This article has been written by Mahek Patel, a 3rd semester law student from Balaji Law College.
Abstract
In a world
Where everyone
Shows and tells everything…l
Value Discretion and privacy
–Sonya Teclai
-artist, author and Co-founder of great Minds
Why? It is said so that valuing privacy safeguarding a privacy is as important as telling somebody not about our strategies. And in this digital world full of social media thing or call it meta-world where everybody are on their cells and something which is connected to wave called internet, privacy has become a myth. In this evolution of mankind. We have developed so much that now. On a one click we got what we want, but on this one, click, we know about someone we want to know about. The world of digitalization where everyone chose and tells everything and that everything which we put at risk of convenience was something become a threat to us later. Yes, this is about digital privacy in this digital world. People who we never meet never heard about knows us how, when in this digitalization process we have reached so far that right now, in this race we can operate and manage everything related to everyone just in need of a technological device and a click. But this digitalization a live threat, the privacy is this world is transparent, cybercrimes, scams the personal data will availability, information is handling and what not. But we know about this we’re working on developing a mechanism to protect us from this trap. Working on a mechanism on safeguarding our digital privacy like we have developed some walls of questions which is protect us from the trap which we fall into when you socialize ourselves digitally, a wall of secure network which come from legalization we have developed our laws and implemented our legal framework and enforced control over this trap of meta-world.
Introduction to Digital Privacy and the need in India
Privacy a right that left you be free, be sit alone somewhere without any disturbance or intrusion. Privacy is when you can control the information. Who is knowing about you? Who can know about you and who cannot? It is simply to control people interfering with you on your personal things. In this meta world the privacy has become digital too. The adjective digital privacy has become digital. And it regarding safeguarding and ensuring the protection of a personal or profession data on your device that he or she doesn’t want to share that amounts to control over their personal or confidential data. information and security while using cell.
Protection of personal information such as e-mail, name, your address any bank or finance related information or details. And other sensitive data of yours, digital privacy controls all of this and make your data un-accessible to unauthorized access or use. Now talking about the concept, digital privacy and digital safety, both the terms are interlinked and differentiated at ordinary level. Digital privacy is a control the power on your device that safeguards your information from people you don’t want to disclose while digital safety ensures the security of data and devices and includes the measures that are necessary for protecting it. We could say the digital privacy is a law and digital safety is the officer who protects the law.
Limiting your personal information shared online using a strong password, firewall, avoiding clicking on suspicious ADS links are any type of attires which pops with a message on your phone. As some steps, you must take to secured your digital privacy and measures to protect your digital privacy from cybercrimes. And attack and viruses, online frauds scans and online. Threats is digital safety, which involves. Using antivirus, avoiding downloads from illegal sources and authorized source an updating software and application regularly for your device.
But why there’s need to be conscious when or why there is need to take so much method for protecting the information? Because digital privacy has become a myth, everyone having a life threat a defaming threat that they don’t know about a thread popping on their phones when they see something a threat of leak about, the things a person don’t want to share. There are 1000 of lives stepping in this digital world every day for any purpose or I say a device, a technological device has become a part of our life like a basic necessity. But this necessity is a threat to those innocent ones. The Economic Times stated at every year 7000 per complaint and file and registered as cybercrimes and it is increased 60.9% increase from last year. Cybercrimes like cyber exhaustion, illegal gambling, theft related to card of financial payment data, infinging copyright, hacking, data breaches have been increased. And, there is a need to regulate the digital privacy. To ensure our safety there is needs to prevent fraud and misuse of a data personal information. And there need to work on our digital privacy. And for the human dignity the law is playing its role by, passing bills like PBPD and maintaining mechanisms. And learning enforcer bodies on this like CERT answering and safeguarding our digital privacy.
Defining Cybercrimes and its types
Cybercrimes can be defined as a crime or offence, an act. Or harmful activity. A wrong or a criminal activity that is carried by any human out by technology on any digital device like on internet, cell, computer or any network against the will of individual, group and community. It could be defaming them or anything sharing or hacking their personal data without their consent. Disturbing their privacy by harassing and stalking them but digitally amounts to cybercrime. There are various types of cybercrime which are categories and differentiated.
