Right To Privacy With Special Reference To Electronic Media

S MEDIA
RIGHT TO PRIVACY WITH SPECIAL REFERENCE TO ELECTRONIC
A DISSERTATION SUBMITTED
e
s
IN FULFILMENT OF THE REQUIREMENT FOR THE DEGREE s
i
OF
o
MASTER OF LAWS n
In 2
Institute of Legal Studies 0
2
Submitted by: 1
-
Ashish Singh
2
LL.M. Constitution and Administrative Law 2
DISSERTATION
Semester II
Roll No. 202110301030118
Submitted to:
Mr. KAUSHLENDRA SIR
Assistant Professor
Institute of Legal Studies
1
June 22, 2022
DECLARATION
I, Ashish Singh, do hereby declare that this dissertation titled “RIGHT TO PRIVACY
WITH SPECIAL REFERENCE TO ELECTRONIC MEDIA” is a bonafide
research undertaken by me in partial fulfilment of LL.M (One Year) programme at Sri
Ramswaroop Memorial University, Lucknow. This dissertation has been made under
the able guidance and supervision of Asst. Prof. Mr. Kaushlendra.
This is an original piece of work and all the sources have been cited and duly
acknowledged. I further declare that no portion of this dissertation has been submitted
anywhere for any degree or diploma.
Date: June 22, 2022

ASHISH
SINGH
Place: Lucknow ROLL NO:-
202110301030118
LL.M
(CAL)
2021-
22
SRMU,
LUCKNO
W
2
SHRI RAMSWAROOP MEMORIAL UNIVERSITY
(Established by UP State Govt. ACT 1 to 2012)
Lucknow- Deva Road, Uttar Pradesh-225003
Date -05/06/2022
TO WHOMSOEVER IT MAY CONCERN
This is to certify that Mr. ASHISH SINGH, student of LL.M. (CAL) has completed his
dissertation, titled “RIGHT TO PRIVACY WITH SPECIAL REFERENCE TO
ELECTRONIC MEDIA” under my supervision, for the award of degree of Master of Laws at
Shri Ramswaroop Memorial University. Dissertation supervisor will not be responsible for any
type of plagiarism, typological error or any factual legal infirmities. He has completed all
formalities as required under the ordinance and the dissertation is forwarded for evaluation.
Mr. Kaushlendra
Assistant Professor
3
ACKNOWLEDGEMENT
I would take this opportunity to express my deep sense of gratitude towards, Mr. Kaushlendra
Sir ,who has tendered untiring support to me to complete the present study, failing which the
study would not have been successfully completed.
I express my deep sense of gratitude to Mr. Kaushlendra sir . The uphill task of completing this
paper would not have been possible, out his able supervision and timely guidance. I thank our
librarian and the other entire person who have helped me in making this dissertation a success. I
wish to extend my sincere thanks to all the people who have helped and guided me in exploring
my talent in bringing out this project work as a successful one.
ASHISH SINGH
202110301030118
4
PREFACE
Privacy is a fundamental human right and a cornerstone of a democratic society. It lays at the
foundation of the rule of law, the secret ballot, doctor - patient confidentiality, lawyer-client
privilege, the notion of private property, and the value our society places on the autonomy of the
individual. The instant scheme of the dissertation will follow in the form mentioned below to
cover all aspects of the privacy as a right:
The first chapter of Introduction gives the general overview about the privacy at
political and socio- cultural level and further gives an brief overview on as to how modern
technological developments have become a medium of invading privacy of the individuals in
today’s world.
The second chapter introduces the concept and evolution of privacy and shall also throw
light upon the definitions given by various renowned jurists and scholars. It shall also deliberate
upon the historical framework of privacy in India which owes its origin from Article 21 of the
Constitution.
The third chapter makes an attempt to trace out the statutory protection provided to right
to privacy under various statutes in India which includes Indian Penal Code, 1860, Right to
Information Act, 2005, Indecent Representation of Women (Prohibition) Act (1987), The
Easements Act, 1882, The Indian Evidence Act 1872.
The fourth chapter provides about the role of media and its impact on right to privacy
and the position of media in Indian democracy and its regulation under constitution. The tension
between the freedom of expression and the right to privacy is examined with particular attention
to media in India.
The Fifth chapter shall provide an insight into the genesis of Data Protection and right
to privacy with main emphasis on the position in UK, USA, India, European Union and OECD
Guidelines on the data protection.
5
The Sixth chapter deliberates upon the crucial and the much debated issue of the threats
posed to the privacy of the individuals by means of telephone tapping which has become a
contentious issue today.
The Seventh chapter further deliberates upon another contentious issue which has
become the means of invasion of individual’s privacy i.e. Sting Operations carried out by so-
called private spying agencies are blatant violation of an individual's privacy.
The Eighth chapter is a concluding chapter along with suggestions as to how to deal with
the above mentioned problem identified areas and thereby making the right to privacy of an
individual more meaningful, where I conclude on as to how modern technological developments
have made it possible to collect and analyze detailed information about individuals almost
anywhere in the world and thereby making it far more invasive and personal than any technology
in the past.
6
TABLE OF CASES
1. Boyd v. United States. 116 U.S. 616 (1965)………………………………….…….……11

2. Griswold v. Connecticut, 381 U.S. 479 (1965)………………………………………..…11
3. Bowers v. Hardwink 478 U.S. 113 (1973)………………………………………...……..11
4. Kharak Singh v. State of UP A.I.R. (1963) S.C. 1295……………………………...……12
5. Govind v. State of M.P A.I.R. (1975) S.C. 1378……………………………………..….13
6. State of Maharashtra v. Madhukar Narayan A.I.R. (1991) S.C. 207……………..……...14
7. R.Rajagopal v. State of Tamil Nadu A.I.R. (1995) S.C. 264…………………...………..14
8. PUCL v. Union of India A.I.R. (1997) S.C. 568………………………………..……….16
9. Roe v. Wade 410 U.S. 113, 152-55(1973)………………………………………...……..18
10. Queen v. Hicklin Cockburn 1868 L.R. 3 Q.B. 360………………………...…………….21
11. Ranjit .D. Udeshi v State of Maharashtra AIR 1965 SC 881……………..……………..22
12. Pawan Kumar v State of Haryana 1996 (4) SCC 480………………………...………….23
13. Mr X v Hospital Z (1998) 8 SCC 296………………………………………...………….25
14. Gokal Prasad v Radho ILR 10 All (1888) 358………………………………….……….27
15. Tika Ram Joshi v. Ramlal Shah, AIR 1935 All 754 at 756………………………….………28
16. Chinthala Krishnamurthy v. Uppala AIR 1980 A.P. 69 at 73…………………….……..29
17. U.O.I v Association for Democratic Reforms (2002) 5 SCC 361…………………….....29
18. R v Sang [1979] 2 All ER 1222……………………………………………………..…...65
19. Malone v UK (1984) 7 EHRR 14……………………………………………….………66
20. Kesavananda Bharati v State of Kerala (1973) 4 SCC 225………………………….….70
21. ADM Jabalpur v Shivakant Shukla (1976) 2 SCC 521, 754……………………..……...70
22. Jolly George Varghese v Bank of Cochin (1980) 2 SCC 360…………………..……….70
23. Maneka Gandhi v Union of India (1978) 1 SCC 248…………………………..………..71
24. R.M.Malkani v. State of Maharastra AIR 1973 SC 157……………………...………….72
7
TABLE OF CONTENTS
DECLARATION……………………………………………………………………………..I
CERTIFICATE…………………………………………………………………………….....II
ACKNOWLEDGEMENT………………………………………………………………..….III
PREFACE……………………………………………………………………………….…...IV
TABLE OF CASES…………………………………………………………………….….....V
CHAPTER - 1 Introduction……………………………………………………..
……………………..……11
1.1Description…………………...………………………………………………..…….........11
1.1.1 Privacy at Political Level……………………………………..…………………...12
1.1.2 Privacy at the Socio-Cultural Level…………………………...…………………..12
CHAPTER - 2 Conceptual Framework of Privacy…………………………………………...15

2.1 Historical Framework of Privacy in India……………………………………………………15
2.3.1 Historical Background………………………………………….……………........15
2.3.2 Privacy in Ancient India………………………………………….……………..…16
2.3.3 Privacy in Grihya Sutras………………………………………….…………..........16
2.3.4 Privacy in Arthashastra…………………………………………….……………....17
2.2 Privacy: A Zero-Relationship……………………………………………..…………..…19
2.3 Constitutional framework of Privacy…………………………………………………….20
2.4 Safeguard Identity of Children……………………………………………………..........21
2.5 Safeguarding Identity of Rape Victims………………………………………………….23
2.6 Trail by Media & Media Victimization………………………...………………………..24
2.7 Sting Operation………………………………………………………………………….27
2.8 Land Mark Cases…………………………………………………………..……………31
CHAPTER - 3 Statutory protection of Right to Privacy in India……..…………..….....38

3.1 Privacy as under Easements Act, 1882………………………………………………..…38
3.2 Privacy and Indecent Representation of Women (Prohibition) Act, 1987………..…….38
3.3 Privacy as under Indian Penal Code 1860…………………………………………..…...39
8
3.4 Privacy as under Right to Information Act, 2005…………………………………..……42
3.4.1 Right to information in cases of venereal or infectious diseases..................………43
3.4.2. RTI under the control of a public authority……………………………………… 43
3.4.3. Right to information and Electronic governance………………..………………...44
3.5 Land Mark Cases……...………………………………………………………………...……45
CHAPTER - 4 Data Protection & Privacy……………………………………………..…47

4.1 Meaning of Data………………………………………………………………………..…….47
4.2 Need Regulation of Data Protection……………………………………………………….…….48
4.2.1 Data protection laws in India……….……………………………………………………...49
4.2.2 Information Technology Act, 2000……………………………………………………......51
4.2.3. Grounds on which Government can interfere with Data……………………………….....51
4.2.4. Penalty for damage to computer, computer systems, etc. under the IT act……………….52
4.2.5. Tampering with computer sources documents as provided for under the IT act, 2000…..53
4.2.6. Computer related offences………………………………………………………………..53
4.2.7. Penalty for breach of Confidentiality and Privacy………………………………………..53
4.2.8. Amendments as introduced by the IT act, 2008…………………………………………..54
4.3 Regulation of Data Protection……………….…………………………………………...55
4.3.1 OECD Guidelines and Data Protection…………..……………………………………55
4.3.2 European Union and Data Protection…………………………...……………………..63
4.3.3 United Kingdom and Data Protection……………………………..……………………...64
4.3.4 United States of America and Data Protection…………………………………………….65
4.3.5 Asia Pacific and Data Protection…………………………………………………………..66
4.3.6 India and Data Protection……………………………………………..…………………...67
CHAPTER - 5 Informational & Workplace Privacy……………………………....…………72

5.1 Information Privacy - Legal Approaches to its Protection………………………...…………....72
5.2 Privacy at Workplace…………………………………………………………….…..…………77
5.2.1. EU privacy directive…………………………………………………………………….79
5.3 Analysis & Interpretation………………………………………………………………….........81
CHAPTER – 6 Telephone Tapping-An Invasion of Privacy…………...……………….83

9
6.1 Law relating to Telephone tapping in India……………………………………….........83
6.2 Law relating to Telephone Tapping in England……………………………….....................86
6.2.1. Procedure for obtaining Interception Warrant………….…………………………….88
6.3 Land Mark Cases……………………………………………………………………….89
CHAPTER - 7 Sting Operations - An Invasion of Privacy……………………….……..94

7.1 Scope and Purpose……………………………………………………………….……...94
7.2 A mode of Invasion of Privacy…………………………………………………….……95
7.3 Comparison with position in U.S.A……………………………………………...............97
CHAPTER- 8 Conclusion & Proposed Suggestions…………………………………..….99
BIBLIOGRAPHY……………………………………………………………………..........102
10
LIST OF ABBREVIATIONS
AIR : All India Reporter Art. : Article
CJI : Chief Justice of India
HC : High Court
i.e. : That is
No. :Number
Pvt. : Private
SC : Supreme Court
Sec. : Section
SCC : Supreme Court Case
S.C.R : Supreme court report
Supra : As above
Ltd : Limited
UDHR : Universal Declaration of Human Right
U,P : Uttar Pradesh
U/A : Under article
v. : versus
viz. : Namely
Vol. : Volume
WWW : World Wide Web
11
CHAPTER- 1
INTRODUCTION
1.1. Description
Describing the conceptual vacuum surrounding the notion of privacy, Parker has rightly
observed that currently, there is no consensus in the legal and philosophical literature on a
definition of privacy. For some, privacy is a psychological state, a condition of “being-apart-
from-others” closely related to alienation1. For others privacy is a form of power, “the control we
have over information about ourselves”2, or “the condition under which there is control over
acquaintance with one’s personal affairs by the one enjoying it” 3 or “the individual’s ability to
control the circulation of information relating to him.”4
Most definitions of privacy agree on a core concept: that privacy is the claim of an
individual to determine what information about him or herself should be known to others 5. This
also involves when such information will be communicated or obtained and others will make
what uses of it. In addition, many definitions of privacy would add a claim to privacy by social
groups and associations, and also a limited (largely temporary) right of privacy for government
bodies.
1.1. 2. Privacy at Political Level
Privacy as a social issue has a political aspect and a psychological aspect. The former being
defined as the social issues element and the latter being defined as the behavioral element. The
importance of privacy with regards to social interaction and the need for it to sustain normal
everyday life among different cultures and even species is explained. The need for privacy is
established but is mainly considered socially rather than behaviorally.
1
Michael A Weinstein, “The Uses Privacy in the Good Life, 94, NOMOS, XIII (1971).
2
Ruth Gavison,” Privacy and limits of Law”, 425 Yale Law Journal 89(1980).
3
Gross,” The Concept of Privacy”, 42N.Y.U.L.Review 34, 35-37 (1967).
4
Arthur R.Miller,” The Assault on Privacy”, 169 Bookman Publishing 40(1972).
5
Westin. A.F. (Ed.) (1971Harvard University Press).
12
At the political level, every society sets a distinctive balance between the private sphere
and the public order, on the basis of the political philosophy of the state. In authoritarian
societies, where public life is celebrated as the highest good and the fulfillment of the
individual's purpose on earth, the concept of legally or socially protected privacy for individuals,
families, social groups, and private associations is rejected as immoral. 6 It is also seen as
politically dangerous to the regime. Thus authoritarian governments keep extensive records on
people and create procedures to watch and listen secretly to elite groups.
The public order, government, is seen as a useful and necessary mechanism for providing
services and protection. But constitutional machinery is expressly barred by bills of rights and
other guarantees of civil liberty from interfering with the citizen's private beliefs, associations,
and acts, except in extraordinary situations and then only through tightly controlled procedures7.
1.1.3. Privacy at the Socio-Cultural Level

This political balance is the framework for a second level of privacy - the socio-cultural
level. Environmental factors, such as crowded cities, and class factors of wealth and race shape
the real opportunities people have to claim freedom from the observation of others. In this sense,
privacy is frequently determined by the individual's power and social status. The rich can
withdraw from society when they wish; the lower classes cannot. The affluent do not need to
obtain subsidizing support from government by revealing sensitive information to authorities,
while those in economic or social need must disclose or go without 8. (Ironically, though, the rich,
the famous, and the politically powerful are also the people whose efforts at privacy are the most
assaulted by the media, political rivals, government investigators, etc. And, in an age of virtually
universal record-keeping and credentials review, even the wealthy and powerful become
enmeshed in the all-pervasive data-collection processes of an information-driven society.)
At the socio-cultural level, privacy is closely related to social legitimacy. When a society
considers a given mode of personal behavior to be socially acceptable - whether it is hairstyle,
dress, sexual preference, political or religious belief, having an abortion, or other lifestyle choice
- it labels such conduct as a private, rather than a public, matter. This generally means that such
matters should not be inquired into for the purpose of denying someone access to the desirable
benefits, rights, and opportunities controlled by government or private organizations 9. When
6
Source Link www.privacyexchange.org/japan/privacyguide04.pdf., last visited on 20.03.2022.
7
Ibid
8
Ibid
9
Ibid
13
society does not accept certain personal conduct, but considers it socially dangerous, society is
saying this is not a matter of “private choice” and does not allow the claim of privacy to be
exerted for it in settings where benefits, rights, and opportunities are being distributed. Thus,
debates over privacy are never-ending; for they are tied to changes in the changing norms of
society as to what kinds of personal conduct are regarded as beneficial, neutral, or harmful to the
public good. This makes some struggles over privacy unfold in moral, religious, and ideological
confrontations, with powerful interest-group competition.
In short, privacy is an arena of democratic politics; it raises fundamental debates about the
proper goals and roles of government; the degree of autonomy to afford sectors such as business,
science, education, and the professions; and the role of privacy claims in struggles over related
personal or group rights, such as equality, due process, and consumerism. We can identify four
psychological conditions or states of individual privacy. Sometimes the individual wants to be
completely alone, out of the sight and hearing of anyone else. This state of solitude is the most
complete and relaxed condition of privacy. Solitude provides the opportunity for repossession of
self, for thinking, healing, resting, regrouping, and preparing for re-entry and re-engagement in
social life.
In a second situation, the individual does not want to be alone but seeks the intimacy of
connections with confidants. We seek valued and trusted relationships with family, friends, or
associates, with whom we need to share sensitive ideas and emotions, receive help and feedback,
and deepen bonds of mutual self-revelation and connection. 10 A third state of privacy involves
defining some things that individuals do not want to share fully with persons with whom they are
in contact, and involves the creation of reserve.11 Either by personal explanation or by social
convention, the individual indicates that he or she does not wish certain sensitive personal
aspects to be discussed or noticed, at least at that particular moment. When those around a person
respect that claim, the individual achieves the state of reserve.
Hence the industrial revolution has brought about its own set of laws regulating not only
business and commercial activity but also the governance of post industrial society. Modern
technological developments and in particular, the so called convergence of computer and
10
Ibid
11
Ibid
14
telecommunication technology created an environment in which there is inexpensive and ready
excess to an ever growing pool of personal information. Further the interoperability of modern
systems has made it possible to collect and analyze detailed information about individuals almost
anywhere in the world. Today the scenario is that it is not only possible but also commercially
attractive for businessmen to conduct survey on large scale as they discover there are more new
ways in which they can use personal information to gain advantage in the market place.
Today, one can only surmise where technological progress will take us in the years
hence. Nonetheless, some trends regarding the Internet are already very discernible; its
multimedia potential makes it a unique information dissemination and exchange medium; it is
being far more invasive and personal than any technology in the past, it is changing the
paradigms of business, it is largely unregulated and in short it is largely changing the way we
live, often in ways we do not even realize.
15
CHAPTER - 2
Conceptual Framework of Privacy
2.1 Historical Framework of Privacy in India

2.1.1 Historical Background
The recognition of privacy is deeply rooted in our history. There is recognition of privacy
in the Quran and in the sayings of Mohammed. The Bible has numerous references to privacy.
Jewish law has long recognized the concept of being free from being watched. There were also
protections in classical Greece and ancient China. 12 Legal protections for privacy of an individual
have existed in Western countries for hundreds of years. In 1361, the Justices of the Peace Act in
England provided for the arrest of peeping toms and eavesdroppers. In 1765, British Lord
Camden, striking down a warrant to enter a house and seize papers wrote, "We can safely say
there is no law in this country to justify the defendants in what they have done; if there was, it
would destroy all the comforts of society, for papers are often the dearest property any man can
have”.13 Parliamentarian William Pitt wrote, "The poorest man may in his cottage bid defiance to
all the force of the Crown. It may be frail; its roof may shake; the wind may blow through it; the
storms may enter; the rain may enter - but the King of England cannot enter; all his forces dare
not cross the threshold of the ruined tenement."14
Various countries developed specific protections for privacy in the centuries that
followed. In 1776, the Swedish Parliament enacted the Access to Public Records Act that
required that all government-held information be used for legitimate purposes. France prohibited
the publication of private facts and set stiff fines for violators in 1858. The Norwegian Criminal
Code prohibited the publication of information relating to "personal or domestic affairs" in
1889.15
12
Raman Mittal Neelotpal Deka, Cyber Privacy
13
Eiftick v. Camngton, 1558-1774 All ER Rep. 45.
14
William Pitt, Speech on the Excise Bill, 1763, quoted in, Privacy and Human Rights (2002), available at the link:
http://www.epic.org as last visited on 20.04.2022..
15
.Juris Jon Bing, “Data Protection in Norway” (1996), available at the link:
http://www.jus.uio.no/iri/rettsinfo/lib/papers/dp_Norway/dp_norway.html.
16
2.1.2 Privacy in Ancient India
There are several legends which establish it beyond doubt that disturbing a meditating
sage was considered a wrong of the highest order in the ancient Indian society, Lord Shiva,
while, in meditation, is said to have been disturbed by Kamdeva, the god of love and sex in the
Indian mythology, who was burnt as punishment thereof when Lord Shiva opened his third eye.
Next example is when Lord Shiva himself was not permitted by Lamboder to enter in his own
house when Goddess Parvati was taking bath with an intention to protect privacy. In matters of
religious and spiritual pursuits interference or disturbance of any kind was prohibited. So was the
case with the study of the Vedas.
2.1.3 Privacy in Grihya Sutras

