the valuable worth of individuals, and Included privacy on one’s autonomous identity.

He described various incidents that took place before the Naz Foundation judgment, pre-Naz, that altered the way we conceived of queer rights in general and privacy in particular, including the Lucknow incidents, transgender toilets, passport forms, the medical establishment and lesbian unions. Post-Naz, he described two incidents including the Allahabad Muslim University sting operation as well as the TV9 “Expose” that captured public imagination. 

He concluded by asking: “What do these stories tell us about privacy?” The issues faced by the transgender community tell us that privacy doesn’t necessarily encompass a one-size-fits-all approach, and can raise as many questions as it answers. The issues faced by the Lucknow NGOs display the institutionalized disrespect for privacy and that has marginally more devastating consequences for the homosexual community by the spectre of outing. The issues faced by lesbian women evidence yet another need for breaching the public/private divide, demonstrating how the protection of the law might be welcome in the family sphere. Alternate sexual orientation and gender identity might bring the community under a common rubric, but distilling the components of that rubric is essential for engaging in any kind of useful understanding of the community and the kind of privacy violations it suffers – or engage with situations when the lack of privacy is empowering.

Session III: Privacy and National Security

Menaka Guruswamy, Advocate, Supreme Court of India

Menaka explored national security and its relationship to privacy. In her presentation, she compared the similar manner in which the courts approach national security and privacy issues. The courts feel national security and privacy issues are too complex to define, therefore, they take a case-by-case approach. Ms. Guruswamy described three incidents that urged her to question national security and privacy. First, she was interested in the lack of regulation surrounding intelligence agencies and was involved in the introduction of the Regulations of Intelligence Agencies Bill as a private members bill. Second, national security litigation between the Salwa Judum judgment and the State of Chhattisgarh is an example of how national security triumphs constitutional rights and values. Third, privacy in the context of the impending litigation of Naz Foundation in the Supreme Court. She described the larger conversation of national security focus on values of equality and privacy. She discussed the following questions that serve in advancing certain conception of rights: How do we posit privacy which necessarily, philosophically as well as judicially, is carved out as the right of an individual to be left alone? What are the consequences when national security, which is posited as the rights of the nation, is in conflict with the right of the individual to be left alone? Considering that constitutional rights are posited as a public facet of citizenship how does a right to privacy play in that context?

Privacy and UID

R. Ramakumar, professor at the Tata Institute of Social Sciences

Prof. Ramakumar spoke on UID, its collection of information and the threat to individual privacy. First, he provided a historical trajectory of national security that has led to increased identity card schemes. He described the concrete connection between UID and national security. He briefed the gathering on the objectives of the UID project. He described several false claims as proposed by the UIDAI. He explicitly disproved the UIDAI claim that Aadhaar is voluntary. He did this by comparing various legislations associated with the National Population Registrar that had provisions mandating the inclusion of the UID number.

He went on to explain that the misplaced emphasis of technology to handle large populations remains unproven. He described two specific violations of privacy inherent in the UID system: convergence of information and consent. The UID database makes it possible for the linking or convergence of information across silos. In addition, consent is unaccounted for in the UID system. The UID enrollment form requires consent from a person to share their information. However, the software of the enrollment form automatically checks ‘yes’, therefore you are not asked. Even if you disagree, it automatically checks ‘yes’. Default consent raises the important question, “to what extent are we the owners of our information?” and “what are the privacy implications?”

Mr. Ramakumar was once asked, by Yashwant Sinha in a Parliamentary Standing Committee meeting, “Is the Western concept of privacy important in developing country like India?”. Using this question posed to him, he stressed the importance of privacy to be understood as a globally valued right, entitlement and freedom. He also referred to Amartya Sen’s work on individual freedoms.

Conclusion

During the daylong consultation numerous questions and themes relating to privacy were discussed:

How is the right to privacy defined? How can the Draft Privacy Bill redefine the right to privacy? How can reasonable deterrence mechanisms be included? Does duplication of the right to privacy exists in different statutes? Is the Cyber Appellate Tribunal an ideal monitoring mechanism or authority? What are the circumstances under which authorized persons can exercise the Right of privacy invasion? How can the Draft Privacy Bill account for the right to dignity? How much information should the State be allowed to collect? How can citizens become more informed about the use of their information and the privacy implications involved? What would be the appropriate balance or trade-off between security and civil liberties? What are the dangers with permitting the needs of national security to trump competing values? What are the consequences for the homosexual community, when faced with institutionalized disregard for privacy?