Typical types of cyber crime
- Financial crimes
- Online banking fraud
- Credit card fraud etc
- Intellectual property theft
- Copyright infringement
- Piracy
- Patent Infringement
- Cyber terrorism
- Attack on critical infrastructure
- Disruption of government services etc
- Cyber extortion
- Data extortion
- Ransomware attacks
- Cyber talking and harassment
- Online harassment
- Defamation
- Cyber bullying[1]
A short overview of legal framework in relation to Digital Privacy in India
- Indian Penal Code (IPC), 1890
The sections included in IPC for safeguarding detail privacy from those unauthorized access, and criminal breach of trust are:
° Section 379
When in a situation the offence of theft of any phone or data is taken place section 379 applies to it.
Section 379 of IPC is
Whoever commits theft shall be punished with imprisonment of either description for a term which may extend of three years or with fine or both.
And this applies to digital privacy when there is a phone or data.
° Section 491
When a photograph taken by one person of another which is without his or her concern, this actor of comes under section 491.
The punishment is simple imprisonment of 6 months with or without fine depends on the app. Other laws, the infection applied to this dissent act, of photography are Section 66E of India Code, Article 21 of the Indian constitution and 35 4 C of IPC That deals with offence called voyeurism. The act of capturing, watching or recording someone engage in private act as there was reasonable expectation of privacy but recording our capturing then without their consent.
Section 378
The section 378 of IPC defines theft of movable property out of someone’s possession without their consent and with intention of dishonestly taking it, intention of wrongful gain in relation to digital priority, it is upright when personal information or data is theft by hacking your device
Section 378-382of IPC At the sections that deals with defining theft punishment to different categories or ways of theft
Other section of IPC that safeguard the digital privacy. I’ll provide punishment to related offences are Section 463,465, 420, 468 and etc.
Information technology act (IT) act 2000
Information technology act is the primary law in India. That is concerned with e-Commerce and deal with offences are wrongful or harmful act carried out by Technology that is Cybercrimes. ON 17 October 2000 the Indian Parliament noted this act as INFORMATION TECHNOLOGY Act also called as IT Act 2000.
Identifying data theft, punishing,
spamming, hacking and so on other cybercrimes comes under identify this IT act. This penalizes cybercrimes and wrongful acts that related to technology or technological devices.
Like section 72 of IT Act applies penalty for breach of confidentiality and privacy[2].
Section 66A of IT act made an act punishable when a person performs sending the offensive information using computer or any other electronic device.
Section 67 A[3] serves punishment to someone who causes publishing or transmitting any material in electronic form which contain sexually explicit act includes punishment of imprisonment, which may extend to 5 years or fine, which may extend to 10 lakhs. This all section protects your digital privacy when there is a crime related to it and your digital privacy gets violated.
Personal Data Protection Bill (PDPB)
A committee for study of issues in relation to data protection in India was made by the Ministry of Electronics and Information. In July 2017, the committee was in hands of Justice B.N Srikrishna, a retired Supreme Court judge. A bill was drafted and submitted by the committee in 2018. The personal data protection bill Include system of protection of personal data and also the procedures for setting up of a data protection authority in India for the same.
After this the further enquiry the bill was approved on 4 December 2019 as the protection Data Bill 2019 by Cabinet Ministry of India and then on 11 December 2019 government introduced it in Lok Sabha.
The bill was also involved in WhatsApp Facebook policy case. In March 2020 the Joint Parliamentary Committee (JPC) analyzed the bill and said that, It has sought mode to study and also the bill failed to handle upcoming challenges in international standards. And after that, the bill was withdrawn by committee in 2022.
MECAHNISMS AND ENFOCEMENT BODIES
CERT-IN
■ The Indian computer emergency response team, (CERT-IN) a government agency that response and handles to cybersecurity in India. The CERT was established under IT Act 2000 within the Ministry of Electronic and Information Technology.
It’ s main objectives are:
- Among Indian cyber community, it works for raising security awareness
- To resolve major security issues and cybercrimes or attacks works with similar institutions and organizations.