Weber maintains that the Grihya sutras are of much importance to us in as much as it is in
them that we have to look for the drawn of our legal literature. 16 The Grihya Sutras contain
elaborate rules for the construction of a house. The house generally comprised a bed-room
(Sayaniya), a storeroom, a kitchen (Bhakta-Sarana), a hall or drawing room (Sabha) and
compound.17 Dr. Apte also supports the above view and maintains that a bed-room, a drawing
room, provision room and a nursery used to be the parts of a house .The main door of a house
was not supposed to face the door of another house and used to be so constructed that the house-
holder should not be seen by unholy persons while performing religious rites while dining in his
house and passers-by should not be able to see the valuables in the house.
Even in the selection of site for a dwelling house, one of the main considerations was to
avoid the sight of persons or things that formed impediments to the study of the Vedas. In the
above regulations and prohibitions lies the awareness and concern of the society to exclude
possible sight of a stranger, to preserve the sanctity of the house, to respect one’s privacy in
performance of religious rites, for the study of the Vedas and for dining purposes.
16
Weber , History of Indian Literature , pp 16-20
17
Mishra G, Right To Privacy in India, 48, 151 (Preeti Publications, Ist Ed) (1994) cites Dr. Ram Gopal, India
of Vedic Kalpasutras,
17
2.1.4 Privacy in Arthashastra
The rules regulating the construction of houses as found in the Arthashastra run as under:
The owner of houses may construct their houses in any other way they collectively like, but they
shall avoid whatever is injurious. With a view to ward off the evil consequences of rain, the top
of the roof shall be covered over with a broad mat, not blow able by the wind. Neither shall the
roof to be such as will easily bend or break. Violation of this rule shall be punished with the first
amercement. The same punishment shall be meted out for causing annoyance by constructing
door or windows facing those of others’ houses, except when these houses are separated by the
king’s road or the high road.18 With the exception of private rooms and parlous (angana) all other
open parts of houses as well as apartments where fire is ever kindled for worship or a mortar is
situated shall be thrown open for common use.
It is clear from the above extracts that the houses used to be divided into two main parts,
viz. (a) private rooms and parlous meant for exclusive use of the ladies and (b) the rest of the
house used to be open for common purposes. Here the word “common” must be understood in a
sense implying common-use for the family members alone. The sanctity of the family house was
secured by prohibiting persons to enter another’s house, without the owner’s consent, either
during the day or night. The punishment prescribed for violation of such prohibition was the first
amercement and the middle most amercement respectively. Further, any one, who used to
construct doors and windows facing others houses causing annoyance to his neighbors, was to be
punished. One of the factors causing annoyance was the exposure of private-rooms and parlous
meant for exclusive use of ladies, for they were not supposed to be seen by a male-stranger or to
stir out of their houses.
At international level the right to privacy has been codified to some extent, in some Human Rights
Instruments. For example Art. 12 of the Universal Declaration of Human Rights 19 adopted by the
General Assembly of the United Nations on 10 December 1948 and Art. 17 of International
Covenant on Civil and Political Rights 1966 have references recognizing the right to privacy as
human rights and protecting the same. At the regional level also, Art. 8 of European Convention on
Human Rights speak about the right to privacy.
18
Ibid
19
UDHR adopted and proclaimed by General Assembly resolution 217A (III) of December 10, 1948, available
at the link: http://www.un.org/overview/right.html, last visited on 18.04.2022.
18
Historically, the right to privacy as an independent, distinct concept originated in the field
or Tort Law. Under the Tort law, for any unlawful invasion of privacy, a new cause of action for
damages was recognized. Since privacy primarily concerns with the individual, the right to
privacy has two dimensions:
1. The general law of privacy which gives rise to tortuous liability for damages when one’s
privacy is unlawfully invaded and
2. The Constitutional recognition given to the right to privacy, which protects personal
privacy against unlawful government invasion.
Out of these two, there is nothing new about the first one, namely the development of
right to privacy under tort law. What is fascinating is the second aspect of the right to privacy,
i.e. the right to privacy acquiring the Constitutional status. The U.S. Supreme Court has held that
the right of privacy even though not explicitly mentioned in the Constitution of USA can be
discerned from the First, Third, Fourth, Fifth and the Ninth Amendments 20. In fact it has been
held that the right of privacy in the marital relation is older than the Bill of Rights and is
protected by the due process clause of the Fourteenth Amendment of the US Constitution. 21 The
court further expanded the right of privacy by saying that if the right to privacy means anything,
it is the right of the individual, married or single to be free from unwarranted governmental
intrusion into matters so fundamentally affecting person.22
The constitution does not explicitly mention any right of privacy. In a line of decisions,
however the court has recognized that a right of personal privacy or a guarantee of certain areas
or zones of privacy do exist under the constitution. 23 In Bowers v. Hardwink it was held that the
state can make homo-sexualism and sodomy criminal offences without violating the right of
privacy A cursory look at the case law of USA reveals that the right to privacy and its protection
are mainly derived from the substantive due process clause of Fourteenth Amendment and the
20
Boyd v. United States. 116 U.S. 616 , 630 ; Griswold v. Connecticut, 381 U.S. 479 (1965)
21
Justice Douglas who delivered the opinion of the court in Griswold case, p. 485
22
Ibid .
23
Ibid .
19
ambit of the privacy right is so expanded that it includes privacy in family life as well as in
individual life protecting the personhood, based on the concept respect of private life.24
The Indian courts have seized the opportunities whenever they came and tried successfully to
bring the privacy right within the purview of fundamental rights. Even though right to privacy is not
enumerated as a fundamental right in our Constitution it has been inferred from Art. 21. This note
traces down the evolution and development of right to privacy as a fundamental right flowing from
the other fundamental rights guaranteed under Part 3 of our Constitution, highlighting development
in law in the post constitutional period in India.
2.2 Privacy: A Zero-Relationship

Privacy is a “zero relationship” between two persons or two groups or between a group
and a person.25 It is a “zero-relationship” in the sense that it is constituted by the absence of
interaction or communication or perception within contexts in which such interaction,
communication or perception with contexts in which such interaction, communication or
perception is practicable- i.e. within a common ecological situation such as that arising from
spatial contiguity, or membership in a single embracing collectively such as that a family, a
working group, and ultimately a whole society. Privacy may be the privacy of a single
individual, it may be the privacy of the individuals, or it may be the privacy of three or more
numerous individuals. But it is always the privacy of those persons, single or plural, vis a vis
other persons.
The phenomenon of privacy exists only in contexts in which interaction, communication

or perception is physically practicable and within the range of what can be expected of human
beings. The situation must, therefore be one in which the abrogation of privacy by intrusion from
the outside or by renunciation from the inside is practically possible. Privacy presupposes the
prior existence of a system of interaction among persons in a common space, it might be face-to-
face interaction within a household, a neighborhood, or village, or a unit within a unit in a
corporate body such as a firm, an army or a congregation, the presupposed system of interaction
might be one in which there is ordinarily no face-to-face interaction between authority and
subject within a corporate body like a large church, a large firm, a large firm, a large army, or the
24
478 U.S. 113 9 (1973)
25
Edward Shils, "Privacy: Its Constitution and Vicissitudes", 2 Law and Contemporary Problems 31
(Spring 1966).
20
state, and in which the interaction or perception is initiated by an agent of authority with the
intention of intruding on the privacy of the subject.
2.3 Constitutional Framework of Privacy

The right to privacy is recognized as a fundamental right under the Constitution of India.
It is guaranteed under the right to freedom (Article 19) and the right to life (Article 21) of the
Constitution. Article 19(1) (a) guarantees all citizens the right to freedom of speech and
expression. It is the right to freedom of speech and expression that gives the media the right to
publish any information. Reasonable restrictions on the exercise of the right can be imposed by
the State in the interests of sovereignty and integrity of the State, the security of the State,
friendly relations with foreign States, public order, decency or morality, or in relation to
contempt of court, defamation or incitement to an offence. Article 21 of the Constitution
provides, "No person shall be deprived of his life or personal liberty except according to
procedure established by law." Courts have interpreted the right to privacy as implicit in the
right to life. In R.Rajagopal v. State of T.N.26; and PUCL v. UOI27, the courts observed that the
right to privacy is an essential ingredient of the right to life.
For instance, in R. Rajagopal v State of Tamil Nadu, Auto Shankar — who was sentenced
to death for committing six murders — in his autobiography divulged his relations with a few
police officials. The Supreme Court in dealing with the question on the right to privacy,
observed, that the right to privacy is implicit in the right to life and liberty guaranteed to the
citizens of the country by Article 21. It is a ‘right to be left alone.’ "A citizen has a right to
safeguard the privacy of his own, his family, marriage, procreation, motherhood, child-bearing
and education among other matters.” The publication of any of the aforesaid personal
information without the consent of the person, whether accurate or inaccurate and ‘whether
laudatory or critical’ would be in violation of the right to privacy of the person and liable for
damages. The exception being, when a person voluntarily invites controversy or such publication
is based on public records, then there is no violation of privacy.
In PUCL v. UOI28 which is popularly known as the wire-tapping case, the question before
the court was whether wire-tapping was an infringement of a citizen’s right to privacy. The court
26
(1994) 6 S.C.C. 632
27
AIR 1997 SC 568.
28
AIR 1997 SC 568.
21
held that an infringement on the right to privacy would depend on the facts and circumstances of
a case. It observed that, "telephone conversation is an important facet of a man's private life.
Right to privacy would certainly include telephone-conversation in the privacy of one's home or
office. Telephone-tapping would, thus, infract Article 21 of the Constitution of India unless it is
permitted under the procedure established by law." It further observed that the right to privacy
also derives from Article 19 for "when a person is talking on telephone, he is exercising his right
to freedom of speech and expression."
In Kharak Singh v. State of U.P, 29 where police surveillance was being challenged on
account of violation of the right to privacy, the Supreme Court held that domiciliary night visits
were voilative of Article 21 of the Constitution and the personal liberty of an individual. The
court, therefore, has interpreted the right to privacy not as an absolute right, but as a limited right
to be considered on a case to case basis. It is the exceptions to the right to privacy, like ‘public
interest’, that are of particular interest to this paper.
2.4 Safeguarding Identity of Children

The Juvenile Justice (Care and Protection of Children) Act lays down that the media
should not disclose the names, addresses or schools of juveniles in conflict with the law or that of
a child in need of care and protection, which would lead to their identification. The exception, to
identification of a juvenile or child in need of care and protection, is when it is in the interest of
the child. The media is prohibited from disclosing the identity of the child in such situations.
Similarly, the Convention on the Rights of the Child (CRC) stipulates that:
Article 16
1. No child shall be subjected to arbitrary or unlawful interference with his or her privacy,
family, or correspondence, or to unlawful attacks on his or her honor and reputation.
2. The child has the right to the protection of the law against such interference or attacks.
Article 40 of the Convention, states that the privacy of a child accused of infringing penal
law should be protected at all stages of the proceedings. Almost all media, print and broadcast,
fail to observe these guidelines. Prashant Kulkarni 30 (name changed), who was a photographer
29
AIR 1997 SC 568.
30
Interview with a freelance photographer and a former Reuters photographer .
22
with Reuters a few years ago, said that in Reuters photographs taken by photojournalists could
not be altered or edited, to ensure authenticity.
As far as taking photographs of certain vulnerable persons is concerned, he admitted to

photographing street children who are drug addicts on the streets of Mumbai. The photographs
were published by Reuters. However, when he was on an assignment for an NGO working with
children, the NGO cautioned him about photographing children who are drug addicts, to protect
their identity. Similarly, identity of HIV and AIDS patients, including children, should be
protected and not revealed. Children affected with HIV and AIDS should not be identified by
name or photograph, even if consent has been granted by the minor’s parents/guardian.
As a rule, Kulkarni said, he does not seek consent of individuals when he is taking their
photographs, if they are in a public place. If they do not object, the assumption is that they are
comfortable with being photographed. The PCI norms do not expressly provide that consent of a
person should be sought. But, journalists are expected to exercise restraint in certain situations.
Likewise, identifying juveniles in conflict with law is restricted. This includes taking
photographs of juveniles that would lead to their identification.
Kulkarni, who extensively covered the Bombay train blasts in 2006, explains, "At the
time of the Bombay train explosions, I avoided taking pictures that were gory or where dead
people could be identified. However, I did take photographs of those injured in the blast and
were getting treated in government hospitals. I did not expressly seek their consent. They were
aware of being photographed. That is the rule I have applied, even when I was on an assignment
in West Africa. I have never been on an assignment in Europe, so am not sure whether I would
have applied the same rule of thumb. Nonetheless, now as a seasoned photographer, I would
refrain from taking pictures of children who are drug addicts."
2.5 Safeguarding Identity of Rape Victims

Section 228A of the Indian Penal Code makes disclosure of the identity of a rape victim
punishable. In the recent Aarushi Talwar murder case and the rape of an international student
studying at the Tata Institute of Social Sciences (TISS) the media frenzy compromised the
23
privacy of the TISS victim and besmirched the character of the dead person. 31 In the TISS case,
the media did not reveal the name of the girl, but revealed the name of the university and the
course she was pursuing, which is in violation of the PCI norms. In addition to revealing names
of individuals, the PCI norms expressly states that visual representation in moments of personal
grief should be avoided. In the Aarushi murder case, the media repeatedly violated this norm.
The media in both cases spent enough newsprint speculating about the crimes. Abhinav
Pandey32 (name changed), a senior journalist reporting on crime, agrees that the media crossed its
boundaries in the TISS case by reporting sordid details of how the rape took place. "Names of
victims of sexual crime cannot be reported. In fact, in many instances the place of stay and any
college affiliation should also be avoided, as they could be easily identified. Explicit details of
the offence drawn from the statement given by the victim to the police are irrelevant to the
investigation or to the public at large. Similarly, names of minors and pictures, including those of
juveniles, have to be safeguarded."
"Crime reporters receive most of their stories from the police. Therefore, one has to be
careful before publishing the story. At times in the rigour of competitive journalism, if you
decide to publish an unverified story, as a good journalist you should present a counter-point. As
a seasoned journalist it is easy to sense when a story is being planted by the police. If you still
want to carry the story, one has to be careful not to taint the character of a person," he adds.
"For instance, in my reporting if I find that the information will not add to the
investigation, I will not include it in my copy. Last year, we had anonymous letters being
circulated among crime reporters which alleged corruption among senior IPS officers. Instead of
publishing the information contained in those letters with the names of the IPS officers, we
published a story on corruption and cronyism on IPS officers. In the Faheem Ansari matter, who
was an accused in the 26/11 trial, I had received his email account password. Accessing his
account also amounts to violation of privacy. But, we only published the communication
31
Kumar, Vinod, “Raped American student’s drink not spiked in our bar,” 16.04.09 Available at http://www.mid-
day.com/news/2009/apr/160409-Mumbai-News-Raped-American-student-date-drug-CafeXO-Tata-Institute-of-
Social-Sciences.htm, Anon, “Party pics boomerangon TISS rape victim” , 04 .05.09, Available at http://www.
mumbaimirror.com/index.aspx?page=article§id=15&contentid=2009050420090504031227495d8b4ef [Last
Accessed April 20,2022].
32
Interview with Abhinav Pandey, crime reporter with a leading newspaper, on 21.04.11.
24
between him and some handlers in Pakistan, which we knew would have an impact on the
investigation. Our job requires us to share information in the public domain, sometimes we
would violate privacy. Nonetheless, one has to be cautious."
2.6 Trial by Media & Media Victimization

The PCI norms lay down the guidelines for reporting cases and avoiding trial by media.
The PCI warns journalists not to give excessive publicity to victims, witnesses, suspects and
accused as that amounts to invasion of privacy. Similarly, the identification of witnesses may
endanger the lives of witnesses and force them to turn hostile. Zaheera Sheikh, who was a key
witness in the Gujarat Best Bakery case, was a victim of excessive media coverage and
sympathy. Her turning hostile invited equal amount of media speculation and wrath. Her
excessive media exposure possibly endangered her life. Instead, of focusing on the lack of a
witness protection program in the country, the media focused on the twists and turns of the case
and the 19 year Old’s conflicting statements. The right of the suspect or the accused to privacy
is recognized by the PCI to guard against the trial by media.
Swati Deshpande,33 a Senior Assistant Editor (Law) at the Times of India, Mumbai,
observes that, “As a good journalist one will always have more information than required, but
whether you publish that information or exercise restraint is up to you.” In a span of 11 years of
court reporting, as per her, there have been instances when she has exercised the option of not
reporting certain information that could be defamatory and cannot be attributed. If an allegation
is made in a court room, but is not supported by evidence or facts, then it is advisable that it be
dropped from the report.
"In the Bar Dancers’ case which was before the Bombay High Court, the petition made
allegations of all kinds against certain ministers. I did not report that, although I could have
justified it by saying it is part of the petition, and I was just doing my job. The allegation was
neither backed by facts nor was it of public interest. As a rule one should report on undisputed
facts. Then again, with court reporting one is treading on safer grounds, as opposed to other
beats."
"In cases of rape when facts are part of the judgment, you report facts that are relevant to
the judgment or give you an insight on why the court took a certain view and add value to the
33
Interview with Swati Deshpande, Senior Assistant Editor (Law), Times of India, on 15.04.11.
25
copy. One should avoid a situation where facts revealed are offensive or reveal the identity of the
victim. The past history of both the victim and the accused should not be reported." She
admitted, that "Media reporting often gives the impression that the accused has committed the
crime or the media through its independent investigation wing has found a particular fact. When
in fact, it has relied entirely on the information given by the police and failed to question or
verify the facts by an independent source. The result is that most crime reporting is one-sided,
because the information received from the police is rarely questioned."
As per her, to a certain degree the publication of Tata–Radia conversations did violate
Tata’s privacy. "Media needs to question itself prior to printing on how the information is of
public interest. Of course, as a journalist you do not want to lose out on a good story, but there
needs to be gate keeping, which is mostly absent in most of the media today."
In the Bofors pay-off case34 the High Court of Delhi, observed that, “The fairness of trial
is of paramount importance as without such protection there would be trial by media which no
civilized society can and should tolerate. The functions of the court in the civilized society
cannot be usurped by any other authority.”35 It further criticized the trend of police or the CBI
holding a press conference for the media when investigation of a crime is still ongoing. The court
agreed that media awareness creates awareness of the crime, but the right to fair trial is as
valuable as the right to information and freedom of communication.
The 200th report of the Law Commission dealt with the issue of Trial by media: Free
Speech vs Fair Trial under Criminal Procedure. The report, focused on the pre-judicial
coverage of a crime, accused and suspects, and how it impacts the administration of justice. The
Contempt of Courts Act, under section 2 defines criminal contempt as:
"…the publication, (whether by words, spoken or written or by signs, or by visible

representations, or otherwise), of any matter or the doing of any other act whatsoever which
(i) prejudices or interferes or tends to interfere with the due course
of any judicial proceedings; or
(ii) interferes or tends to interfere with or obstructs or tends to obstruct, the administration of
justice in any manner."
34
Crl.Misc.(Main) 3938/2003
35
Ibid
26
Section 3(1) of the Act exempts any publication and distribution of publication, "if the
publisher had no reasonable grounds for believing that the proceeding was pending”. In the
event, the person is unaware of the pendency, any publication (whether by words spoken or
written or signs or visible representations) interferes or tends to interfere with or obstructs “the
course of justice in connection with any civil or criminal proceeding pending at the time of
publication, if at that time he had no reasonable grounds for believing that the proceeding was
pending." The report emphasizes that publications during the pre-trial stage by the media could
affect the rights of the accused. An evaluation of the accused’s character is likely to affect or
prejudice a fair trial.
If the suspect’s pictures are shown in the media, identification parades of the accused
conducted under Code of Civil Procedure would be prejudiced. Under Contempt of Court Act,
publications that interfere with the administration of justice amount to contempt. Further, the
principles of natural justice emphasis fair trial and the presumption of innocence until proven
guilty. The rights of an accused are protected under Article 21 of the Constitution, which
guarantees the right to fair trial. This protects the accused from the over-zealous media glare
which can prejudice the case. Although, in recent times the media has failed to observe restraint
in covering high-profile murder cases, much of which has been hailed as media’s success in
ensuring justice to the common man.
For instance, in the Jessica Lal murder case, the media took great pride in acting as a
facilitator of justice. The media in the case whipped up public opinion against the accused and
held him guilty even when the trial court had acquitted the accused. The media took on the
responsibility of administering justice and ensuring the guilty are punished, candle light vigils
and opinion polls on the case were organized by the media. Past history of the accused was raked
up by the media, including photographs of the accused in affluent bars and pubs in the city were
published after he was acquitted. The photographs of Manu Sharma in pubs insinuated how he
was celebrating after his acquittal.
The Apex Court observed that the freedom of speech has to be carefully and cautiously
used to avoid interference in the administration of justice. If trial by media hampers fair
investigation and prejudices the right of defense of the accused it would amount to travesty of
27
justice. The Court remarked that the media should not act as an agency of the court. 36 The Court,
commented, "Presumption of innocence of an accused is a legal presumption and should not be
destroyed at the very threshold through the process of media trial and that too when the
investigation is pending."37
2.7 Sting Operations

