“Right to be let alone; right of a person to be free from unwarranted publicity; and right to live without unwarranted interference by the public in matters with which the public is not necessarily concerned.”[i]
The Right to Privacy is considered a fundamental right in India, as established by the landmark judgment in the case of S. Puttaswamy and Ors. v. Union of India. This right is seen as implicit in the Right to Life under Article 21 of the Indian Constitution. While the right is subject to reasonable restrictions, it is important that it is safeguarded by the law. In today’s world, cyber privacy has become a controversial issue, but India lacks stringent laws to deal with it. As a result, the Right to Privacy with respect to cyber security is a topic of debate. The concept of the “right to privacy” can be interpreted as an individual’s entitlement to be free from intrusion or interference by others. Cyberspace refers to a non-physical realm created by computers. Although people may believe that cyberspace offers privacy and security, the reality is that individuals face significant risks of privacy infringement online. This article aims to compile information on this issue, with a particular focus on the Right to Privacy in the cyber world. It also examines the role of the Judiciary in interpreting the Right to Privacy and the importance of legislation related to cyber security. Additionally, the article proposes measures to address these concerns.
“Privacy is not negotiable, it is the right of every Indian’
The concept of the “Right to Privacy” is complex and subject to interpretation by the courts based on the specific case and context. Privacy is a fundamental right that should be respected and valued in the same way as the right to life. However, the term “privacy” has not been defined in the Constitution or any laws and requires interpretation to address its real concerns. Privacy is a human right that protects human dignity and personality and includes the right to freedom of speech and expression. Actions that limit privacy, such as surveillance and censorship, must be prescribed by laws and required to reach legitimate aims.
The “Right to Privacy” is not a new concept and has been derived from common law. One of the first cases on this issue was Semayne’s Case in 1604, where Sir Edward Coke emphasized the person’s right to privacy and the protection of his house against injury and violence. In England in the 19th century, the meaning of the term “Right to Privacy” was introduced, and the court held that intrusion into a situation where a person can reasonably expect his privacy to be respected can give rise to liability unless it can be justified.
In the present digital age, personal data and information have gained various meanings in terms of production, collection, analysis, storage, and access using cyber tools and the internet. Personal information can be easily generated by tracking a user’s movement on various internet platforms like social media, online transactions, and browsing history, which poses a threat to privacy. There are conflicting views on the protection of privacy in the cyber world, and there is confusion about what privacy is and what it is not. The advent of the World Wide Web has removed geographical barriers and threatens one’s existence and privacy even within the four walls of their room.
Cyber Space: Legal Frame Work in India.
To recognize digital evidence and electronic records, the Information Technology Act came into force on and from 17.10.2000. The preamble of the act would read as follows:-
“An Act to provide legal recognition for transactions carried out using electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto[1].”
The Act acknowledges several types of cybercrimes and imposes penalties for them. The punishable cybercrimes are detailed in sections 65 to 85 of the Act, with penalties ranging from imprisonment for up to three years to life imprisonment, along with the possibility of fines. Additionally, an upper limit of Rs.1,00,000/- to Rs.5,00,000 for fines is specified. As the field of cybercrime is continuously evolving, more and more cybercrimes resulting from violations committed online are being detected. These cybercrimes can be broadly classified as cybercrimes against persons and cybercrimes against property. As this article focuses on the privacy rights of individuals, cybercrimes against persons are more relevant to the subject matter.
Categories Of The Crimes Against Persons In The Cyber Space
(i) Harassment via E-Mails: The offense of harassment via emails involves the act of sending emails, text messages, pictures, videos, attachments, and folders with the intention to harass the victim.
(ii) Cracking: This refers to the offence of cracking, which is committed when an individual’s computer system is accessed and compromised without their knowledge, and confidential data is accessed and tampered with without their consent.
(iii) Cyber-Stalking: Cyber harassment or online harassment is a form of harassment where the perpetrator uses electronic means to repeatedly harass the victim. Such means may include the internet, email, phones, text messages, webcams, websites or videos.
(iv)Hacking: Hacking refers to gaining unauthorized access to a computer system or network, but it does not necessarily involve destroying data. While it is true that hacking can be used for malicious purposes such as data theft or destruction, many hackers use their skills for ethical or beneficial purposes, such as identifying and fixing security vulnerabilities. Moreover, hacking can be conducted through various means, not just limited to telecommunication and mobile networks. Hacking can occur through the internet, physical access to a computer, or even social engineering techniques such as phishing scams.
(v) Dissemination of Obscene Material: This refers to the offence, whereby the offender exhibits material relating to indecent exposure or pornographic content or hosting prohibited content.