- Provide response to incident related to cybersecurity, cyberattacks and conducts operation for protecting and detecting have theft data
- It forecast the cybersecurity incident and protect you from your loss. The cyber loss or the cyberattack. The state is subject to happen in future
■ Cybercrime cells and police
- National cybercrime reporting portal is a government portrait that allows citizen into reports have a crime, which include version of cybercrimes like online fraud identifying theft cyber extortion and etc.
- The police officers are working for this portal and against cybercrimes and attacks are called as Internet police.
- This portal helps you when you are in need or you are stuck in some cyberattacks. The portal or the help is just a call away.
- Call 1930 to report for cybercrime.
Role of criminal law in relation to digital privacy
The Indian legislative system is huge and broad and has a wide scope. Of law, which consists different branches of law like constitutional civil administrative family corporate environment, India and labor laws and so on different version of law, which protects and punishing act offences related to particular stream or matter like family law, regulate and services this issue related to family.
In this different version of law, there is a branch Criminal law. Criminal law is a brand of law, the body of law which look after and defines offences that are called as crime. The criminal offences, the offences that are called crime or criminal offenses. These offenses are mostly threat, property, safety and in relation to a genuine wrong to an individual.
In this past few decades in matter of safeguarding digital privacy by penalizing and defining cybercrimes or digital crimes, thereby alerting many individuals to not engage in any fraudulent activity superiorly protecting individual from the unauthorized traps and data theft access and providing a legal framework that punishes and servers against the offences the criminal law has played its definite role in protecting and safeguarding someone digitals privacy and safety by building trust of citizens over a legislative manner.
The key aspects of how digital privacy safeguarding criminal laws are:
- Criminal law acts as deterrence
Criminal law safeguards digital privacy and protecting individual from cybercrimes by being deterrent, it upholds the fear of punishment and prevent people from committing cybercrimes By threatening and arresting those individual who perform cybercrimes and apply penalties.
- Mechanism for investigation and prosecution
Criminal laws serves mechanism of investigation and order enforcement agencies to investigate and inquire the matter of offences related to cybercrimes and cyberattacks and in the court the offender is prosecuted by a criminal law.
Defining the criminal law specifically identified and categorized as cybercrimes, making them and identifying them as a wrongful act or wrongful gain. Criminal law state cybercrimes have actionable offence that will result in legal action against the person who is performing this cybercrime.
Case laws
- Whatsapp Privacy Policy Case (2014 -2024)[4]
WhatsApp privacy police case is stated back in near 2021, but the case was running from 2014 bought my Facebook and in that time whatsapp said that there was no change in their privacyy policy. But although after two years in 2016 a new privacy policy was declared by
whatsapp.
According to this new policy, the user information like phone number and contact details would be shared and given to Facebook and other third party companies. And the new policy came into action nearly after 25 sept 2016.
And this was when Shreya Sethi and Kamayana Singh raised a voice against this and filed a petition and decided to challenge the privacy policy of whatsapp in Delhi high court
But the Delhi high court rejected the petition on 23 September 2016 and directed the order to WhatsApp to delete the data within 2 days of order. That was 25 September 2016 of users who want to delete the app or who want to keep the application on their cell.
This information was shared under the new policy stated who want to share their information should keep their account otherwise delete their accounts, and this action resulted in filing a SPL -Special Leave Petition in Supreme Court. Setting the facts that WhatsApp is threatening the right to privacy by sharing private data of users with Facebook and all other group companies in that there is urgent need to protect the data of Indian citizens who are using whatsapp application for messaging
The SPL was first heard by division bench. And then they referred it to constitutional bench on April 5 2017 and in July Tushar, Mehta the Additional Solitaire General filed an official memorandum before the Supreme Court to inform court about the Constitution of Justice B.N Srikrishna committee to examine issues surrounding data protection in India and suggest principles to govern data and draft data protection bill. This resulted in a committee released the report and drafted a bill. The personal data protection bill was introduced by government in Lok Sabha in 2019 and it was based on committee draft in January 2021. WhatsApp roll out a new privacy policy. But the SC has not yet Passed at the final verdict. The criminal laws that worked on this case were Indian evidence act, 1870 which governs and controls whatsapp messages and electronic records and section 65B, 65 A the section of evidence acts ensure the requirement of whatsapp messages to be valid and accepted in court but the Delhi high court overruled this and said that the conversation cannot be considered as admissible without a proper check and Certificate in July 2024.