On 30 August, 2007 Live India, a news channel conducted a sting operation on a Delhi
government school teacher forcing a girl student into prostitution. Subsequent to the media
exposé, the teacher Uma Khurana38 was attacked by a mob and was suspended by the Directorate
of Education, Government of Delhi. Later investigation and reports by the media exposed that
there was no truth to the sting operation. The girl student who was allegedly being forced into
prostitution was a journalist. The sting operation was a stage managed operation. The police
found no evidence against the teacher to support allegations made by the sting operation of child
prostitution. In this case, the High Court of Delhi charged the journalist with impersonation,
criminal conspiracy and creating false evidence. The Ministry of Information and Broadcasting
sent a show because notice to TV-Live India, alleging the telecast of the sting operation by
channel was “defamatory, deliberate, containing false and suggestive innuendos and half-truths.39
Section 5 of the Cable Television Networks (Regulation) Act, 1995 and the Cable
Television Network Rules (hereafter the Cable Television Networks Act), stipulates that no
program can be transmitted or retransmitted on any cable service which contains anything
obscene, defamatory, deliberate, false and suggestive innuendos and half-truths. The Rules
prescribes a programming code to be followed by channels responsible for transmission/re-
transmission of any program.
The program code restricts airing of programs that offend decency or good taste, incite
violence, contains anything obscene, defamatory, deliberate, false and suggestive innuendos and
half-truths, criticizes, maligns or slanders any individual in person or certain groups, segments of
social, public and moral life of the country and affects the integrity of India, the President and
the judiciary. The program code provided by the Rules is exhaustive. The Act empowers the
36
Sidhartha Vashisht @ Manu Sharma vs State (Nct Of Delhi), Available at http://www.indiankanoon.org/doc/151
5299/.
37
Ibid.
38
WP(Crl.) No.1175/2007.
39
Ibid.
28
government to restrict operation of any cable network it thinks is necessary or expedient to do so
in public interest.
The court observed that false and fabricated sting operations violate a person’s right to
privacy. It further, observed, "Giving inducement to a person to commit an offence, which he is
otherwise not likely and inclined to commit, so as to make the same part of the sting operation is
deplorable and must be deprecated by all concerned including the media.” It commented that
while “…sting operations showing acts and facts as they are truly and actually happening may be
necessary in public interest and as a tool for justice, but a hidden camera cannot be allowed to
depict something which is not true, correct and is not happening but has happened because of
inducement by entrapping a person."40
The court criticized the role of the media in creating situations of entrapment and using
the ‘inducement test’. It remarked that such inducement tests infringe upon the individual's right
to privacy. It directed news channels to take steps to prohibit “reporters from producing or airing
any program which are based on entrapment and which are fabricated, intrusive and sensitive.41
The court proposed a set of guidelines to be followed by news channels and electronic
media in carrying out sting operations. The guidelines direct a channel proposing to telecast a
sting operation to obtain a certificate from the person who recorded or produced the same
certifying that the operation is genuine to his knowledge. The guidelines propose that the
Ministry of Information and Broadcasting should set up a committee which would have the
powers to grant permission for telecasting sting operations. The permission to telecast a sting
operation should be granted by the committee only if it is satisfied about the overriding public
interest to telecast the sting operation. The guidelines mandate that, in addition, to ensuring
accuracy, the operation should not violate a person’s right to privacy, "unless there is an
identifiable large public interest” for broadcasting or publishing the material. However, the court
failed to define what constitutes 'larger public interest'.
The PCI norms also lay down similar guidelines which require a newspaper reporting a
sting operation to obtain a certificate from the person involved in the sting to certify that the
operation is genuine and record in writing the various stages of the sting. The decision to report
40
Ibid.
41
Ibid.
29
the sting vests with the editor who merely needs to satisfy himself that the sting operation is of
public interest.
In addition, to the Cable Television Networks Act and the PCI norms, the News
Broadcasting Standard Authority (NBSA) was set up in 2008 as a self-regulatory body by News
Broadcasters Association.42 The primary objective of the NBSA is to receive complaints on
broadcasts. The NBSA has drafted a Code of Ethics and Broadcasting Standards governing
broadcasters and television journalists. The Code of Ethics provides guiding principles relating
to privacy and sting operations that broadcasters should follow.
With respect to privacy, the Code directs channels not to intrude into the private lives of
individuals unless there is a “clearly established larger and identifiable public interest for such a
broadcast.” Any information on private lives of persons should be “warranted in public interest.”
Similarly, for sting operations, the Code directs that they should be used as “a last resort” by
news channels and should be guided by larger public interest. They should be used to gather
conclusive evidence of criminality and should not edit/alter visuals to misrepresent truth.
In a recent judgment on a supposed sting operation conducted by M/s. Associated

Broadcasting Company Pvt. Limited43 on TV9 on ‘Gay culture rampant in Hyderabad’, the NBA
took suo motu notice of the violation of privacy of individuals with alternate sexual orientation
and misuse of the tool of sting operation. NBA in its judgment held that the Broadcaster had
violated clauses on privacy, sting operations and sex and nudity of the Code of Ethics. It further,
observed, that the Broadcaster and the story did not reveal any justifiable public interest in using
the sting operation and violating the privacy of individuals. In this particular case, the
Broadcaster had revealed the personal information and faces of supposedly gay men in
Hyderabad to report on the ‘underbelly’ of gay culture and life. However, the news report, as
NBSA observed, did not prove any criminality and was merely a sensational report of gay
culture allegedly prevalent in Hyderabad.
42
NBA is a community formed by private television & current affairs broadcasters. As per the NBA website, it
currently has 20 leading news channels and current affairs broadcaster as its members. Complaints can be filed
against any of the broadcasters that are members of NBA on whom the Code of Ethics is binding.
43
For additional details, please refer to the website: http://www.nbanewdelhi.com/authority-members.asp [Last
Accessed April 20,2022]
30
The PCI norms provide that the press should not tape-record conversations without the
person’s express consent or knowledge, except where it is necessary to protect a journalist in a
legal action or for “other compelling reason.” What constitutes a compelling reason is left to the
discretion of the journalist.
It was in the 1980s, that the first sting operation on how women were being trafficked
was carried out by the Indian Express reporter Ashwin Sarin. As part of the sting, the Express
purchased a tribal girl called Kamla. Subsequently, in 2001, the sting operation conducted by
Tehelka exposed corruption in defense contracts using spy cams and journalists posing as arms
dealers. The exposé on defense contracts led to the resignation of the then defense minister
George Fernandes. Sting operations gained legitimacy in India, especially in the aftermath of the
Tehelka operation, exposing corruption within the government. The original purpose of a sting
operation or an undercover operation was to expose corruption. Stings were justifiable only when
it served a public interest. Subsequent to the Tehelka exposé, stings have assumed the status of
investigative journalism, much of which has been questioned in recent times, especially, with
respect to ethics involved in conducting sting operations and the methods of entrapment used by
the media. Further, stings by Tehelka, where the newspaper used sex workers to entrap
politicians have brought to question the manner in which stings are operated. Although, the
overriding concern surrounding sting operations has been its authenticity, as opposed to, the
issue of personal privacy.
For instance, in March 2005 a television news channel carried out a sting operation
involving Bollywood actor Shakti Kapoor to expose the casting couch phenomenon in the movie
industry. The video showing Shakti Kapoor asking for sexual favors from an aspiring actress,
who was an undercover reporter, was received with public outrage. Nonetheless, prominent
members of the media questioned the manner in which the sting was conducted. The sting was
set up as an entrapment. The court has taken a strong view against the use of entrapment in sting
operations. In the case of the Shakti Kapoor sting, privacy of the actor was clearly violated. The
manner in which the sting was conducted casts serious doubt on who was the victim.44
44
TNN, “'Full video will further embarrass Shakti', 15.03.2005 Available at http://articles.timesofindia.
indiatimes.com /2005-03-15/mumbai/27849089_1_sting-operation-shakti-kapoor-film-industry
31
Additionally, the sting violated the PCI norms. It failed to provide a record of the various
stages of how the sting operation was conducted. In United Kingdom, the media when violating
privacy of a person has to demonstrate that it is in the interest of the public.
2.8 Land Mark Cases

The origin of right to privacy as a constitutional right can be traced back to Kharak Singh
v. State of UP.45 In this case, all the majority of the judges of the Special Bench participating in
the decision said of the right to privacy that “Our Constitution does not in terms confer any like
constitutional guarantee”.46 On the other hand, the minority opinion (Subba Rao, J.) was in
favour of inferring the right to privacy from the expression ‘personal liberty’ in Art. 21. 47 Kharak
Singh was a case where the petitioner was put under surveillance as defined in Regulation 236 of
the UP Police regulations. It involved secret picketing of the house, domiciliary visits at night,
periodical enquiries by police officers into repute, habits, association, income or occupations,
reporting by police constables on the movements of the person etc. The regulation was
challenged as violative of the fundamental rights guaranteed to the petitioner.
The Court was of the view that other provisions of regulation 236 were not bad, as no right to
privacy has been guaranteed by the Constitution. It was of the opinion that the word liberty in Art. 21
were comprehensive enough to include privacy also. He said that although “It is true our Constitution
does not expressly declare a right to privacy as a fundamental right but the right is an essential
ingredient of personal liberty. He further held that if physical restraints on a person’s movements
affect his personal liberty, physical encroachments on his private life would affect it in a larger
degree. Indeed, nothing is more deleterious to a man’s physical happiness and health than a
calculated interference with his privacy. We would therefore define the right of personal liberty in
Art. 21 as a right of an individual to be free from restrictions or encroachments on his person,
whether these restrictions or encroachments are directly imposed or indirectly brought about by
calculated measures. If so understood, all the acts of surveillance under Regulation 236 infringe the
fundamental right of the petitioner under Art. 21 of the Constitution. 48
45
A.I.R. (1963) S.C. 1295
46
Ibid
47
Ibid
48
Ibid.
32
Govind v. State of M.P49 was also the case of surveillance under MP Police Regulations.
The Court had to consider the Constitutional validity of Regulations 855 and 856 of MP Police
Regulations, which provided surveillance. Justice Mathew was of the opinion that ‘since privacy
primarily concerns the individual, it relates to and overlaps with the concept of liberty’ and that
any ‘right to privacy must encompass and protect the personal intimacies of the home, the
family, marriage, motherhood, procreation and child rearing.’ Justice Mathew after conceding
that the question whether right to privacy is itself a fundamental right flowing from the other
fundamental rights guaranteed to a citizen under Part 3 is not easy of solution observed that
“Assuming that the fundamental rights explicitly guaranteed to a citizen have penumbral zones
and that the right to privacy is itself a fundamental right, that fundamental right must be subject
to restriction on the basis of compelling public interest”. However the Supreme Court hastened
to add that this fundamental right, like any other fundamental right must be subject to restriction
on the basis of compelling public interest.
In State of Maharashtra v. Madhukar Narayan Mardikar,50 departmental proceeding was

started against a police inspector for entering the hutment of the complainant woman and trying
to ravish her. The police officer took the defense that the woman was of easy virtue and he had
simply raided the house for illicit liquor. On the basis of the recommendation of the inquiry
officer, who found out that the charges were true, the police officer was served with an order of
dismissal. When the order was challenged the High Court of Bombay opined that since the
complainant was an unchaste woman it would be extremely unsafe to allow the future and career
of a governmental official to be put in jeopardy upon the uncorroborated version of such a
woman who made no secret of her illicit intimacy with another person. While reversing the
Bombay High Court’s Judgment, the Supreme Court through Justice Ahmadi held that even a
woman of easy virtue is entitled to privacy and no one can invade her privacy as and when one
likes. So also it is not open to any and every person to violate her person as and when he wishes.
She is entitled to protect her person if there is an attempt to violate it against her wish. She is
equally entitled to protection of law.
It is only in R.Rajagopal alias Gopal v. State of Tamil Nadu51 where a question
concerning the freedom of press vis-à-vis the right to privacy of the citizens of their country was
raised, that the Supreme Court unequivocally stated that the right to privacy is implicit in Art. 21.
49
A.I.R.(1991) S.C. 207.
50
A.I.R.(1995) S.C. 264
51
A.I.R. (1995) S.C. 264
33
The dispute in this case was over the publication of the alleged autobiography/life story
of Auto Shankar, who was charged and tried for as many as six murders. It was claimed that the
autobiography set out the close nexus between Auto Shankar and several IAS and IPS and other
officers some of whom were indeed his partners in several crimes. One of the three questions
that arose on the pleadings is ‘whether a citizen of this country can prevent another person from
writing his life story or biography? Whether the freedom of expression guaranteed by Art. 19
entitles the Press to publish such unauthorized account of a citizen’s life and activities and if so,
to what extent and in what circumstances? What are the remedies open to a citizen of this
country in a case of infringement of his right to privacy and further in case such writing amounts
to defamation?”
After considering a number of Indian, American and English cases the Court came to the
conclusion that: The right to privacy is implicit in the right to life and liberty guaranteed to the
citizens of this country by Art. 21. It is a “right to be let alone”. A citizen has a right to safeguard
the privacy of his own, his family, marriage, procreation, motherhood, child bearing and
education among other matters. None can publish anything concerning the above matters without
his consent whether truthful or otherwise and whether laudatory or critical. If he does so, he
would be violating the right to privacy of the person concerned and would be liable in an action
for damages. Position may, however be different, if a person voluntarily thrusts himself into
controversy or voluntarily invites or raises a controversy.
The Court finally held that the petitioners have a right to publish what they allege to as
live story/autobiography of Auto Shankar in so far as it appears from the public records even
without his consent or authorization. This, according to the Court, is because once a matter
becomes a matter of public record, the right to privacy no longer subsists and it becomes a
legitimate subject for comment by Press and media among others. At the same time the Court
warned that if the petitioners go beyond that and publish his life story, they may be invading his
right to privacy and will be liable for the consequences in accordance with law.
In People’s Union for Civil Liberties (PUCL) v. Union of India, issue was the citizen’s
Right to Privacy has to be protected from being abused by the authorities. Taking cue from the
earlier decisions, in this public interest, litigation, the Supreme Court had no hesitation in
34
holding that right to privacy is part of the right to ‘life and personal liberty’ enshrined under Art.
21 of the Constitution and the said right cannot be curtailed, except according to procedure
established by law.52 In this case, the Constitutional validity of “tapping of politician’s phones”
by the Central Bureau of Investigation was challenged as it amounts to violation of right to
privacy. It was contended that right to privacy is a fundamental right guaranteed under Art. 19
and Art. 21 of the Constitution of India.
The Court further held that the right to privacy by itself has not been identified under the
Constitution. As a concept it may be too broad and moralistic to define it judicially. Whether the
right to privacy can be claimed or has been infringed in a given case would depend on the facts
of the said case. But the right to hold a telephone conversation in the privacy of one’s home or
office without interference can certainly be claimed as ‘right to privacy’. Conversations on the
telephone are often of an intimate and confidential character. Telephone conversation is a part of
modern man’s life. It is considered so important that more and more people are carrying mobile
telephone instruments in their pockets. Telephone conversation is an important facet of a man’s
life. Right to privacy would certainly include telephone conversation in the privacy of one’s
home or office. Telephone tapping would, thus, infract Art. 21 of the Constitution of India unless
it is permitted under the procedure established by the law.
The Court also highlighted the necessity to lay down procedural safeguards for the
exercise of power under section 5(2) of Telegraph Act, which permits interception of telephone
messages, so that the right to privacy of a person is protected. In any case the Supreme Court had
made an attempt to define the scope of right to privacy. The Supreme Court has categorically
stated that the rights to privacy like any of the fundamental rights, is also subject to reasonable
restrictions. Thus in Govind’s53 case the Supreme Court stated that there ‘can be no doubt that
privacy-dignity claims deserve to be examined with care and to be denied only when an
important countervailing interest is shown to be superior. If the Court does not find that a
claimed right is entitled to protection as fundamental privacy right, a law infringing it must
satisfy the compelling state interest test.
From the above observations of the Supreme Court the following principles emerge:
52
A.I.R. (1997) S.C. 568
53
A.I.R. (1975) S.C. 1378.
35
1. Right to privacy is a fundamental right, implicit in Art. 21
2. It is not an absolute right, but subject to reasonable restrictions like any other
fundamental rights.
3. Right to privacy can be exercised subject to other rights and values and compelling State
and public interest.
From the above discussion it is obvious that even though right to privacy has not been
explicitly mentioned in the Constitution as a fundamental right, today there cannot be any second
opinion about right to privacy enjoying the Constitutional status that too as a fundamental right,
mainly in the right to life and liberty guaranteed by Art. 21. Like any other fundamental right,
right to privacy is also not absolute and is subject to reasonable restrictions based on compelling
State and public interest. Another aspect that needs one’s consideration is the remedy for
unlawful invasion of right to privacy. It is well established that right to privacy is a fundamental
right and it cannot be curtailed except according to procedure established by law and in the State
and public interest. Thus, lawful invasion of privacy is recognized.
In spite of the above significant developments, essence and scope of this right to privacy
is yet to be defined precisely. This is because of the concept of privacy itself is yet to be
satisfactorily defined. Since right to privacy is not explicit in the Constitution and it is not
codified, too broad and general definition by the judiciary will definitely have its own
limitations. Aware of this, after summarizing broad principles regarding the question of right to
privacy vis-à-vis freedom of Press in R. Rajagopal’s54 case, the Supreme Court itself, was quick
enough to point out these principles are only broad principles and they are neither exhaustive nor
all comprehending. The Supreme Court wisely admitted that indeed no such enunciation is
possible or advisable.
The real difficulty is not in recognizing right to privacy as a fundamental right but in
identifying what is one’s privacy and what amounts to invasion of it. From the jurisprudence of
the Supreme Court in this field, it can be inferred that right to privacy means right to be let alone
‘and it must encompass and protect the personal intimacies of the home, the family, marriage,
54
Ibid
36
motherhood, procreation and child rearing’. So far, the Supreme Court had occasion to point out
that the domiciliary visit, surveillance of home, telephone tapping, unauthorized publication not
from public records are acts of invasion of privacy. Moreover, the concept of privacy depends
upon many facts, such as nature of the society and the particular circumstances of the occasion.
The Supreme Court of America in deciding against the State restriction on abortion in Roe v.
Wade , rested its opinion on the moral notions widely shared among the American people. The US
55
Supreme Court indirectly valued the conventional moral culture in this case. Similarly the Supreme
Court of India in the Madhukar Narayan’s56 case placed emphasis on the traditional cultural status
of woman by holding that it is not open to any and every person to violate the person of even a
woman of easy virtue, as and when wishes.
Privacy primarily concerns with individual and it is for the individual to decide for
himself how much he will share his personal thoughts, feelings and life. Further, what is private
may vary from time to time and society to society. Therefore, the development or the law
relating to privacy necessarily has to be dependent on the local, cultural and other Sociological
factors. Awarding damages for invasion of privacy by unlawful governmental interferences and
consideration of cultural, sociological and philosophical traditions in determining what is privacy
are the necessary ingredients to strengthen the further development of law relating to privacy in
India, where different cultural, sociological and philosophical traditions are cherished.
JUSTICE K.S. PUTTASWAMY v. UNION OF INDIA AND ORS