(vi) Spoofing: This refers to stealing of identity of a person. By stealing the identity of the victim, the offender will make use of the identity of the victim to communicate with third persons. It would appear as though the victim is indulging in such communication.
(vii) Page jacking: This is an offence in which a victim’s website is hijacked and exploited to link to another false website. In effect, when a user clicks on a link on the victim’s website, he is directed to the false site. As a result, search engines might be mislead into listing fraudulent websites.
(viii) Carding: The electronic magnetic field of the ATM cards including credit cards are stolen and used by the offender to swipe off the money from the victim’s account.
(ix) Other crimes: Any other crime like cheating, fraud, a threat to life and other forms of a crime punishable under the Indian Penal Code, when committed with the help of electronic devices or by making use of cyberspace, falls within the ambit of cybercrime against persons.
The most prevalent types of cybercrime are listed above. It should be noted, however, that not all invasions of privacy are considered cybercrimes. Regardless of the aforementioned offences, there is a need for understanding regarding an individual’s private rights that are violated in cyberspace. A few examples of violating a person’s privacy are shown below. Spamming is the most popular method of invading an individual’s privacy in internet. Everyone who uses the internet appreciates the web browser’s capacity to remember the sites we’ve visited. Many of us are unaware that every website we visit on the internet is being monitored. There is an option in the internet browser to use an incognito window. This is also known as private browsing. Since many people use this option to prevent others from tracking their surfing, they must have missed the disclaimer displayed on the window. The majority of us often ignore the notice that comes when incognito mode is selected. The aforementioned notification makes it clear that when you shut the incognito window, the pages you browsed will no longer be stored in your browser’s history, cookie cache, or search history. Any files you download or bookmarks you make, however, will be saved. The message also cautions you from thinking you are invisible. Using an anonymous browsing mode won’t keep your online activities hidden from your employer, internet service provider, or the websites you visit. Many teenagers and adults like this option since it allows them to conceal their surfing habits from family members. Because the surfing history is not retained, customers are frequently puzzled when their internet service provider and other websites visited send out a slew of unwanted messages by monitoring the websites they visit (both through ordinary browsing and through incognito web browsing). This is known as spamming, and the browser is generally unaware of why the messages were delivered to him. As a result, understanding of the consequences of accessing cyberspace is essential.[2]
Similarly, during online chats and other communications, people disclose personal information that the tracking system may utilise[3]. Unfortunately, we are blissfully unaware of this truth and believe that the information we offer is solely received by the intended receiver. It’s also worth noting that the information we provide on the internet may be viewed by a big number of individuals. This is especially important on social networking sites where users exchange personal information. Any illegal access to or abuse of personal information is likely to have a substantial impact on a person’s right to privacy. To make matters worse, illegal use may go undetected until it’s too late to remedy the harm. Another example that is worth mentioning is mobile apps. With the increased usage of smartphones, downloading mobile applications is also becoming more popular. When you download a new programme, it normally asks for permission to access5, which is usually disregarded. It is simple to discover that certain programmes may want permission to read, edit, and occasionally erase the contents of your emails, SMS, and other personal data if time is taken to go through the permissions it seeks. If the same is accepted without thinking, it may significantly compromise a person’s private information. As a result, there is an urgent need to become more knowledgeable about the benefits and drawbacks of using cyberspace. When using the internet, one must study the terms and conditions, privacy policies, authorization details, and so on. It is critical to specify correct choices in the security setup while utilising social networking sites/applications. Individuals must also exercise caution when granting access to personal information while downloading apps for mobile phones.