- Justice K.S. Puttaswamy (Retd.) v. Union of India (2017)[5]
Aadhaar is the national identity project of India for which agency called UIDAI -Unique identification authority of India was established Aadhaar includes fingerprints scan and facial scan which is collected from an individua and a unique identification number is generated. The overall objective of this scheme was to curb corruption and increase the efficiency of public services, so governments collect the data of every citizen and uses it in these schemes and objectives. So when government stated that to apply for any were scheme like mid-day meal, MGNREGA , schemes related to public administration or distribution system. The Aadhaar is mandatory, but this was opposed by general public saying that collecting our biometrics and monitoring Aadhaar for welfare scheme is violating our to privacy.
In 2012, Karnataka high court former judge the retired KS.Puttaswami filed a petition in SC against adhar scheme and making adhar compulsory .The petition was filed stating that government welfare scheme is upliftment of people and this schemes are for everyone in need out there with a type of fundamental right and so on bases on this , government cannot say no to anyone and cannot violate anyone’s rights.
But when government started relating Aadhaar scheme For-example, for opening bank accounts, filing in income tax returns and applying for educational institution as Adhar was compulsory. The scheme stated that aadhar will be linked with your PAN card and mobile number. But if the data was leaked by government agencies, there will be high chance of misuse as it contains biometrics.
This case was divided into 2 parts the first part. talks about validity of Aadhaar for which bench of 5 judges was constituted and the second part focused on the question. Is the right to privacy a fundamental right or not? For the first part, the bench was the 5 judges was constituted in the first part. Puttamswamy said in his objection that the government has stored the data oriented up from Aadhaar in Central Server that is not regulated by protected by anything. So there is no availability of safety measures. And due to this, any private entity could hacked and use this data for any kind of misuse
On 26, September 2016, 5 judges bench stated that Adhar act is constitutionally valid and that giving demographic or biometric data is not violation of any fundamental right and struked down some of its sections and reframed them.
The second part question the case and the court stated that the decision regarding the right to privacy given on the MP. Sharma and Kharak Singh case are not valid and the foundation of this right to privacy is found in article 14, 19, 20, 21, 25, and there are many international convention that states right to privacy as an important fundamental right. But the attorney general opposed the statements and said that there is no such concept of right to privacy in Indian Constitution and after hearing the argument of both sides, a landmark judgement was given by the Supreme Court overruling M p Sharma and Kharak Singh case and declared the right to privacy as a fundamental right.
CONCLUSION
The overview of this article is subject to everything regarding cyberlaws, cybercrimes and much more. In this article the facts, mechanisms, and overview of legal frameworks states that how criminal laws are working for digital privacy, safeguarding and enforcing. But there are still challenges and need of more awareness for criminal laws to protect our digital privacy.
References [i]
https://www.ijllr.com/post/privacy-concerns-in-the-digital-payment-ecosystem
https://www.ijllr.com/post/cyber-security-in-digital-world
https://www.ijllr.com/post/cyber-security-in-digital-world
https://www.ijllr.com/post/digital-divide-gender-digital-disparities-in-india
https://www.ijllr.com/post/digital-privacy-fact-or-myth
https://www.ijllr.com/post/an-analysis-of-digital-privacy-laws
https://www.ijllr.com/post/an-analysis-of-digital-privacy-laws
[1] https://www.ijllr.com/post/cyber-security-in-digital-world
[2] https://meity.gov.in/writereaddata/files/The%20Information%20Technology%20Act%2C%202000%283%29.pdf
[3] https://www.indiacode.nic.in/show-data?actid=AC_CEN_45_76_00001_200021_1517807324077&orderno=84#:~:text=Whoever%20publishes%20or%20transmits%20or,extend%20to%20ten%20lakh%20rupees
[4] https://www.scobserver.in/cases/karmanya-singh-sareen-union-of-india-whatsapp-facebook-privacy-case-background/
[5] https://youtu.be/qbsprIphbpk?si=-WjkP5oWonsW7RhQ