The Judgment of the Apex Court that Right to privacy is a fundamental right is correct.
However, it is true that privacy cannot be an absolute right. For instance, surveillance is
important to prevent crime in the society. An individual cannot simply argue that his privacy is
being violated if larger public interest requires keeping him/her under the surveillance. The
major question is that the Supreme Court of India, unlike the USA, has still not recognized the
doctrine of waiver, which facilitates that an individual can waive off the fundamental rights if
larger public interest requires so. The reason behind this being that it would defeat the purpose of
the Constitution which implies that fundamental rights are absolute. So, how can privacy be a
fundamental right if it is not absolute? As already mentioned above, privacy is not only a right, it
55
410 U.S. 113, 152-55(1973)(art to privacy cited to strike down the abortion statute.)
56
Ibid
37
is a natural and inalienable right. It cannot be denied the status of a fundamental right because
liberty without privacy and dignity would be of no use.
38
CHAPTER-3
Statutory protection of Right to Privacy in India
3.1 Privacy as under Easements Act, 1882

The origin of the custom of privacy must be ascribed to a period anterior to the age of the
Kautilya’s Arthashastra. Later, this customary right of privacy got its statutory recognition as
well in the Indian Easements Act, 1882. Section 18 of the Act provides that an easement may be
acquired in virtue of local customs, which are called customary easement. Illustration (b) to the
above section more or less settles the contents of the customary right of privacy. It lays down:
By the custom of a certain town, no owner or occupier of a house can open a new
window therein so as to substantially to invade his neighbor’s privacy. Illustration (b) A builds a
house in the town near B’s house. A thereupon acquires an easement that B shall not open new
window in his house so as to command a view of the portions of A’s house which are ordinarily
excluded from observation, and B acquires a like easement with respect of A’s house.
3.2 Privacy and Indecent Representation of Women (Prohibition) Act, 1987

The arena of obscenity does not recognize any “gender discrimination” and it covers both
the genders. There is, however, a disturbing trend of harassing the “female gender” by
unreasonably and illegally violating their privacy. It must be appreciated that a nation, which
does not respect its women, cannot be described as a civilized nation at all. Such a nation cannot
grow and develop and will ultimately perish due to its own rudimentary and tyrannical dogma. 57
Thus; every attempt should be made to eliminate the menace of obscenity from the society. The
societal interest requires preserving genuine artistic works and arts on the one hand and to weed
out the wild, obscene and pornographic works on the other hand.
The term “obscenity” is, however, not capable of a precise definition and it keeps on
changing as per the norms and ideologies of the contemporary society. That takes us to the
“tests” of obscenity. The tendency of the matter charged as obscene must be to deprave and
corrupt those, whose minds are open to such immoral influences and into whose hands a
57
See the link: http://www.naavi.org/praveen_dalal/whatis_obscenity_feb03.htm#_ftn as last visited on 23.04.2022.
39
publication of the sort may fall is the right test. 58 Under the Indecent Representation of Women
(Prohibition) Act, 1987 if an individual harasses another with books, photographs, paintings,
films, pamphlets, packages, etc. containing "indecent representation of women"; they are liable
for a minimum sentence of 2 years. Further section 7 (Offences by Companies) holds companies
where there has been "indecent representation of women" (such as the display of pornography)
on the premises guilty of offenses under this act, with a minimum sentence of 2 years.
Anara Gupta too was booked under the Indecent Representation of Women (Prohibition)
Act, apparently for representing herself in poor light. Then the forensic lab in Hyderabad gives
her a clean chit, she gets off the hook. But by then, the websites have posted thousands of hits,
and every second PC in India has the video. Maybe someone should bring the media to book, for
publicizing that it was her in the video. Provisions of the Indian Penal Code, 1860:
3.3 Privacy as under Indian Penal Code 1860

In cases where the accused sexually harasses or insults the modesty of a woman by way
of either- obscene acts or songs or- by means of words, gesture, or acts intended to insult the
modesty of a woman, he shall be punished under Sections.293, 294, 209, 354 and 509
respectively of the Indian Penal Code, 1860. Section 293 also specifies, in clear terms, the law
against Sale etc. of obscene objects to minors. As per the Indian Penal Code, 1860: Section
293: "Sale, etc. of obscene objects to young persons”
Whoever sells, lets to hire, distributes, exhibits or circulates to any person under the age
of twenty years any such obscene object, as is referred to in IPC Section 292 (definition given
below), or offers of attempts so to do, shall be punished (on first conviction with imprisonment
or either description for a term which may extend to three years, and which fine which may
extend to two thousand rupees, and, in the event of a second or subsequent conviction, with
imprisonment of either description for a term which may extend to seven years, and also with
fine which may extend to five thousand rupees)" For the purposes of sub-section (2), a book,
pamphlet, paper, writing, drawing, painting representation, figure or any other object, shall be
deemed to be obscene if it is lascivious or appeals to the prurient interest or if its effect, or
(where it comprises two or more distinct items) the effect of any one of its items, is, if taken as a
58
Cockburn, C.J.in Queen v. Hicklin 1868 L.R. 3 Q.B. 360.
40
whole, such as to tend to deprave and corrupt persons who are likely, having regard to all
relevant circumstances, to read, see or hear the matter contained or embodied in it.].
In Ranjit .D. Udeshi v State of Maharashtra59 the appellant, a bookseller, sold a copy of
the unexpurgated edition of "Lady Chatterley's Lover". He was convicted under section 292,
Indian Penal Code. On an appeal the Supreme Court observed: “The section embodies a
reasonable restriction upon the freedom of speech and expression guaranteed by Art.19 and does
not fall outside the limits of restriction permitted by cl. (2) of the Article. The section seeks no
more than the promotion of public decency and morality, which are the words of that clause. The
book must be declared obscene within the meaning of section 292, Indian Penal Code. The word
"obscene” in the section is not limited to writings, pictures etc. intended to arouse sexual desire.
At the same time the mere treating with sex and nudity in art and literature is not per se evidence
of obscenity.
Though the work as a whole must be considered, the obscene matter must be considered
by itself and separately to find out whether it is so gross and its obscenity so decided that it is
likely to deprave and corrupt those whose minds are open to influences of this sort. In this
connection the interests of contemporary society and particularly the influence of the impugned
book on it must not be overlooked. The section does not make the bookseller's knowledge of
obscenity an ingredient of the offence and the prosecution need not establish it. Absence of
knowledge may be taken in mitigation but does not take the case out of the section. But the
prosecution must prove the ordinary mens rea in the second part of the guilty act and it must be
proved that he had actually sold or kept for sale the offending article. Such mens rea may be
established by circumstantial evidence”. This shows that the element of “guilty intention” is
fulfilled the moment the offending act of obscenity or pornography is committed.
Sec.294 of IPC, the obscene act or song must cause annoyance. Though annoyance is an
important ingredient of this offence, it being associated with the mental condition, has often to be
inferred from proved facts. However, another important ingredient of this offence is that the
obscene acts or songs must be committed or sung in or near any public place.
In Pawan kumar v State of Haryana60 The Supreme Court observed: “In order to secure a
conviction the provision (Section 294, I.P.C) requires two particulars to be proved by the
59
AIR 1965 SC 881
60
1996 (4) SCC 480.
41
prosecution, i.e. (i) the offender has done any obscene act in any public place or has sung,
recited or uttered any obscene songs or words in or near any public place; and (ii) has so caused
annoyance to others. If the act complained of is not obscene, or is not done in any public place,
or the song recited or uttered is not obscene, or is not sung, recited or uttered in or near any
public place, or that it causes no annoyance to others, the offence is not committed” These
decisions of the Supreme Court have direct relevance under the Information Technology Act,
particularly regarding the liability of the web site owners and the “Internet service providers”
(ISPs).
For instance, the former case may make the web site owners and ISPs liable for any
“offensive material” posted on their web site even if they have not posted it on the site. This may
happen when the web site owner/ISP has been made aware about the contents of the same and he
fails to remove the offensive material. Similarly, the second case equally make them liable
because a web site or/and a server owned and controlled by an ISP are undoubtedly “public
places” where the public has virtually unlimited access. Thus, if despite bringing to the notice of
a web site owner or/and ISP he/they negligently fail to remove the offensive material, they will
be held liable for the same. It must be noted that an offence may be committed not only by active
commission of the same but equally by a “wrongful, illegal and negligent omission” to prevent it
perpetuations.61
Section.509 of IPC, comes into effect when there is an intention to insult the modesty of any
woman by the offender by uttering any word, making any sound or gesture or by exhibiting any
object, with the intention that such word or such sound be heard, or that such gesture or object be
seen by such a woman, or by intruding upon the privacy of such a woman. Thus, this Section
requires:
1. Intention to insult the modesty of a woman.
2. The insult be caused by-:
2.1 Uttering any word or gesture
Exhibiting any object with the intention that such word, gesture, or object be hear or seen
by such a woman,
By intruding upon the privacy of such woman.
Section 209, IPC deals with obscene acts and songs and lies down:
61
See the link: http://www.naavi.org/praveen_dalal/e_pornography_dec10.htm as last visited on 23.04.2022
42
Whoever, to the annoyance of others:
a) does any obscene act in any public place or
b) Sings recites or utters any obscene song, ballad or words in or near any public place, shall
be punished with imprisonment of either description for a term, which may extend to 3
months or with fine or both. (Cognizable, bailable and triable offences).
Section 268 of the IPC talks about public nuisance which is an offence against the public either by
doing a thing which tends to annoy the community in general, or by neglecting to do anything which
he common good requires. It cannot be disputed that viruses and worms are perfect examples of
public nuisance and the person launching them can be prosecuted under this section.
Section 354, IPC deals with assault or criminal force to a woman with the intent to outrage her
modesty and lays down that: Whoever assaults or uses criminal force to any woman, intending to
outrage or knowing it to be likely that he will thereby outrage her modesty, shall be punished with
imprisonment of either description for a term which may extend to two years, or with fine or both.
3.4 Privacy as under Right to Information Act, 2005

There is an inherent and natural conflict between right to privacy on the one hand and the
right to information and right to know on the other. A law pertaining to data protection should
primarily reconcile these conflicting interests. Thus, the data of individuals and organizations
should be protected in such manner that their privacy rights are not compromised. The inherent
and natural conflict between right to know and right to privacy is also permeating various
statutory laws enacted from time to time. These laws, with their conflicting contours, are:
43
3.4.1 Right to information in cases of venereal or infectious diseases:
The welfare of the society is the primary duty of every civilized State. Sections 269 to 271 of the
Indian Penal Code, 1860 make an act, which is likely to spread infection, punishable by considering it as
an offence. These sections are framed in order to prevent people from doing acts, which are likely to
spread infectious diseases. Thus a person suffering from an infectious disease is under an obligation to
disclose the same to the other person and if he fails to do so he will be liable to be prosecuted under these
sections. As a corollary, the other person has a right to know about such infectious disease. In Mr X v
Hospital Z62 the Supreme Court held that it was open to the hospital authorities or the doctor
concerned to reveal such information to the persons related to the girl whom he intended to
marry and she had a right to know about the HIV Positive status of the appellant.
3.4.2 Right to know about the information under the control of a public authority:
In our present democratic framework, free flow of the information for the citizens suffers
from several bottlenecks including the existing legal framework, lack of infrastructure at the
grass root levels and an attitude and tendency of maintaining secrecy in the day to day
governmental functioning. To remove these unreasonable restrictions the Freedom of
Information Act, 2002 has been enacted by the Parliament. The Act provides for freedom to
every citizen to secure access to information under the control of public authorities consistent
with public interest, in order to promote openness, transparency and accountability in
administration and in relations to matters connected therewith or incidental thereto. The Act is in
accord with both Article 19 of the constitution as well as Article 19 of the Universal Declaration
of Human Rights, 1948.The act will enable the citizens to have an access to information on a
statutory basis. With a view to further this objective, Section 3 of the Act specifies that subject to
the provisions of this Act, every citizen shall have the right to freedom of information.
Obligation is cast upon every public authority u/s 4 to provide information and to maintain all
records consistent with its operational requirements duly cataloged, indexed and published at
such intervals as may be prescribed by the appropriate government or the competent authority.
Information relating to certain matters is exempted from disclosure u/s 8 of the Act. Further,
Section 9 specifies the grounds for refusal to access in certain cases. It must be noted that right to
62
(1998) 8 SCC 296
44
receive information from public authorities, which includes judiciary, is not an absolute right but
is subject to statutory and constitutional restrictions.
3.4.3 Right to information and Electronic governance:

Digital technologies and new communication systems have made dramatic changes in our
lives. Business transactions are being made with the help of computers. Information stored in
electronic form is cheaper and easier to store. Thus, keeping in view the urgent need to bring
suitable amendments in the existing laws to facilitate electronic commerce and electronic
governance, the Information Technology Act, 2000 was enacted by the Parliament. The aim of
the e-governance is to make the interaction of the citizens with the government offices hassle free
and to share information in a free and transparent manner. It further makes the right to information a
meaningful reality. In a democracy, people govern themselves and they cannot govern themselves
properly unless they are aware of social, political, economic and other issues confronting them. To
enable them to make a proper judgment on those issues, they must have the benefit of a range of
opinions on those issues. This plurality of opinions, views and ideas is indispensable for enabling
them to make an informed judgment on those issues, to know what is their true interest, to make
them responsible citizens, to safeguard their rights as also the interests of society and State. All the
constitutional courts of leading democracies have recognized and reiterated this aspect.
Every citizen has a right to impart and receive information as part of his right to
information. The State is not only under an obligation to respect this right of the citizen, but
equally under an obligation to ensure conditions under which this right can be meaningfully and
effectively enjoyed by one and all. Right to information is basic to and indivisible from a
democratic polity. This right includes right to acquire information and to disseminate it. Right to
information is necessary for self-expression, which is an important means of free conscience and
self-fulfillment. It enables people to contribute on social and moral issues. It is the best way to
find a truest model of anything, since it is only through it that the widest possible range of ideas
can be circulated.
45
3.5 Land Mark Cases
In 1888, the case of Gokal Prasad v Radha63 (hereinafter referred to as Gokal Prasad
Case) came before a Division Bench of Allahabad High Court for decision. The plaintiff alleged
that the defendant had wrongfully built a new house in such a way that certain eaves of that new
house projected over the plaintiff’s land and that a verandah and certain doors of the house
interfered with the privacy of those portions of the plaintiff’s house and premises which were
occupied and used by the females of the plaintiff’s family. Accordingly he claimed to have the
eaves, in question, and the verandah removed and the doors, complained of, be closed. The
female members of the plaintiff’s family were paradanashin women. The lower court decreed the
plaintiff’s claim with costs. On appeal, the District Judge that an appeal was made and this is
how the case came before the High Court.
The Division Bench of the High Court formulated the following questions. A primary
question must in all cases be: Does the privacy in fact and substantially exist and has it been and
is it in fact enjoyed? If it were found that no privacy substantially exists or is enjoyed, there
would be no further question in an ordinary case to decide. If, on the other hand, it were found
that privacy did substantially exist and enjoyed, the next question would be: was that privacy
substantially or materially interfered with by acts of the defendant done without the consent or
acquiescence of the person seeking relief against those acts?64
Chief Justice Edge, who delivered the judgment, arrived at the conclusion after examining
various authorities that a right of privacy exists and has existed in these provinces by usage or custom
and that substantial interference with such a right of privacy, where it exists, if the interference be
without the consent of the owner of the dominant tenement, afford such a good cause of action. In his
concurring judgment Justice Mahmood pointed out that under conditions of life such as they are in
these provinces, the custom that invasion of privacy is actionable is far from being an unreasonable
custom, and the custom itself is so well recognized that Mr.Motilal Nehru, for the respondent, in
course of his argument stated that it was wholly unnecessary to remand the case for ascertaining the
custom the appeal was decreed and the lower court decree was restored.
63
ILR 10 All (1888) 358
64
Ibid
46
The Gokal Prasad case is an important decision in several ways. In the first place, the
extensive examination of the cases undertaken by the court illustrates the existence of the
customary right to privacy prior to the present decision. A right of privacy is a customary
easement and may be acquires by virtue of local custom. 65 To give rise to a right of action for
infringement of a right of privacy the act complained of must amount to substantial or material
interference with such right.66 In Chinthala Krishnamurthy v. Uppala Rajlingam67 it was
observed on this aspect “ Eve other wise , the material on record does not warrant the inference
that the plaintiff has a right of privacy in respect of his site to say that it was infringed or will be
infringed if windows were to be opened by the defendants in their wall. There is such a thing as a
natural right of privacy and all the High Courts in India except the High Court of Calcutta.
In U.O.I v Association for Democratic Reforms68 the Supreme Court observed that the
citizens of India have a right to know every public act, everything that is done in public way by
the public functionaries. Public education is essential for functioning of the process of popular
government and to assist the discovery of truth and strengthening the capacity of an individual in
participating in the decision making process. Thus e-governance and right to information are
interrelated and are two sides of the same coin.
65
Tika Ram Joshi v. Ram Lal Shah, AIR 1935 All.754.
66
Ram Joshi v. Ramlal Shah, AIR 1935 All 754 at 756.
67
AIR 1980 A.P. 69 at 73.
68
(2002) 5 SCC 361
47
CHAPTER - 4
DATA PROTECTION & PRIVACY
4.1 Meaning of Data

The Oxford English Dictionary defines the term “data 69” to connote things given or
granted; things known or assumed as facts and made the basis of reasoning or calculation; facts
collected together for reference or information; quantities, characters or symbols on which
operations are performed by computers and other automatic equipment, and which may be stored
and transmitted in the form of electrical signals, records on magnetic, optical or mechanical
recording media, etc. Further, the term “data” has been defined in a number of legislations
worldwide,70 which signifies its importance in today's day and age. It may be relevant to look at
some of these definitions. The United Kingdom Data Protection Act, 1998 (UK Act) defines
data71 as information which:
1. Is being processed by means of equipment operating automatically in response to

instructions given for that purpose,
2. Is recorded with the intention that it should be processed by means of such equipment,
3. Is recorded as part of a relevant filing system or with the intention that it should form part
of a relevant filing system, or
4. Does not fall within paragraph (a), (b) or (c) but forms part of an accessible record as
defined by section 68.
The UK Act further defines “personal data”72 as data, which relates to a living individual who
can be identified:
1. from the data, or

2. from the data and other information which is in the possession of, or is likely to come
into the possession of, the data controller,
69
The Oxford English reference Dictionary, Judy Pearsall and Bill Trumble (edited by them), 2nd Edition,
1996, Oxford University Press.
70
Section 1(a) of the Data Protection Act, 1988(UK Act), Section 2(o) of the Information Technology Act,
2000
71
Section 1(a) of the Data Protection Act, 1988.
72
Section 1(e) of the Data Protection Act, 1998.
48
3. Includes any expression of opinion about the individual and any indication of the intentions
of the data controller or any other person in respect of the individual.
In view of the information revolution, which has resulted from the coupling of computer
techniques, telecommunications, multimedia and the lightning development of the Internet, the
legislations have also therefore laid stress and emphasis on the computer-processed and
computer stored forms of data.73
4.2 Need Regulation of Data Protection