As the current essay focuses on cyberspace privacy concerns, it is thought that the issue of privacy arising from digital communication is equally significant. Only a few pieces of regulation govern digital communications. The Information and Technology Act has already been considered. The Indian Telegraph Act of 1883, which oversees the use of wired and wireless telegraphy, telephones, teletype, radio communications, and digital data communications, is also significant in this respect. It grants the Government of India sole jurisdiction and rights over all types of wired and wireless communications inside Indian territory, including their establishment, maintenance, operation, licencing, and monitoring. It also grants government law enforcement authorities the authority to monitor/intercept communications and tap phone lines under certain situations specified in the Indian Constitution. On October 1, 1885, the statute went into effect. Since then, additional revisions have been introduced to modernise the legislation in response to technological changes6. One of the legislation that forbids service providers from indiscriminately revealing personal information is the Telecom Commercial Communications Consumer Preference Regulations 2010. The regulations describe Access Providers as Basic Telephone Service Providers, Cellular Mobile Telephone Service Providers, and Unified Access Service Providers. As a result, all types of service providers are covered by the regulations, and licence holders must follow the rules. As a result, all service providers must take the required precautions to secure the privacy and information exchanged on their networks. In the case of Amar Singh v. Union of India, the Supreme Court addressed the right to privacy in the context of phone call interception. The fascinating topic raised before the Apex Court was regarding the service provider’s responsibilities when a request is made to intercept calls. It was discovered in this context as follows: – “40. Considering the public character of a service provider’s activity, it is inherent in its duty to behave cautiously and responsibly.[4]” As a result, this Court is forced to conclude that respondent No. 8, the service provider, failed to perform the aforementioned obligation. 41. Of course, this Court is not implying that the service provider will sit on it in the guise of validating the legitimacy of any written request for interception[5]. The service provider must instantly act on such a written request, but if the communication contains obvious errors, as in this example, the service provider must concurrently verify its legitimacy while also acting on it. As a result, the Central Government must establish specific legislation standards in this respect to avoid the interception of a telephone call on unlawful communication, as has occurred in this case.” Nevertheless, in this case, the Apex Court rejected the writ petition due to a lack of substance in the writ petition. Nonetheless, the comment regarding the service provider’s obligation emphasises the importance of an individual’s right to privacy[6].
The topic of whether intercepting telephonic messages or tapping telephonic conversations constitutes a severe breach of an individual’s right to privacy was thoroughly explored by the Supreme Court in the People’s Union case8, where it was held as follows: “17. As a result, we have no problem in asserting that the right to privacy is a component of the right to “life” and “personal liberty” entrenched in Article 21 of the Constitution. Article 21 is used when the facts of a certain situation indicate a right to privacy. The aforementioned right cannot be limited “unless in accordance with the method prescribed by law.” 18. The right to privacy is not explicitly mentioned in the Constitution. It may be too wide and moralistic as a notion to be defined judicially. The circumstances of the case will determine whether the right to privacy may be invoked or has been violated. Nonetheless, the ability to have a phone call in the privacy of one’s own home or business without interference may undoubtedly be asserted as a “right to privacy.” Discussions over the phone are frequently intimate and confidential. Telephone conversations are a normal part of modern lifeIt is regarded as so crucial that an increasing number of individuals carry mobile telephones in their pockets. A man’s private life revolves around telephone conversations. Telephone discussions in the privacy of one’s home or business would undoubtedly be protected under the right to privacy. Telephone tapping would thereby violate Article 21 of the Indian Constitution unless approved via the legal procedure.” The issue in the case of the State of Maharashtra v. Bharat Shanti Lal Shah and Ors.9 was the constitutionality of certain sections of the Maharashtra Control of Organized Crime Act, 1999. The statute permitted the investigative agency to intercept calls whenever required, as specified in the act. The Hon’ble Supreme Court affirmed the stated act by ruling as follows. “44. While the interception of a communication is a breach of an individual’s right to privacy, that right can be limited by a legally authorised method.” Hence, the Court must ensure that the method itself is fair, equitable, and reasonable, and not arbitrary, whimsical, or oppressive.” As a result, one cannot help but note that courts of law have placed a high value on an individual’s privacy rights in relation to digital communications. The National Cyber Security Policy – 2013, which was notified on 02.07.2013, was the first move taken by the Government of India to defend the rights of the common man in cyberspace. The policy’s objective is to create a safe and resilient cyberspace for individuals, businesses, and the government. Through a combination of institutional structures, people, processes, technology, and cooperation, the mission is to protect information and information infrastructure in cyberspace, build capacities to prevent and respond to cyber threats, reduce vulnerabilities, and minimise damage from cyber incidents. The objectives also show that a substantial move is being taken towards developing a flawless mechanism to tackle legal difficulties originating from the use of internet. Finally, it has been determined that each individual who uses cyberspace should be better informed about the benefits and drawbacks of doing so. Being a responsible user of cyberspace is essential, and awareness is the key. The legislation governing the right to privacy in cyberspace is still in its early stages, thus individuals must play an important part in ensuring that their private rights are not violated due to ignorance.[7]
[1] Campbell v. MGN, (2004) UKHL 22.
[2] AIR 1963 SC 1.
[3] A/HRC/WG.6/13/MAR/3, para. 37
[4] Art. 20 of the Constitution of India.
[5] Art. 12, the Universal Declaration of Human Rights,1948.
[6] Marlon Brando, American Motion Picture and Stage Actor, 1924 – 2004
[7] Crimes in Cyberspace: Right to Privacy and Other Issues – Academike (lawctopus.com)
Author’s Name – Dr Ruchi Sharma (Asst. Proff. Mahrishi Arvind University Jaipur, Rajasthan)