It is well understood that the free flow of information has contributed to the globalization and
virtualization of society and thus had raised concerns about security, respect of fundamental rights and
privacy. The keeping of records on individuals for various purposes and the risks of infringement of
privacy, by both public and private sectors, have never been easier than today, through the use of new
technologies and the convergence of their application. One example of such infringement of privacy is
often reflected in a number of unidentified calls received by consumers today by number of companies
selling its products on telephone and e-mails on the basis of the data collected by them through sources
that are not disclosed to consumers.
Therefore, an active policy and awareness by and on behalf of citizens is constantly a necessity.
The privacy of an individual’s home or routine conduct of business in an organization is now interrupted
by telephone calls from tele marketing executives on behalf of the banks, financial institutions, mobile
phone companies etc. with various offers. Clearly there is a violation of personal privacy by such calls.
Recently a recipient filed a public interest writ 74 petition before the Supreme Court against several banks
and mobile phone service providers alleging, inter alia, that the respondents were in violation of
petitioner’s privacy.
A core problem in this respect concerns what forms of regulation actually benefits
citizens and how their interests can be determined. Further, as data protection is in the interest of
the citizen this regulation must, as a starting point is acceptable. However, there are several
conflicting interests that are active within this field and it is a constant battle to ensure that these
73
Note: Legislations laying stress and emphasis on the computer processed and computer stored forms of
data, Data Protection Act, 1988, Information Technology Act, 2000, OECD guidelines on data protection
(1980.)
74
Source Link: www.manupatra.com/downloads/2005-data/TelePIL.pdf.
49
interests are balanced and that those of citizens are sufficiently protected. In view of this, it is
further important to look at the efforts made for regulation and protection of data internationally.
4.2.1 Data Protection Laws in India
Data Protection refers to the set of privacy laws, policies and procedures that aim to
minimize intrusion into one's privacy caused by the collection, storage and dissemination of
personal data. Personal data generally refers to the information or data which relate to a person
who can be identified from that information or data whether collected by any Government or any
private organization or an agency.
The Constitution of India does not patently grant the fundamental right to privacy.
However, the courts have read the right to privacy into the other existing fundamental rights, ie,
freedom of speech and expression under Art 19(1)(a) and right to life and personal liberty under
Art 21 of the Constitution of India. However, these Fundamental Rights under the Constitution
of India are subject to reasonable restrictions given under Art 19(2) of the Constitution that may
be imposed by the State. Recently, in the landmark case of Justice K S Puttaswamy (Retd.) &
Anr. vs. Union of India and Ors., the constitution bench of the Honorable Supreme Court has
held Right to Privacy as a fundamental right, subject to certain reasonable restrictions.
India presently does not have any express legislation governing data protection or
privacy. However, the relevant laws in India dealing with data protection are the Information
Technology Act, 2000 and the (Indian) Contract Act, 1872. A codified law on the subject of data
protection is likely to be introduced in India in the near future. The (Indian) Information
Technology Act, 2000 deals with the issues relating to payment of compensation (Civil) and
punishment (Criminal) in case of wrongful disclosure and misuse of personal data and violation
of contractual terms in respect of personal data.
Under section 43A of the (Indian) Information Technology Act, 2000, a body corporate
who is possessing, dealing or handling any sensitive personal data or information, and is
negligent in implementing and maintaining reasonable security practices resulting in wrongful
loss or wrongful gain to any person, then such body corporate may be held liable to pay damages
50
to the person so affected. It is important to note that there is no upper limit specified for the
compensation that can be claimed by the affected party in such circumstances.
The Government has notified the Information Technology (Reasonable Security Practices

and Procedures and Sensitive Personal Data or Information) Rules, 2011. The Rules only deals
with protection of "Sensitive personal data or information of a person", which includes such
personal information which consists of information relating to:-
 Passwords;
 Financial information such as bank account or credit card or debit card or other payment
instrument details;
 Physical, physiological and mental health condition;
 Sexual orientation;
 Medical records and history;
 Biometric information.
The rules provide the reasonable security practices and procedures, which the body
corporate or any person who on behalf of body corporate collects, receives, possess, store, deals
or handle information is required to follow while dealing with "Personal sensitive data or
information". In case of any breach, the body corporate or any other person acting on behalf of
body corporate, the body corporate may be held liable to pay damages to the person so affected.
Under section 72A of the (Indian) Information Technology Act, 2000, disclosure of
information, knowingly and intentionally, without the consent of the person concerned and in
breach of the lawful contract has been also made punishable with imprisonment for a term
extending to three years and fine extending to Rs 5,00,000 (approx. US$ 8,000). It is to be noted
that s 69 of the Act, which is an exception to the general rule of maintenance of privacy and
secrecy of the information, provides that where the Government is satisfied that it is necessary in
the interest of:
 the sovereignty or integrity of India,

 defence of India,
 security of the State,
51
 friendly relations with foreign States or
 public order or
 for preventing incitement to the commission of any cognizable offence relating to above
or
 for investigation of any offence,
It may by order, direct any agency of the appropriate Government to intercept, monitor or
decrypt or cause to be intercepted or monitored or decrypted any information generated,
transmitted, received or stored in any computer resource. This section empowers the Government
to intercept, monitor or decrypt any information including information of personal nature in any
computer resource. Where the information is such that it ought to be divulged in public interest,
the Government may require disclosure of such information. Information relating to anti-national
activities which are against national security, breaches of the law or statutory duty or fraud may
come under this category.
4.2.2 Information Technology Act, 2000
The Information Technology Act, 2000 (hereinafter referred to as the "IT Act") is an act
to provide legal recognition for transactions carried out by means of electronic data interchange
and other means of electronic communication, commonly referred to as "electronic commerce",
which involve the use of alternative to paper-based methods of communication and storage of
information to facilitate electronic filing of documents with the Government agencies.
4.2.3 Grounds on which Government can interfere with Data
Under section 69 of the IT Act, any person, authorised by the Government or any of its
officer specially authorised by the Government, if satisfied that it is necessary or expedient so to
do in the interest of sovereignty or integrity of India, defence of India, security of the State,
friendly relations with foreign States or public order or for preventing incitement to the
commission of any cognizable offence relating to above or for investigation of any offence, for
reasons to be recorded in writing, by order, can direct any agency of the Government to
intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any
information generated, transmitted, received or stored in any computer resource. The scope of
52
section 69 of the IT Act includes both interception and monitoring along with decryption for the
purpose of investigation of cyber-crimes. The Government has also notified the Information
Technology (Procedures and Safeguards for Interception, Monitoring and Decryption of
Information) Rules, 2009, under the above section.
The Government has also notified the Information Technology (Procedures and Safeguards for
Blocking for Access of Information) Rules, 2009, under section 69A of the IT Act, which deals
with the blocking of websites. The Government has blocked the access of various websites.
4.2.4 Penalty for Damage to Computer, Computer Systems, etc. under the IT Act
Section 43 of the IT Act, imposes a penalty without prescribing any upper limit, doing any of the
following acts:
1. Accesses or secures access to such computer, computer system or computer network

2. Downloads copies or extracts any data, computer data base or information from such
computer, computer system or computer network including information or data held or
stored in any removable storage medium;
3. Introduces or causes to be introduced any computer contaminant or computer virus into
any computer, computer system or computer network;
4. Damages or causes to be damaged any computer, computer system or computer network,
data, computer data base or any other programs residing in such computer, computer
system or computer network;
5. Disrupts or causes disruption of any computer, computer system or computer network;
6. Denies or causes the denial of access to any person authorized to access any computer,
computer system or computer network by any means; (g) provides any assistance to any
person to facilitate access to a computer, computer system or computer network in
contravention of the provisions of this Act, rules or regulations made there under;
7. Charges the services availed of by a person to the account of another person by
tampering with or manipulating any computer, computer system, or computer network,
he shall be liable to pay damages by way of compensation to the person so affected..
53
8. Destroys, deletes or alters any information residing in a computer resource or diminishes
its value or utility or affects it injuriously by any means;
9. Steel, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter
any computer source code used for a computer resource with an intention to cause
damage.
4.2.5 Tampering with Computer Source Documents as provided for under the IT Act, 2000
Section 65 of the IT Act lays down that whoever knowingly or intentionally conceals, destroys,
or alters any computer source code used for a computer, computer programme, computer system
or computer network, when the computer source code is required to be kept or maintained by law
for the time being in force, shall be punishable with imprisonment up to three years, or with fine
which may extend up to Rs 2,00,000 (approx. US$3,000), or with both.
4.2.6 Computer related offences
Section 66 provides that if any person, dishonestly or fraudulently does any act referred to in
section 43, he shall be punishable with imprisonment for a term which may extend to three years
or with fine which may extend to Rs 5,00,000 (approx. US$ 8,000)) or with both.
4.2.7 Penalty for Breach of Confidentiality and Privacy
Section 72 of the IT Act provides for penalty for breach of confidentiality and privacy. The
Section provides that any person who, in pursuance of any of the powers conferred under the IT
Act Rules or Regulations made there under, has secured access to any electronic record, book,
register, correspondence, information, document or other material without the consent of the
person concerned, discloses such material to any other person, shall be punishable with
imprisonment for a term which may extend to two years, or with fine which may extend to Rs
1,00,000, (approx. US$ 3,000) or with both.
4.2.8 Amendments as introduced by the IT Amendment Act, 2008
Section 10A was inserted in the IT Act which deals with the validity of contracts formed through
electronic means which lays down that contracts formed through electronic means "shall not be
54
deemed to be unenforceable solely on the ground that such electronic form or means was used
for that purpose".
The following important sections have been substituted and inserted by the IT Amendment Act,
2008:
1) Section 43A – Compensation for failure to protect data.

2) Section 66 – Computer Related Offences.
3) Section 66A – Punishment for sending offensive messages through communication
service, etc. (This provision had been struck down by the Hon'ble Supreme Court as
unconstitutional on 24th March 2015 in Shreya Singhal vs. Union of India)
4) Section 66B – Punishment for dishonestly receiving stolen computer resource or
communication device.
5) Section 66C – Punishment for identity theft.
6) Section 66D – Punishment for cheating by personation by using computer resource.
7) Section 66E – Punishment for violation for privacy.
8) Section 66F – Punishment for cyber terrorism.
9) Section 67 – Punishment for publishing or transmitting obscene material in electronic
form.
10) Section 67A – Punishment for publishing or transmitting of material containing sexually
explicit act, etc, in electronic form.
11) Section 67B – Punishment for publishing or transmitting of material depicting children in
sexually explicit act, etc, in electronic form.
12) Section 67C – Preservation and Retention of information by intermediaries.
13) Section 69 – Powers to issue directions for interception or monitoring or decryption of
any information through any computer resource.
14) Section 69A – Power to issue directions for blocking for public access of any information
through any computer resource.
15) Section 69B – Power to authorize to monitor and collect traffic data or information
through any computer resource for cyber security.
16) Section 72A – Punishment for disclosure of information in breach of lawful contract.
17) Section 79 – Exemption from liability of intermediary in certain cases.
55
18) Section 84A –Modes or methods for encryption.
19) Section 84B –Punishment for abetment of offences.
20) Section 84C –Punishment for attempt to commit offences
4.3 Regulation of Data Protection

4.3.1 OECD Guidelines and Data Protection
It was in the year 1980 that an international team of experts convened by the
Organization of Economic Co-operation and Development (OECD), developed a set of privacy
guidelines, consisting of a total of eight "privacy principles" and enforcement approaches. The
OECD Guidelines were intended to offer harmonized protection of individual privacy rights
while simultaneously being flexible enough to apply across a variety of social, legal, and
economic circumstances.
4.3.1.1 Basis for the OECD Guidelines
There has been an increasingly widespread trans-jurisdictional flow of personal data across
international frontiers in the past few decades owing to the rapid advancement in data
transmission technology and technological processes and leading to emerging issues in the areas
of unlawful storage of personal data, storage of inaccurate personal data and the unauthorized
disclosure or onward transmission of such data leading to the abuse of personal data privacy.75
A need to protect personal data privacy has been recognized by various countries in the form
of legislations, regulations and policy guidelines formulated by them in this regard however there
has also been a parallel recognition in as much as that any disparities in such sometimes
diverging legislations, regulations and policy guidelines across countries could disrupt the free
trans border flow of necessary personal data and further that such disruptions could impart
serious damage to critical sectors of the economy such as banking and insurance.
Recognizing the above issues, the OECD member countries decided that it would be
imperative to formulate comprehensive guidelines to harmonize the various national privacy
75
OECD Guidelines on data protection (1980) – Guidelines Governing the Protection of Privacy and Transborder
Flows of Personal Data, adopted 23.9.1980;
http://europa.eu.int/comm/internal_market/privacy/instruments/ocdeguideline_en.htm
56
legislations, regulations and policy guidelines in order to develop a dual framework of upholding
privacy protection of personal data as well preventing interruptions in the trans border flow of such
data. The OECD Guidelines on the Protection of Privacy and Trans Border Flows of Personal Data
(Guidelines) were framed as a result of the above recognition in the form of recommendations made
by the Council. The Guidelines were formally adopted with effect from September 23, 1980 and
represent a consensus on basic principles that can either be built into existing national legislations,
regulations and policy guidelines of member countries or in the alternative, serve as a basis for
legislations in member countries that do not have the same in the form and manner set out as follows:
1. Member countries take into account in their domestic legislations the principles concerning
the protection of privacy and individual liberties set forth in the Guidelines;
2. Member countries endeavor to remove (if created) or avoid creating unjustified obstacles
to trans border flows of personal data in the name of privacy protection;
3. Member countries co-operate with one another towards the comprehensive
implementation of the Guidelines; and
4. Member countries agree at the earliest on specific procedures of consultation and co-
operation for the application of the Guidelines.
4.3.1.2 Scope of the OECD Guidelines
The broad scope of the Guidelines is as follows:
1. The Guidelines permit the application of different measures of data protection to different
categories of personal data on the basis of the nature and the context in which such
categories of data are collected, stored, processed or disseminated;
2. The Guidelines cover personal data that does not purportedly contain any risk to privacy or
individual liberties i.e. simple and factual data if used in a context where the same may become
offensive to the subject of such data shall be included in the scope. However, data collections of
an obviously innocent nature such as personal notebooks are excluded;
3. The Guidelines in their application extend to both forms of processing of personal data i.e.
the automated form of processing personal data and the non-automated form;
57
4. The Guidelines permit the exceptions contained therein including those relating to
national sovereignty, national security and public policy subject to such exceptions being
restricted to as few as possible and further subject to the same being made known to the
public at large;
5. The Guidelines permit their comprehensive observance in the particular context of
federal country jurisdictions to be affected by the division of powers in such
jurisdictions; and
6. The Guidelines purport to be construed as minimum standards that are flexible to and
capable of being supplemented by any additional measures adopted for the protection of
privacy and individual liberties.
4.3.1.3 OECD Guidelines: Basic Principles of National Application
For example, sensitive data relating to an individual could be regarding an individual's health,
race, religion and criminal records the use of which could be detrimental or discriminatory in
relation to an individual and hence should not be without the knowledge or consent of the data
subject. This forms the basis for the privacy legislation of countries such as the United States.
Though it may be difficult to universally specify as to what constitutes "sensitivity", however the
following limits have been recognized in the collection and processing of data, which could be
considered sensitive:
1. Data quality aspects i.e. to be able to derive information of sufficiently high quality from
the data collected and that the data should be collected in a proper information
framework;
2. Limits associated with the purpose of data processing i.e. only certain categories of data
ought to be collected and that data collection should be restricted to the minimum to
fulfill the specified purpose;
3. "Earmarking” of especially sensitive data according to traditions and attitudes in each
member country;
4. Limits to data collection activities of certain data controllers;
5. Civil rights' concerns.
This principle is further directed against practices that involve, for instance, the use of
hidden data registration devices such as tape recorders, or deceiving data subjects to make them
58
supply information. The knowledge or consent of the data subject is a minimum critical
requirement. However, there is an exception in respect of situations where for practical or policy
reasons, the knowledge of the data subject is not considered necessary. Criminal investigation
activities and the routine updating of mailing lists are examples in this regard. Further, the
principle does not also exclude the possibility of a data subject being represented by another
party, for instance in the case of minors and mentally disabled persons.
The Guidelines are primarily an embodiment of eight comprehensive principles relating to Data
Protection. The Principles are set out herein below as follows:
1. Collection Limitation Principle: This principle deals with the basic issue that it is desirable to
recognize the categories of data, which could be per se sensitive, and therefore the collection of
such sensitive data should be restricted or even prohibited. 76
2. Data Quality Principle: Personal data should be relevant to the purposes for which they are
to be used and, to the extent necessary for those purposes, should be accurate, complete and kept
up-to-date.77 The principle deals with the accuracy, completeness and up-to-datedness of data,
which are all important elements of the data quality concept. The requirements in this respect are
linked to the purposes of data i.e. they are not intended to be more far-reaching than is necessary
for the purposes for which the data are used. Thus, historical data may often have to be collected
or retained; cases in point are social research, involving so-called longitudinal studies of
developments in society, historical research, and the activities of archives.
3. Purpose Specification Principle: The purposes for which personal data are collected should
be specified not later than at the time of data collection and the subsequent use limited to the
fulfillment of those purposes or such others as are not incompatible with those purposes and as
are specified on each occasion of change of Purpose. 78 The purpose for which the data is being
processed must also be legitimate, i.e. in the case of processing of personal data in the context of
electronic commerce transactions; the data must only be processed for the purpose of carrying
out the service and to enhance the quality of the service.
76
Principle 7 of the OECD Guidelines on data protection (1980).
77
Ibid,
78
Ibid,
59
The principle is closely associated with the two surrounding principles, i.e. the Data Quality Principle
(supra) and the Use Limitation Principle (below). It implies that prior to, and in any case not later
than at the time of data collection, it should be possible to identify the purposes for which these data
are to be used and that any later changes of purposes should likewise be specified. Such specification
of purposes can be made in a number of alternative or complementary ways, e.g. by public
declarations, information to data subjects, legislation, administrative decrees, and licenses provided
by supervisory bodies. New purposes should not be introduced arbitrarily and the freedom to make
changes should imply compatibility with the original purposes. Finally, when data no longer
serve a purpose, and if it is practicable, it may be necessary to have them destroyed or given an
anonymous form. The reason is that control over data may be lost when data are no longer of
interest; this may lead to risks of theft, unauthorized copying or the like.
4. Use Limitation Principle: Personal data should not be disclosed, made available or
otherwise used for purposes other than those specified in accordance with the Purpose
Specification Principle except: a) with the consent of the data subject; or b) by the authority of
law.79 The principle deals with uses of different kinds, including disclosure, which involve
deviations from specified purposes. For instance, data may be transmitted from one computer to
another where they can be used for unauthorized purposes without being inspected and thus
disclosed in the proper sense of the word. Therefore, the initially or subsequently specified
purposes should be decisive for the uses to which the concerned data can be put. The two
exceptions, as stated above are the consent of the data subject (or his representative) and the
authority of law (including, for example, licenses granted by supervisory bodies). For instance, it
may be provided that data, which have been collected for purposes of administrative decision-
making, may be made available for research, statistics and social planning.
5. Security Safeguards Principle: Personal data should be protected by reasonable security

safeguards against such risks as loss or unauthorized access, destruction, use, modification or
disclosure of data.80 This principle highlights that while security and privacy issues may not be
identical however, security safeguards should reinforce limitations on data use and disclosure.
Further, such safeguards shall include physical measures (locked doors and identification cards, for
instance), organizational measures (such as authority levels with regard to access to data and
79
Ibid,
80
Ibid
60
obligations for data processing personnel to maintain confidentiality) and, particularly in
computer systems, informational measures (such as enciphering and threat monitoring of unusual
activities and responses to them). Under this principle, "loss" of data purports to encompass such
cases as accidental erasure of data, destruction of data storage media (and thus destruction of
data) and theft of data storage media while "modified" is construed to cover unauthorized input
of data, and "use" to cover unauthorized copying.
6. Openness Principle: There should be a general policy of openness about developments,
practices and policies with respect to personal data. Means of establishing the existence and
nature of personal data, and the main purposes of their use, as well as the identity and usual
residence of the data controller should be readily available. This principle may be viewed as a
prerequisite for the Individual Participation Principle; for the latter principle to be effective, it must
be possible in practice to acquire information about the collection, storage or use of personal data.
Regular information from data controllers on a voluntary basis, publication in official registers of
descriptions of activities concerned with the processing of personal data, and registration with public
bodies are some, though not all, of the ways by which this may be brought about. The reference to
means, which are "readily available”, implies that individuals should be able to obtain information
without unreasonable effort as to time, advance knowledge, traveling, and so forth, and without
unreasonable cost.
7. Individual Participation Principle: Under the provisions of this principle, an individual
should have the right:
7.1 To obtain from a data controller (or otherwise) a confirmation of whether or not the data
controller has data relating to him; and
7.2 To have communicated to him, data relating to him
7.1.1. within a reasonable time;
7.1.2. at a charge, if any, which is not excessive;
7.1.3. in a reasonable manner; and
7.1.4. in a form that is readily intelligible to him;
7.3 To be given reasons if a request made under subparagraphs (a) and (b) is denied, and to
be able to challenge such denial; and
7.4 To challenge data relating to him and, if the challenge is successful to have the data erased,
rectified, completed or amended.81
81
Ibid
61
The right of individuals to access and challenge personal data is generally regarded as the
most important privacy protection safeguard. The right to access should be part of the day-to-day
activities of the data controller or his representative and should not involve any legal process or
such similar measures. In some cases it may be appropriate to provide for intermediate access to
data; for example, in the medical field, a medical practitioner can serve as a go-between. In some
countries supervisory organs, such as data inspection authorities, may provide similar services.
Further, the requirement that data be communicated within reasonable time may be satisfied in
different ways. For instance, a data controller who provides information to data subjects at
regular intervals may be exempted from obligations to respond at once to individual requests.
Communication of such data "in a reasonable manner" is construed to mean that
problems of geographical distance should be given due attention. Moreover, if intervals are
prescribed between the times when requests for access must be met, such intervals should be
reasonable. The extent to which data subjects should be able to obtain copies of data relating to
them is a matter of implementation, which as per the interpretation of this principle must be left
to the decision of each member country.
The right to be given reasons is narrow in the sense that it is limited to situations where
requests for information have been refused. The right to challenge in (c) and (d) purports to be
broad in scope and includes first instance challenges to data controllers as well as subsequent
challenges in courts, administrative bodies, professional organs or other institutions according to
domestic rules of procedure. The right to challenge also does not imply that the data subject can
decide what remedy or relief is available (rectification, annotation that data are in dispute, etc.).
Such matters are the subject of domestic law and legal procedures.
8. Accountability Principle: A data controller should be accountable for complying with

measures that give effect to the principles stated above.82 This principle is structured on the
premise that since the data controller takes decisions in respect of both data and data processing
activities; it is for his benefit that the processing of data is carried out. Accordingly, it becomes
essential that accountability for complying with privacy protection rules and decisions should be
placed onto the data controller irrespective of the processing of data being carried out by another
party such as a service bureau. On the other hand however, the Guidelines do not prevent service
82
Ibid
62
bureau personnel, "dependent users" and others from also being held accountable. Accountability
refers to accountability supported by legal sanctions, as well as to accountability established by
codes of conduct, for instance.
4.3.2 European Union and Data Protection

In the European Union (EU), the protection, of personal information became widespread
after the Second World War. The explosion of information power brought about by computing
established fears that the usage of the new machines might weaken or undermine individual
human rights surfaced quite early in mainland Europe. Europe had only established its Human
Rights Commission in the 1950s after the European Convention for the Protection of Rights and
Fundamental Freedoms was adopted in 1950.
The suggestion that data movements might be curtailed or controlled on human rights
grounds gave rise, in its turn, to reservations of a different kind; such as trade being fettered if
information could not flow freely. The development of standards for the use and dissemination
of personal data, or data protection standards, proved to be the response to these apprehensions.
The standards laid by the European Union are seen embodied in enforceable laws throughout
Europe and in many other parts of the world.
4.3.2.1 EC Directive83
In 1995, the EU84 adopted its data protection directive (95/46/EC)85, and established a
detailed Privacy regulatory structure for prospective and intended adoption into national law by
EU member states. The directive adopted the OECD concepts on data protection in its directive.
However, the directive made several important changes or additions to the OECD Guidelines
such as the creation of a "legitimacy" principle 86, which prohibits any data to be processed that
does not have a legitimate purpose.
It further interpreted the openness principle87 to require national registration of databases
and data controllers and promoted the free flow of information only between and amongst the
83
EC Directive on data protection (1995) – Directive 95/46/EC of the European Parliament and of the Council
of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the
free movement of such data (OJ No L 281(1995), 31).
84
Ibid
85
Directive 95/46/EC on the Protection of Individuals with Regard to the Processing of Personal Data and on
the Free Movement of such Data (O.J.No L 281(1995) p. 31 et seq.) .
86
Note: This principle prohibits any data to be processed, which does not have any legitimate purpose.
87
Principle 12 of the OECD Guidelines on data protection (1980).
63
EU member states. The cross border transfer to other countries was prohibited unless the other
country provided an "adequate" level of protection, although the same was made subject to
certain exception.
The EU member states have a tradition of industry- government dialogue and the use of industry
codes of conduct. The EU directive explicitly encourages the use of such "self-regulatory"
measures; thereby making the impact of the directive less burdensome. In other words, these
codes allow regulatory measures to be flexible in order to keep pace with technological
developments and with evolving industry practices. These codes further assist in avoiding
unnecessary regulatory barriers and limiting the discretionary exercise of regulatory authority.
This directive was thus an important initiative to protect personal information by prohibiting the
transfer of such personal data to those countries, which did not conform to the privacy protection
requirements of the EU88.
4.3.3 United Kingdom and Data Protection

UK enacted the UK Data Protection Act, 1984 as amended by the UK Data Protection
Act, 1998 (DPA). The 1984 Act drew on both the OECD and Council of Europe principles. It set
out eight principles for data handling, largely drawn from the two international instruments and
state that the personal data should be89:
1. lawfully processed;
2. lawfully obtained;
3. adequate and relevant;
4. accurate and up to date;
5. stored for a specific purpose and a reasonable duration;
6. processed in accordance with the rights of the owners of such data;
7. appropriate technical and organizational measures should protect against unauthorized
use of such data and provide overall protection; and
8. trans border flow of information between countries with similar levels of protection.
88
Source Link: http://www.legalsitecheck.com/dataprotection.html.
89
Section 4(4) of the Data Protection Act 1998, Paul Marett,” Information Law in Practice”, 2nd edition,
(Ashgate Publishing Limited, 2002), Ian Lloyd,”Legal aspects of Information Society”, (Butterworths,
London, 2000) .
64
The DPA provides a fairly detailed route map wherein various measures of protecting
personal information / individual privacy is set out. These eight principles provide legal,
technical and contractual protection to personal data and further also state the parameters within
which personal data is to be processed, obtained, stored and used in the public domain. These
principles also govern data exchange beyond the national level to protect information crossing
the local borders. Indeed a comprehensive protection is put forth within these principles for
personal data. Any contravention of the rights of the individual owning personal data is subject
to compensation for the extent of damage.
65
66
4.3.4 United States of America and Data Protection
In the United States however, privacy protection is implanted in a much longer historical
development path as the same was developed in a fragmented manner commencing from the
basic principles of tort law and as a by- product of industry-specific legislation, such as the Fair
Credit Reporting Act of 1970.
The US currently has no legislation specific to consumer data privacy protection, relying
instead upon the industry self-regulation approach to the OECD Guidelines. Having stated that
however, due to immense pressure to strengthen consumer data protection owing to the looming
threat of the requirements of the EU data directive, the Federal Trade Commission (FTC) has taken a
more proactive approach in protecting consumer data, acting pursuant to its authority to prevent
unfair and deceptive trade practices in accordance with the FTC Act.
4.3.5 Asia Pacific and Data Protection

In November 2004, the Asia-Pacific Economic Cooperation (APEC), a forum established
in 1989 for facilitating economic growth, co-operation, trade and investment in the Asia Pacific
Region endorsed a privacy framework based in principle structure and import upon the core
fundamentals of the OECD Guidelines.
The same recognizes “reasonable expectation” of privacy and imparts due emphasis to
the benefits of participation in a global information economy. It specifically endorses
“proportionality” in terms of national regulation so that regulation and remedy are proportional
to the likelihood and significance of causing harm to an individual subject. The framework
further focuses upon the “core fundamentals” of the OECD Guidelines and on the use of the
Internet to provide notice, consent, and control. It may be noted that like the OECD, the APEC is
only a inter-governmental grouping and operates on the basis of non-binding commitments, open
dialogue and equal respect for the views of all participants.
67
4.3.6 India and Data Protection
India is today viewed as one of the information technology majors. The increasing number of
technology related crimes in India recently reflects the growth of Information Technology Industry. 90 It
has been suggested that India has a ‘robust data protection law’ 91 in the shape of IT Act, 2000 which
does not prescribe any rules relating to crucial aspects of data protection such as the processing of
personal data, the conditions under which the data may be collected from an individual, the
precautions to be taken while collecting data, confidentiality and security of processing of the
data collected.
The (Indian) Information Technology Act, 2000 (Act) defines "data" to mean a
representation of information, knowledge, facts, concepts or instructions which are being
prepared or have been prepared in a formalized manner, and is intended to be processed, is being
processed or has been processed in a computer system or computer network, and may be in any
form (including computer printouts, magnetic or optical storage media, punched cards, punched
tapes) or stored internally in the memory of the computer. Currently there are no “data
protection” specific laws in India. However, in the absence of specific laws, the Indian judicial
system offers a few stand-in laws and other indirect safeguards e.g. Information Technology Act,
2000 and the Indian Penal Code, 1860 Now for the most comprehensive regulatory statute on
technology available in India - the Information Technology Act, 2000. This statute provides an
environment for various aspects of commerce in the information society.
Section 1(2) read with Section 75: Long Arm Jurisdiction92 Sec.1 (2) read with Sec.75 of the Act
provides for an extra-territorial application of the provisions of the Information Technology Act.
Section 43: Access without permission93
If a person without the permission of the person in-charge of the computer system, accesses,
downloads any data, introduces virus or causes denial of access, will be liable for a penalty of up
to Rs. 10,000,000. Section 43 of the Information Technology Act is proposed to be amended to
90
Recent examples are the case of the attempted sale of a pornographic video clipping that resulted in the
dismissal of the CEOof bazee.com, an auction portal owned by e-bay Inc, and the case of multimedia clipping
transmitted via mobile handsets where the naked body of woman was morphed with a famous bollywood
actress.(Issues of Data protection in the context of Outsourcing from Switzerland and the EU to India, Dr.
Ursula Widmer, Bern and Latha R Nair , CRi January 1st , 2006 , p 18-23)
91
See Na. Vijayshankar “India has a robust data protection law” 24th June 2005, as last visited on
15.03.2022, available at the link: http://www.naavi.org/cl_editorial_05/edit_june_24_05_01.htm.
92
Information Technology Act, 2000.
93
Ibid
68
say, if anybody corporate, that owns or handles sensitive personal data or information in a
computer resource that it owns or operates, is found to have been negligent in implementing and
maintaining reasonable security practices and procedures, it shall be liable to pay damages by
way of compensation not exceeding Rs. 10,000,000 to the person so affected. Reasonable
security practices and procedures have been defined as such security practices and procedures as
appropriate to the nature of the information to protect that information from unauthorized access,
damage, use, modification, disclosure or impairment, as may be prescribed by the Central
Government in consultation with the self-regulatory bodies of the industry, if any.
Chapter X94
Creation of a Cyber Appellate Tribunal is envisaged to oversee adjudication of cyber-crimes

such as damage to computer systems (Section 43) and breach of confidentiality (Section 72).
Section 65 and 66: Tampering with Computer Source Code and Hacking95
Section 65 deals with the issue of tampering with computer source documents. According to
Section 65, anyone who deliberately or purposely hides, destroys or alters any computer source
code or induces someone else to do so shall be punishable with imprisonment up to 3 years, or
with fine, which may go up to Rs. 200,000, or with both.
According to Section 66, hacking is committed if someone, with the intention of causing
wrongful loss or damage (or with the knowledge that such damage or loss is likely to result) to
the public / any person, destroys /deletes / alters any information residing in a computer resource,
diminishes its value or utility, or affects it injuriously by any means. If a person commits
hacking, he/she is liable to be punished with imprisonment up to 3 years, or with a fine, which
may go up to Rs. 200,000, or with both. Section 66 of the Information Technology Act while
making unauthorized access of a computer system an offence also makes unauthorized
downloading/ extraction of data also an offence. Though this provision does not deal with
privacy directly it can be used in cases where personal information has been obtained through
unauthorized access.
94
Ibid
95
Ibid
69
Section 69: Intercepting Information96
This Section gives tremendous powers to Controller of Certifying Authorities (CCA) to direct
interception of any information transmitted through any computer resource. This direction is
only to be given if the CCA is satisfied that it is necessary or expedient so to do in the interests
of the following:
1. the sovereignty or integrity of India,

2. the security of the state,
3. friendly relations with foreign states,
4. public order, or
5. for preventing incitement to the commission of any cognizable offence
Section 69: Intercepting Information97
This Section requires that users disclose encryption keys or face a jail sentence up to 7 years.
Section 72: Breach of Confidentiality and Privacy98
Section 72 relates to the disclosure of certain information by any person who has gained access
to such information in pursuance of a power granted under Act. In case a person who has secured
access to any electronic record, book, register, correspondence, information, document, or other
material discloses any of these to any other person, he will be punished with imprisonment for a
term, which may extend to 2 years, or with a fine, which may go to Rs. 100,000 or with both.
The above provision does not apply to the disclosure of personal information regarding a person
in a website or by his email service provider, etc.
96
Ibid
97
Ibid
98
Ibid
70
Under the proposed amendments to Section 72, if any intermediary who by virtue of any
subscriber availing his services has secured access to any material or other information relating
to such subscriber, discloses such information or material to any other person, without the
consent of such subscriber and with intent to cause injury to him, such intermediary shall be
liable to pay damages by way of compensation not exceeding Rs.2,500,000 to the subscriber so
affected. Further the amendments to Section 72 also propose to make video voyeurism an
offence under the Act. However, recognizing the need for data protection in the technological
environment, the Central Government has taken several initiatives for the furtherance of data
protection. Some of the initiatives taken by the Ministry of Information Technology in India may
be mentioned:
 Standardization, Testing and Quality Certification (STQC) Directorate
Due to the international demand that Indian firms should have an international security standard
accreditation, the Indian government has set up the Standardization, Testing and Quality Certification
(STQC) Directorate (under the Department of Information Technology (DIT)). The Directorate has
been able to launch an independent third-party certification scheme for the Information Security
Management System, as per BS 7799 Part 2, and has achieved international recognition in the form
of accreditation from the RvA, Netherlands.

Computer Emergency Response Team (CERT)
The Indian Computer Emergency Response Team (CERT) was established by the DIT to be a
part of the international CERT community. CERT was set up to protect India's IT assets against
viruses and other security threats.
 Information Security Technology' Development Council (ISTDC)
The Ministry has recently set up the Information Security Technology Development Council
(ISTDC). The main objective of this program is to facilitate, coordinate and promote
technological advancements, and trespond to information security incidents, threats and attacks
at the national level99. The whole issue of data protection in the digital context probably hinges on
the contention of the interests of the individual versus the state, market and technology
99
NASSCOM: Regulations in India available at the link - http://www.nasscom.org as last visited on 20.04.2022.
71
developments. Organizations require to look now at how they collect, store and use personal data and
comply with existing laws and in absence of such laws, ask themselves whether they are adhering to
the ethical norms or not. It is therefore obligatory, both legally and morally, for the persons
possessing and handling data to monitor data protection processes holistically and in real time. It
is expected that this will help in achieving improved reliability and faster problem resolution.
Data protection monitoring and tuning work will not only include the help of advanced
system information processing and monitoring devises and software but also the human factor,
which is more critical. It cannot be denied that the sheer amount of data is growing rapidly, and
storage, replicating and transmitting technologies are advancing quickly. This makes it
imperative to design the storage infrastructure for the future, as well as for meeting present
needs. The infrastructure also needs to scale and adapt, as data protection needs change.
72
CHAPTER – 5
INFORMATIONAL & WORKPLACE PRIVACY
5.1 Information Privacy - Legal Approaches to its Protection

The concept of informational privacy is distinct from other aspects of privacy such as
physical intrusion and surveillance. Information privacy means the claim of individuals to determine
for themselves when, how and to what extent information about them is or may be communicated to
others.100 It may also be defined as the individual's ability to control the circulation of information
relating to him or her.101 Many people are unaware that when they go online, they leave an electronic
record of their movements and unwittingly provide personal information to people and organizations
that track such data.
Globalization and the growth of electronic technologies have challenged the ability of
states to ensure the privacy rights of their citizens. Information privacy initially emerged as a
value that could not be taken or misused by government without due process of law. This
concept was later developed into a set of best practice principles, both in the US and in the
European Union for ensuring fair processing, minimal intrusion and limited purposes in respect
of the use of personal data. Information privacy was most profoundly affected by the rapid
developments in information technology such as the increased use of computers and the setting
up of national databanks wherein the choice of the individual is seen as central to the concept of
privacy both in allowing physical intrusion and the sharing of information. It is almost ironic that
privacy is being threatened over Internet, as initially, Internet was perceived as a technology that
would afford its users a considerable level of anonymity and also provide a forum to which
would encourage and foster freedom of individual expression.
There are various different legal approaches in respect of the protection of information
privacy such as the Nordic, Civil and Common law approaches. The Nordic approach for instance is
defined as a combination of legal remedy available to the individual through rights of access and
100
Adam Carlyle Breckenridge, The Right to Privacy, 1971, quoted in, Madhavi Divan, "The Right to Privacy in the
Age of Information and Communications" (4) SCC 12-23(2002).
101
Ibid
73
the administrative regulation of computerized records.102 This approach pioneered information
legislation.
The Civil law approach differs from the Nordic approach in as much as it relies upon
statements of general principle. Its clear influence has been seen on two significant doctrines in
the development of privacy law namely, the US Constitution to protect certain types of behavior
including a right to privacy from government surveillance into an area where a person had a
'reasonable expectation of privacy and matters relating to marriage, procreation, child-rearing
and education. The second significant doctrine was developed through the European Convention
of Human Rights (ECHR), a codification of international human rights law.103
The Common law approach seeks to apply privacy protection principles through the
medium of individual cases. In the UK for instance, the emphasis had been on particular legal
remedies against particular infringements. Judges often developed such rights without reference
to Parliament. However, following the implementation of the first Data Protection Act in 1984,
this trend has been somewhat eclipsed, with the UK establishing a supervisory body to police the
legislation.104
5.1.1 Indian Scenario
In the Indian context, the rapidly growing services sector has resulted in both Indian and
trans-national corporate entities building up vast, exhaustive and detailed customer databases
with a view to providing personalized services such as insurance, personal banking, credit cards
etc. These databases contain confidential personal information and may be used by corporate for
their own purposes or for that of its affiliates. Also, these databases form a valuable corporate
asset, which finds many takers in the market for individual information.
102
Bing, “Data protection, jurisdiction and the choice of law “, 6 Privacy Law Policy Reporter 92-98 (1999).
103
Article 8 of the Convention: Right to respect for private and family life
1. Everyone has the right to respect for his private and family life, his home and his correspondence.
2. There shall be no interference by a public authority with the exercise of this right except such as is in
accordance with the law and is necessary in a democratic society in the interests of national security,
public safety or the economic well-being of the country, for the prevention of disorder or crime, for the
protection of health or morals, or for the protection of the rights and freedoms of others”
104
Source Link: http://www.twobirds.com/engkish/publications/articles/control_informationby_law.cfm as last
visited on 20.04.2022.
74
In this regard, any use, disclosure and retention of such information need to be strictly
regulated, through an established privacy enforcement regime. Any prospective Indian privacy
law would need to incorporate several facets of the above model, which, comprehensively deals
with the collection, and use of personal information. With the emergence of an increasingly
uniform set of norms governing commercial legal issues across the globe, it becomes imperative
for Indian lawmakers and the legislature to take note of the void that prevails in the critical area
of individual privacy protection.
5.1.2 Judicial trends in India relating to the Concept of Informational Privacy

In the Indian context, although there is no statutory enactment expressly guaranteeing a
general right of privacy to individuals in India, Indian courts recognize elements of this right, as
traditionally contained in the common law and in criminal law. These include the principles of
nuisance, trespass, harassment, defamation, malicious falsehood and breach of confidence. Under
the Indian Constitution, Article 21 of the Indian Constitution is a fairly innocuous provision in
itself where it states.105 Unfortunately, India has no statute on privacy laws except for certain
provisions of the Constitution of India, which have been interpreted by the courts to effect that
the right to privacy is enshrined in the provisions of the Constitution. 106 However, the above
provision has been deemed to include within its ambit, inter-alia, the Right to Privacy – “The
Right to be left alone”.107
5.1.2.1 Privacy in Tort Law
The Right to Privacy is further encompassed in the field of Torts. The tort of defamation
involves the right of every person to have his reputation preserved inviolate. It protects an
individual's estimation in the view of the society and its defenses are 'truth' and 'privilege', which
protect the competing right of freedom of speech. Essentially, under the law of torts, defamation
involves a balance of competing interests. In 1960, another scholar Prosser, having analyzed the
concept in several decision concluded that the law of privacy comprises four district kinds of
invasion of four different interests of the plaintiff, which are tied together by the common name,
105
Article 21,"No person shall be deprived of his life or personal liberty except according to procedure established
by law".
106
Mr. X v. Hospital Z (1998) 8 SCC 296 where the court pointed out that the right to privacy is enshrined in Article
21 of the Constitution of India.
107
Thomas M. Cooley, Torts 91 (2nd Ed.) 1888.
75
but otherwise have almost nothing in common except that each violate the right of the plaintiff in
the phrase coined by Judge Cooley, ‘to be let alone”. 108 These four torts may be described as
follows:
1. Intrusion upon the plaintiff’s seclusion or solitude, or into his private affairs
2. Public disclosure of embarrassing private facts about the plaintiff
3. Publicity, which places the plaintiff in a false light in the public eye
4. Appropriation, for the defendant’s advantage, of the plaintiff’s name or likeness109
5.1.2.2 Privacy under Contract Law and E-Commerce

There exist certain other means by which parties may agree to regulate the collating and
use of personal information gathered, viz. by means of a “privacy clause” or through a
“confidentiality clause” Accordingly, parties to a contract may agree to the use or disclosure of
an individual's personal information, with the due permission and consent of the individual, in an
agreed manner and/or for agreed purposes. Under Indian laws, the governing legislation for
contractual terms and agreements is the Indian Contract Act. Therefore, in a contract which
includes a "confidentiality clause" i.e. where an organization/company agrees to maintain the
confidentiality of information relating to an individual, any unauthorized disclosure of
information, against the express terms of the agreement would amount to a breach of contract
inviting an action for damages as a consequence of any default in observance of the terms of the
contract.
For example in the case of an insurance contract, globally, contracts of Insurance are
contracts of "Utmost good faith" (Uberrimae Fidei) and the contract is voidable where all
material facts are not disclosed. However, the duty of utmost good faith is reciprocal and the
insurance company has a corresponding duty to disclose clearly the terms of its offer and duly
abide by them. Therefore an insurance proposal, which contains a confidentiality clause
regarding personal information provided by the customer, cannot be disclosed without his prior
consent. Any breach of such term would invite an action for breach of contractual terms by the
insurer-customer.
108
Ibid
109
Ibid
76
In regard to a customer- insurance company relationship, an insurance company may,
solicit personal information about an individual wherein details could be sought, relating to an
individual's family, cultural background, ethnic origin, caste, childhood, education, medical
history, information regarding one's immediate family, their age, profession etc. or, in case of
data processing companies, there may be queries with regard to an individuals' professional
pursuits, income, investment decisions, preferences, spending patterns and so on. Despite an
express authorization from their customers, with regard to sharing of personal information by
corporate entities, there may still be instances where disclosure of certain sensitive and
embarrassing information could invite legal action from an individual, claiming that the actions
of a company which made an unauthorized disclosure resulted in causing such mental agony,
anguish, and social stigma, which he would not have otherwise had to bear or face.110
Internet as an important medium has also helped in increasing the trade and commerce
throughout the globe. Reason being simple as the Internet promises reduced costs, higher margins,
more efficient operations and higher profits, and all of this at a comparatively much higher speed, as
it would take in the real world. It is useful to both producers and consumers in developed and
developing countries as it helps them overcome the traditional barriers of distance from markets and
lack of information about market opportunities. Producers and traders no longer need to maintain
physical establishments requiring large capital outlays. Increased advertising possibilities worldwide
may help small and medium industries and businesses in developing countries that traditionally
find it difficult to reach the customer abroad. It may also enable such firms to eliminate
middlemen while trying to sell their products abroad.
European technology has always kept pace with the change .The E.U. member states are
required to legislate national laws to implement directives on data protection and e-commerce. One
of such European Directive on E- commerce is 2000/31/EC 111, which was enacted with a view to
inter alia; contribute to the proper functioning of the internal market by ensuring the free movement
of information society services among the member states. The E- Commerce Directive specifically
110
Awasthi Saurabh,” Privacy laws in India: Big Brother’s Watching You” CLJ 3 (2002), available at the link -
http://www.mondaq.com/article.asp? articleid=15723 as last visited on 23.04.2022.
111
European Directive 2000/31/EC (“the E- Commerce Directive”).
77
excludes from its purview issues relating to information society services already covered by the Data
Protection Directive.112
Implicit in the use of this medium for trade and commerce is the enormous amount of
data flowing through it and everyday more data is being generated. A substantial portion of this
data is not for public use or viewing. This type of data includes personal information of the
individuals residing in any country, confidential and privileged information of the business
houses, confidential government information.
Privacy issues have drawn a considerable attention amongst the discipline of law.
However, developing countries and many developed countries still lack literature on privacy
concerns related to the cyber space. When we talk about dealing with Internet privacy, it implies
'information privacy'. Invasion in the privacy occurs when the information of a consumer is not
used for the purpose it was procured. This may be in the form of circulation of information
without authorization to do the same, to use the information for purposes other than for which it
was obtained, modification of information without knowledge of the consumer etc. The main
privacy concern is that a consumer is prompted to enter personal information like e-mail address,
and this information can be packaged into a cookie and sent to the consumer's hard drive, which
stores it for later identification.
5.2 Privacy at Workplace

The Information age has radically altered the traditional legal and organizational
framework of work by blurring the once clear boundaries between an employee's personal and
professional lives. Employees experience increase autonomy and flexibility both at work and at
home with the increase in telecommuting and "mobile" working. These advances are aptly
facilitated by appropriate information systems and tools supplied by employers. However, these
same systems and tools facilitate the intrusion of professional life into personal sphere, and
sometimes the intrusion of the employer into the private lives of its employees.
Workers of the world are exposed to many types of privacy-invasive monitoring while
earning a living. These include drug testing, closed-circuit video monitoring, Internet monitoring
and filtering, E-mail monitoring, instant message monitoring, phone monitoring, location
112
See Article 1(5) of Directive 2000/31/EC.
78
monitoring, personality and psychological testing, and keystroke logging.113 Employers do have
an interest in monitoring in order to address security risks, sexual harassment, and to ensure the
acceptable performance of employees. However, these activities may diminish employee morale
.
and dignity, and significantly erode employees' privacy rights
The term electronic monitoring encompasses three different concepts. First, it includes an
employer's use of electronic devices to review and evaluate the performance of employee. For example,
an employer may use a computer to retrieve and review an employee's mail messages sent to and from
customers in order to evaluate the employee's performance as a customer service representative. Second,
it includes "electronic surveillance" in the form of an employer's use of electronic device to observe the
action of the employees, while employees are not directly performing the work task, or for a reason other
than to measure their work performance.114 For example, an employer may electronically review an
employee's email messages as part of an investigation of a sexual harassment complaint.
Electronic surveillance by an employer also includes compliance with a government search
warrant seeking an employee's voice mail or email communications on the employer's system.
Third, electronic monitoring includes an employer's use of computer forencics, the recovery and
reconstruction of electronic data after deletion, concealment, or attempted destruction of the data.
For example, an employer may use specialized software to retrieve email messages related to an
investigation of alleged theft of its trade secrets by retrieving email messages sent by an
employee to someone outside the company.115
Advancing technologies enhance employer capability to monitor employee use of
computer networks and the Internet within the workplace. Software enables employers to
secretly, and in real time, monitors employees' use of networked computers including individual
monitoring of each connected computer. Software enables employers to capture the images from
an employee's computer screen at random intervals and then compress those images to provide
documentation of all computer work software may also reveal the online activities off all
113
Source Link: http://www.privacyrights.org as last visited on 19.04.2022.
114
A full discussion of these concepts is provided in the Workplace Privacy: A Consultation Paper, June 1992,Part
2, pp23-37, also available at the link: http://www.ipc.on.ca/userfiles/page_attachments/safnet-e.pdf as last visited on
11.05.2022.
115
Ibid
79
employee's, including web sites visited, the length of the employees visits, and whether those
sites are productive or unproductive.
These electronic monitoring practices have significantly eroded employee privacy rights
however employers assert there are many good business reasons to electronically monitor
employees in the workplace, including (a) to monitor employee productivity in the workplace (b)
to maximize productive use of the employer's computer system when employees use computers
on job (c) to monitor employee compliance with employer workplace policies related to use of
its computer systems, email systems, and internet access (d) to investigate complaints of
employees misconduct, including harassment and discrimination complaints.(e) to prevent or
detect industrial espionage, such as theft of trade secrets and other proprietary information,
copyright infringement, patent infringement, or trademark infringement by employees and third
parties.116 The privacy directive has a direct and immediate effect on the human resource
operations of employers many employment records involve processing personal data covered by
the directive, including application forms and work references; payroll and tax information;
social benefits information; sickness records; annual leave records; unpaid leave/special leave
records; annual appraisal/assessment records; records relating to promotions, transfers, training,
and disciplinary matters; and records related to workplace accidents. Such data can be very
sensitive, as can be the manner in which the employer processes it.
5.2.1 EU privacy Directive117
The EU privacy directive is an important foundation for workplace privacy in Europe. The
directive applies to the processing of personal data wholly or in part by automatic means. It establishes
common rules for the EU to encourage freer flow of personal data within the union, thus furthering a
unified European market and protecting citizen’s right to privacy. 118 The privacy directive applies to
the processing of "personal data"119,defined as information relating to an identified or identifiable
natural person. An identifiable person is "one who can be identified, directly or indirectly, in
particular by reference to an identification number or to one or more factors specific to his
116
Gail Lasprogata, NancyJ.King and Sukanya Pillay, “ Regulation of Electronic Employee Monitoring: Identifying
Fundamental Principles of Employee Privacy through a comparative study of Data Privacy.
117
See Article 1 the Object of the Directive 95/46/EC.
118
Ibdi
119
See Article 1 the Object of the Directive 95/46/EC.
80
physical, physiological, mental, economic, cultural or social identity. The issue of maintaining
privacy and consequent protection of such confidential information of an individual was first set out
under the Organization for Economic Cooperation and Development (OECD) Guidelines. 120 The
guidelines concentrated on the issue of safe and sound exchange of data traveling from one country
to another has become very important as more and more businesses rely on e-commerce. . This
Directive was an important initiative to protect personal information by prohibiting the transfer of
such personal data to those countries, which did not conform to the privacy protection requirements
of the EU. However to promote e commerce to and from the EU it was essential that the gap in
privacy protection norms be bridged. Keeping this goal in mind the U.S. Department of Commerce
and the European Commission conferred at length and evolved a "safe harbor" structure. This "safe
harbor" structure was accepted and approved by the EU in 2000. This safe harbour structure was
based on certain principles wherein the individual sharing personal information was to be duly
notified and given a choice whether such information was to be shared or not with third parties. He
was also to be informed about further transfer of such information and who would access the same
and for what purpose. Adequate protection measures were to put into place for securing the
information and the accuracy of the information was also to be maintained. Finally a regulatory
infrastructure was to be provided to address any transgressions and violations of privacy.
In the United States, workers have very few privacy protections in law. There are few
situations where an employee has a due process right to access, inspect, or challenge information
collected or held by the employer. There are patchworks of state and federal laws that grant
employees limited rights. For instance, under federal law, private-sector employees cannot be
required to submit to a polygraph examination. However, there are no general protections of
workplace privacy except where an employer acts tortuously - where the employer violates the
employee's reasonable expectation of privacy.
European employers are bound by comprehensive data protection acts that limit and
regulate the collection of personal information on workers. These laws specifically call for
purpose and collection limitations, accuracy of data, limits on retention of data, security, and
protections against the transfer of data to countries with weaker protections. These protections
120
OECD Guidelines on data protection (1980) – Guidelines Governing the Protection of Privacy and Transborder
Flows of Personal Data, adopted 23.9.1980; available at http://europa.eu.int/comm/internal market/privacy/
instruments/ocdeguideline_en.htm
81
place employees on a more equal footing while allowing employers to monitor for legitimate
reasons. In 1996, the International Labour Organization (ILO) adopted a code of practice on the
protection of workers' personal data. The ILO code is regarded as the standard among privacy
advocates for protection of workers' privacy rights. The code specifies that workers' data should
be collected and used consistently with Fair Information Practices (FIPs).121 These protections
includes :
1. Coverage for both public and private sector employees.
2. That employee should have notice of data collection processes.
3. That data should be collected and used lawfully and fairly.
4. That employer should collect the minimum necessary data required for employment.
5. That data should only be collected from the employee, absent consent.
6. That data should only be used for reasons directly relevant to employment, and only for
the purposes for which the data were originally collected.
7. That data should be held securely.
8. That worker should have access to data.
9. That data should not be transferred to third parties absent consent or to comply with a
legal requirement.
10. That worker cannot waive their privacy rights.
11. That medical data is confidential.
12. That certain data, such as sex life and political and religious beliefs, should not be
collected.
13. That certain collection technique, such as polygraph testing, should be prohibited.122
Pursuant to the privacy directive, employees have a number of rights with respect to
collection of their personal information by employers, including the rights to be informed generally
about information collection practices; to access and correct personal information held by the
employer; and, in some cases, to actually withhold consent to the collection and processing of data
by the employer. If an employee believes his or her rights are being violated, he or she may appeal to
the appropriate supervisory authority for relief, or may seek damages in a judicial proceeding. Under
121
See the link: http://www.epic.org/privacy/workplace/ as last visited on 30.04.2022.
122
See the link: http://www.epic.org/privacy/workplace/ as last visited on 30.04.2022.
82
the privacy directive, employers are liable for monetary compensation to employees whose privacy
rights are violated. They are also liable for any additional sanctions under relevant national data
protection law.
There exists in India an impending need to frame a model statute which safeguards the Right to
Privacy of an individual, especially given the emergence of customer-service corporate entities which
gather extensive personal information relating to its customers. It's evident that despite the presence
of adequate non-mandatory, ethical arguments and precedents established by the Supreme court of
India; in the absence of an explicit privacy statute, the right to privacy remains a de facto right,
enforced through a circuitous mode of reasoning and derived from an expansive interpretation of
either Constitutional law or Tort law.
The urgency for such a statute is augmented by the absence of any existing regulation which
monitors the handling of customer information databases, or safeguards the Right to Privacy of
individuals who have disclosed personal information under specific customer contracts viz. contracts
of insurance, credit card companies or the like. The need for a globally compatible Indian privacy
law cannot be understated, given that trans-national businesses in the services sector, who find it
strategically advantageous to position their establishments in India and across Asia. For instance,
India is set to emerge as a global hub for the setting up and operation of call centers, which serve
clients across the world. Extensive databases have already been collated by such corporate, and the
consequences of their unregulated operations could lead to a no-win situation for customers in India
who are not protected by any privacy statute, which sufficiently guards their interests. Even within
the present liberal global regulatory paradigm, most governments would be uncomfortable with a
legal regime, which furthers commercial interests at the cost of domestic concerns.
83
CHAPTER –6
Telephone Tapping-An invasion of privacy
6.1 Law relating to Telephone tapping in India

The Indian Telegraph Act of 1885 was enacted to govern all aspects relating to the usage
of telephones and the telegraph system in the Country. The definition of telegraph now includes
telephony, facsimile, images and even data [as in computers]. 123 Section 5 (2) of the Indian
Telegraph Act of 1885 enables the Central Government or a State Govt. to intercept
communications provided it is required in the interests of the security of the State and to prevent
incitement to the commission of an offence. This was the result of a controversial amendment
that was introduced by the legislature in 1971. The Act also provides for safeguards against
illegal and unwarranted for interference in the telephone and telegraph mechanisms.
Section 25 states that “any person intending to intercept or to acquaint himself with the
contents of any message damages, remove, tampers, with or touches any battery, machinery,
telegraph line, post or other thing whatever, being part of or used in the working thereof shall be
punished with imprisonment for a term which may extend to three years or with a fine, or
both”124 Telephone tapping or wire-tapping is the monitoring of telephone conversations by a
third party, often by covert means. It received its name as historically, the monitoring device was
applied to the wires of the telephone line being monitored and tapped a small amount of the
electrical signal carrying the conversation.125
There are a number of ways to monitor telephone conversations. One is by way of recording
the conversation through in-line recorders. An in-line recorder plugs into any phone jack and will
record phone calls from any phone on that same line. If a tape-recorder has a re-mote jack on it, this
device will automatically start the tape-recorder each time a phone in the house is picked up. Direct
line tap is what state used does via the telephone exchange. But it is also possible to tap physically
outside the house through a parallel connection. The tap can either involve a direct electrical
connection to the line, or an induction coil.
123
Section 3(1) of Indian Telegraph Act 1885.
124
Section 3(1) of Indian Telegraph Act 1885.
125
The Times of India, New Delhi, Monday, January 9, 2006
84
An induction coil is usually placed underneath the base of a telephone or on the back of a
telephone handset to pick up the signal inductively. With a direct connection, there will be some drop
in signal levels because of the loss power from the line, and it may generate noise on the line. The
new digital cell phones can be tapped if you have the right equipment, but it takes fairly sophisticated
and expensive technology that is highly illegal. Methods to prevent tapping involve the use of
debugging instrument and scramblers. Phone tapping in India is regulated under the Telegraph Act
of 1885. As per the law, only the CBI or intelligence agencies such as IB or RAW or state police
departments should be allowed to eavesdrop on telephone lines. Only the Union home secretary,
or his counterpart in the'" states, can issue an order for a tap. 126 The government is also required
to show that the information sought cannot be obtained through any other means. Under any
other circumstance, phone tapping is an offence. The IT Act, 2000 also lays down unauthorized
surveillance of data is an offence. But there continues to be a gap between the law and its
enforcement and very often it is misused by people in positions of authority It is felt that this is
due to the absence of strict privacy laws in India.
Some recent events culminating in the allegations of phone-tapping made first by Amar
Singh and then by a number of other public figures including the Tamil Nadu Chief Minister
Jayalalithaa make Ogden Nash's little poem relevant in a rather roundabout way. 127What we have
been seeing is sting operations involving Members of Parliament and then these allegations of
phone-tapping have a bizarre resemblance to the operation described by Nash; the tactics
involved are based on the fact that the victims are unaware of just what is happening and thereby
provide the predator or the operator with just what he or she was looking for - sometimes even
more. Except that the argument that this is a blatant and unforgivable invasion of privacy falls on
its face in the context of what the `victim' reveals, knowingly or unknowingly.128
Sting operations and phone tappings are really a very small part of the whole story.
Satellite, remote control cameras and high fidelity sound equipment that can pick up
conversations in a room from outside can now spy upon an individual. In other words, a person
does not really have any privacy that he can be sure of. He can have his words recorded, his
126
Section 4&5 of Indian Telegraph Act, 1885
127
Bhaskar Ghose, “Privacy: The Next Frontier”, FRONTLINE, Volume 23 - Issue 02, Jan. 28 - Feb.10, 2006.Also
available at the link: http://www.flonnet.com/fl2302/stories/20060210002508900.htm as last visited on 25.04.2022.
128
Ibid
85
actions filmed and his writing copied.129 As a general principle it is indeed true that any violation
of an individual's privacy is the violation of his fundamental rights; but that becomes a menace
only if it is used for ends that are not in the national interest, and if there is indeed something that
can be so used. If a person has nothing to hide, has done nothing he wishes to keep secret, it is
still a violation of his individual rights if his privacy is invaded; but then that violation will stand
out as a perfidious act, and the agency guilty of it will suffer a great deal of humiliation and
public contempt, if nothing else. Technology makes our privacy very fragile indeed130; it is all the
more necessary for the state to understand this and be very careful when it decides to break into
it.131
Listening into telephone conversations by third parties is as old as telephony itself. The
contentious issue of telephone tapping has remained with us for a very long time, and has been
the topic of a never-ending debate between law enforcement officials and civil liberties activists.
Indian Courts have examined the ethical aspect of telephone tapping while attempting to evolve
suitable guidelines in relation to the vexed question of admissibility of evidence obtained
through this method. Though our legal system has been witness to a slew of telephone tapping
cases, no clear trend has emerged so far. The issue resurfaced during the proceedings of the
Parliament attack case but the High Court and the Supreme Court examined it from different
standpoints. Telephone tapping in India has gained notoriety; thanks in part to numerous political
scandals that have emerged over the past few decades- the latest being the Ajit Jogi telephone
tapping incident in December 2003 and Amar Singh telephone tapping in Jan 2006, which
attracted tremendous media attention. All this also brings into focus the right to privacy- a term
that seems to hold very little meaning in our modern world of hidden cameras, electronic
bugging of homes, telephone-tapping and increased surveillance of e-mail and the Internet.132
The State machinery is of the opinion that telephone tapping is a method of preventing
crime while also serving as a means for obtaining vital information that can be used to further the
interests of national security. Besides, phone taps have also proven successful in checking the
organized crime syndicates and the drug mafia, since it aids the police in making preventive
arrests and in taking necessary precautionary measures. Human rights activists on the other hand,
129
Rajinder Sachar, “Telephone tapping an invasion of individual’s privacy”PUCL Bulletin, 2006
130
Ibid
131
Ibid
132
See the link: (http://www.legalservicesindia.com/articles/mom1.htm) as last visited on 15.05.2022.
86
state that it constitutes a blatant invasion of a person’s right to privacy and the right to live his
life in a peaceful and humane manner. 133 They further point out that telephone tapping has been
used more to delve into the financial aspects and the intimate relationships of a certain
individuals, than to unearth a crime ring or to prevent a terrorist attack. In India today, every
second politician, bureaucrat and journalist alleges that the Government taps his or her
telephone. Notwithstanding all of these concerns, I would like to examine the legal object behind
telephone tapping and the usefulness of the information gleaned from it in Courts. Another
aspect that needs to be examined is- how do we determine where the line is to be drawn between
improperly obtained evidence that is admissible and that which is deemed to inadmissible.
6.2 Law relating to Telephone Tapping in England

English law has evolved considerably since the blanket endorsement of any and all
methods to obtain evidence-a method propounded in the Leatham case, though one might be
inclined to disbelieve this statement in the light of an observation in R v Sang, where it was
stated that there was "no discretion to refuse to admit relevant admissible evidence on the ground
that it was obtained by improper or unfair means. The court is not concerned with how it was
obtained. For the moment, this statement must be placed in the background, in order be state that
as the law stands now it is not illegal for the police to bug someone's phone but it is forbidden to use
the information gleaned in a court of law. However, changes in the law have been mooted and the
many feel that phone taps would be a useful tool against organized criminals as well as terrorists. In
Britain, evidence from wall bugs and other covert devices is admissible but not from phone taps.
Section 78 of the Police and Criminal Evidence Act 1984 (PACE) judicial discretion can be quoted
in relation to the admissibility of evidence. In relation to this paper and the basis for the evidence
being deemed inadmissible, the section provides that the court should reach its decision, "having
regard to all the circumstances, including the circumstances in which the evidence was obtained” and
the usage of the evidence "would have such an adverse effect on the fairness of the proceedings, that
its exclusion is justified.
Prior to the Regulation of Investigatory Powers Act [RIP] 2000, interception of
communications in the UK was governed by the Interception of Communications Act 1985 (IOCA).
The IOCA put in place a statutory framework for interception of communications in order to meet
the criticisms leveled at the UK in 1984 by the European Court of Human Rights in the case Malone
v UK134. In this case the European Court of Human Rights noted that in the absence of a proper
legislative framework in the UK, the practice of telephonic interception was insufficiently grounded
133
(1979) 2 All ER 1222
134
(1984) 7 EHRR 14
87
in law to allow it to be justified under Article 8(2) of the European Convention on Human Rights.
Prior to the Regulation of Investigatory Powers Act [RIP] 2000, interception of communications in
the UK was governed by the Interception of Communications Act 1985 (IOCA). The IOCA put in
place a statutory framework for interception of communications in order to meet the criticisms
leveled at the UK in 1984 by the European Court of Human Rights in the case Malone v UK 135.
During a criminal trial the defendant, Mr. Malone, alleged that the police had intercepted his
telephone calls. On his acquittal of the criminal charges, he brought a civil action against the police
claiming that the interception of his phone calls had been unlawful on the grounds that it constituted
a breach of confidence, a trespass, and an unlawful interference with his privacy. The UK courts
dismissed all his claims.
Malone then brought an action against the UK Government alleging a breach of Article 8
(the right to a private life) of the European Convention of Human Rights (ECHR). 136 However,
interference with a Convention right should only occur under legal regulation. In Mr. Malone’s
case, the only regulation of the practice of phone tapping was a police internal code of guidance,
which was not made public. The European Court of Human Rights held that Mr. Malone could
therefore neither assess whether or not his telephone would be tapped nor determine the basis in
law for the surveillance. In the absence of a legislative framework, and with the UK courts
unwilling to provide a judicial remedy it concluded that the English practice of interception was
insufficiently grounded in law to allow it to be justified under Article 8(2).
It is an offence for any person intentionally, and without lawful authority, to intercept any
communication in the course of its transmission through a public telecommunication system and
- except in specified circumstances - through a private telecommunication system. This offence
is established under the Regulation of Investigatory Powers Act 2000 (RIPA 2000). This makes
private telephone tapping an offence.137
The qualification of private is added because RIPA 2000 perpetuates the system for the
interception of telephone calls by appropriate authorities - e.g. security service, secret
intelligence service, NCIS, GCHQ, Police or Customs - under authorization by the Home
135
Ibid
136
Everyone has the right to respect for his private and family life, his home and his correspondence’, but this is
subject to Article 8(2) ECHR which contains a number of limitations and exceptions, including "the interests of
national security, public safety or the economic well-being of the country, for the prevention of disorder or crime,
for the protection of health or morals, or for the protection of the rights and freedoms of others"
137
Note: Under RIP Act 2000.
88
Secretary. Such authorization is provided under an Interception Warrant. This must name or
describe either one person as the Interception Subject, or a single set of premises where the
interception is to take place. However, in limited circumstances the Home Secretary may issue a
certified Interception Warrant which can disapply some of the requirements of a normal warrant
and, in particular, the requirement to specify a person or premises. These certified warrants
normally should only be issued in relation to external communications sent or received outside
the UK. This could cover interception of communications channeled through a foreign Internet
Service Provider.138
An Interception Warrant can only be issued if the Home Secretary believes that it is
necessary for a reason relating to national security, serious crime or the economic well-being of
the UK and the use of an Interception Warrant is proportionate. The Home Secretary must
consider whether the information sought could reasonably be obtained by other means. 139An
Interception Warrant is normally only valid for three months, but may be renewed for 6
months.140 Where it is found that an Interception Warrant has been improperly issued, the
Tribunal has power to order compensation and the destruction of the recorded material. If the
interception took place without a warrant the only sanction is a criminal prosecution - to which
the Director of Public Prosecutions must consent.
6.2.1 Procedure for obtaining Interception Warrant

The procedure to be followed and the information to be provided when seeking an
interception warrant from the Home Secretary are set out in ‘The Interception of
Communications Code of Practice’. An interception warrant can only be issued if the Home
Secretary believes that it is necessary for a reason relating to national security, serious crime or
the economic well-being of the UK (the ‘stated reasons’) and it is proportionate in the
circumstances. As well as balancing the intrusiveness of the interception against the operational
need for it, the Home Secretary must consider whether the information sought could reasonably
be obtained by other means. The Code of Practice also includes special rules regarding
‘collateral infringement of privacy’. Tapping a telephone does not only infringe the privacy of
the person who owns the telephone, the interception subject – it also affects anyone who calls or
138
See sections 6 to 11of RIP Act 2000 (which define interception warrants and associated powers)
139
Section 8 of RIP Act 2000
140
Section 9 of RIP Act 2000
89
is called by that person. If communications relating to medical, religious, journalistic or legally
privileged material are likely to be involved, the application for an interception warrant should
draw attention to this as it will give rise to an unusual degree of collateral infringement of
privacy. This is to be taken into account by the Home Secretary when considering the
application. RIPA imposes duties on communication service providers to provide assistance to
effect an interception authorized by an interception warrant. A statutory duty of confidentiality is
imposed on the police, civil servants, postal and telecommunication workers to keep secret the
contents of any interception warrant, the details of its issue and implementation, and everything
in the intercepted material. It is an offence to give disclosure of any of this secret material,
subject to specific defenses including disclosure to legal advisers.141
6.3 Land Mark Cases

In 1996 in the case of People’s Union for Civil Liberties (PUCL) v Union of India & Another142
Supreme Court decision ruled that phone tapping is a "serious invasion of an individual's
privacy." The court recognized the fact that the right of privacy is an integral part of the
Fundamental Right to Life as per Article 21 of the Constitution. Following a Central Bureau of
Investigation report highlighting incidents of telephone-tapping by the Government, the
petitioner (a voluntary organization) filed a writ petition challenging the constitutional validity of
s 5(2) of the Indian Telegraph Act 1885. Section 5(2) authorizes the Government, in the event of
the ‘occurrence of any public emergency, or in the interest of the public safety’; to intercept
messages in five enumerated situations if ‘satisfied that it is necessary or expedient so to do’.
The petitioner’s primary contention was that sufficient procedural safeguards to rule out the
arbitrary exercise of power under the Act should be read in to sec 5(2). Although sec 7(2) (b) of
the Act empowers the Government to prescribe rules providing for ‘the precautions to be taken
for preventing the improper interception or disclosure of messages’, no such rules had been
framed by the Government. The petition also raised the question of whether telephone tapping by
the Government constituted an infringement of the constitutional right to freedom of speech and
expression (Art 19(1) (a)) and to life and personal liberty (Art 21).
In laying down procedural safeguards for the exercise of power under sec 5(2), it was held that:
141
Section 15 of RIP Act 2000.
142
(1997) 1 SCC 301.
90
1. The right to privacy is implicit in the constitutional guarantee of a citizen’s right to life and
personal liberty under Art 21 and cannot be curtailed ‘except according to procedure
established by law’ (Kharak Singh v State of UP & Ors143, Gobind v State of MP144 and
Rajagopal (alias R R Gopal) & Anothers v State of TN145 .The right to privacy certainly
includes telephone conversations in the privacy of one’s own home or office and, therefore,
telephone-tapping infringes Art 21 unless it is permitted by a procedure established by law.146
2. A person talking on the telephone is exercising his or her right to freedom of speech and
expression. Telephone tapping would also infringe Art 19(1)(a) unless it comes within the
restrictions on this right set out in Art 19(2).
3. Article 17 of the International Covenant on Civil and Political Rights, which protects the
individual from arbitrary or unlawful interference with his or her privacy, is not contrary to
any part of municipal law and Art 21 has, therefore, been interpreted in conformity with the
international law (dicta of Sikri CJ in Kesavananda Bharati v State of Kerala147, Khanna J in
ADM Jabalpur v Shivakant Shukla 148 and Krishna Iyer J in Jolly George Varghese v Bank of
Cochin.149
4. The authorities have no jurisdiction to exercise the powers under s 5(2) unless a public
emergency has occurred or the interest of public safety so demands. ‘Public emergency’
means ‘the prevailing of a sudden condition or state of affairs affecting the people at large
calling for immediate action’, while ‘public safety’ means ‘the state or condition of freedom
from danger or risk for the people at large’. Neither the occurrence of a public emergency nor
the interests of public safety are secretive conditions or situations; either of the situations
would be apparent to a reasonable person.
5. Section 5(2) clearly lays down the situations or conditions under which the power to intercept
messages or conversations can be exercised but the substantive law as laid down in the
143
[1964] 1 SCR 332
144
(1975) 2 SCC 148
145
(1994) 6 SCC 632
146
See the link: http://www.worldlii.org/int/cases/ICHRL/1996/96.html as last visited on 28.04.2022.
147
(1973) 4 SCC 225, 333
148
(1976) 2 SCC 521, 754
149
(1980) 2 SCC 360
91
provision must have procedural backing so that the exercise of power is fair and reasonable.
The procedure itself must be just, fair and reasonable and must rule out anything arbitrary,
freakish or bizarre as held in the case of Maneka Gandhi v Union of India150. In the absence
of just and fair procedure for regulating the exercise of power under s 5(2), it is not possible
to safeguard the rights of the citizens guaranteed under Arts 19(1) (a) and 21.
6. In the absence of any provision in the statute, it is not possible to provide for the procedural
safeguard of prior judicial scrutiny before any order is passed under sec 5(2). It is for the
Government to make rules on this subject under sec 7 but until it does so the right to privacy of
an individual has to be safeguarded. In order to rule out arbitrariness in the exercise of power
under sec 5(2), and until the time the Government lays down just, fair and reasonable procedures
under sec 7(2)(b), it is necessary for the court to lay down procedural safeguards for the exercise
of power under sec 5(2).
Justice Kuldip Singh observed: Tapping is a section invasion of an individual's privacy.

With the growth of highly sophisticated communication technology, the right to hold telephone
conversation, in the privacy of one's home or office without interference, is increasingly
susceptible to abuse. It is no doubt correct that every Government, however democratic,
exercises some degree of sub-rosa as a part of its intelligence out-fit but as the same time
citizen’s right to privacy has to be protected front being abused by the authorities of the day. The
above provisions clearly indicate that in the event of the occurrence of a public emergency or in the
interest of public safety the Central Government or the State Government or any officer specially
authorized in this behalf, can intercept messages if satisfied that it is necessary or expedient so to
do in the interest of.
1. The sovereignty and integrity of India.

2. The security of the State.
3. Friendly relations with foreign states.
4. Public order.
5. For preventing incitement to the commission of an offence.
150
(1978) 1 SCC 248
92
Further in the case of R.M.Malkani v. State of Maharastra151, the Supreme Court stated that
the telephonic conversation of an innocent person would be protected by the courts against wrongful
or high handed interference by tapping of the conversation by the police. But the protection is not for
the guilty against the efforts of the police to vindicate the law. Hence the exposure of telephone
tapping of politicians has once again brought to the fore the larger issues of individual freedom
and the right to privacy.152 It is abominable, though not inconceivable, that the state or any
agency — official or otherwise — should be eavesdropping on telephone conversations,
intercepting mail and generally playing the Big Brother in true Orwellian form. Like all
indefensible acts, these are often justified in the name of public interest and security. Hence, it is
heartening that such transgressions have been disapproved of at the highest level. Prime Minister
Manmohan Singh himself has berated this practice, though that has not ended the controversy
given the political mileage to be squeezed out of the issue.153
The problem is too important to be left to politicians, precisely because it is political, and the
larger issues would be conveniently forgotten once short-term purposes are served. Consider, for
instance, that telephone tapping is not outlawed in either Tamil Nadu or Uttar Pradesh — chief
ministers of the states that have raised a hue and cry. Their defense would be that this is done at the
behest of the Union Government and no state is exempt from the practice. True, but then is their
objection limited to tapping of the telephones of politicians? The politicians should fight for the
principle that the right to privacy of every citizen is inviolable.154
In a democracy rights and freedoms cannot be selective, nor for a privileged section. Sections of
civil society may rail at the state for prying and peeping, but this is exactly what the media sting
operations that exposed MPs involved in the cash-for-questions scam were about. Again, the end
exposure of corrupt politicians was cited to justify the means.
151
AIR 1973 SC 157
152
http://www.tribuneindia.com/2006/20060107/edit.htm#3.
153
Ibid
154
Ibid
93
CHAPTER- 7
Sting Operations - An Invasion of Privacy
7.1 Scope and Purpose

In society today sting operations have become the order of the day. A sting operation is a
well-planned scheme used by law enforcement agencies to entrap a criminal. It usually involves
a lot of undercover work.155 Satellite, remote control cameras and high fidelity sound equipment
that can pick up conversations in a room from outside can now spy upon an individual. In other
words, a person does not really have any privacy that he can be sure of 156. The Sting operations
carried out by so-called private spying agencies are blatant violation of an individual's privacy.
In fact, this technological terrorism has become order of the day, which has scant respect for
private confines of human beings.157 The advent of miniaturized audio and video technology,
specially the pinhole camera technology, enables one to clandestinely make a video/audio
recording of a conversation and actions of individuals. There are various ways of hiding the
camera inside a briefcase, or a pager or a cigarette lighter or a cellular telephone or a fountain
pen or a smoke detector or in the nose frame of sunglasses or other spectacles etc. Most of these
gadgets have either a self-activation mechanism or a mechanism, which has to be activated
manually. Watergate is a famous example of a President leaving office in disgrace and his
lieutenants being jailed for trying to have recording equipment clandestinely fixed inside the
office of a political adversary.
The only exceptions to this in the US are the law enforcement agencies and police-
licensed private detectives, who are allowed to use them under certain circumstances under
carefully controlled conditions. Licensed private detectives can use them for the collection of
evidence, but not in a sting operation. Only the FBI can mount a sting operation. No private
individual, not even a journalist, can.
The purpose of a sting operation is to catch the corrupt and spy on those involved in illicit
or anti-national activities. The miniature audio-video technologies’ including pinhole cameras
155
Financial Daily by The Hindu, Govt mulls controls on sting operations, Nithya Subramanian Tuesday, Apr 19,
2005
156
See the link: http://www.flonnet.com/fl2302/stories/20060210002508900.htm(as last visited on 15.05.2022).
157
See the link: http://refresh.blog.co.uk/2006/02/21/respect_privacy~580935(as last visited on 18.05.2022).
94
makes it easy for anyone to clandestinely make a recording of a conversation or some dubious
action. There are several ways in which a camera can be concealed-inside briefcases, pagers,
cigarette lighters, cell phones, fountain pens, smoke detectors, or even spectacle frames.158
Faced with disquiet among the media-watchers over "sting operations" using hidden
cameras, the Union Information and Broadcasting Ministry is considering a regulatory
mechanism to protect the privacy of individuals. A section of the media views "sting operations"
as a legitimate way of showing the truth, but the Ministry plans to make a clear distinction
between stories that amount to an "invasion of privacy" and those which expose corruption or
have political implications.159 The view gaining currency is that "invasion of privacy" cannot be
condoned and the Government ought to have some mechanism to address such cases. TV
channel recently entrapped actor Shakti Kapoor in conversation with a reporter posing as a girl
seeking a role in a film. There may be truth in the Shakti Kapoor episode but such operations are
definitely an invasion of privacy. Seeking favors is common.160
7.2 A mode of Invasion of Privacy

Privacy is a human right as well as a legal right. What is public life and what is private
are two separate entities, even though there could be borderline instances. It is a well known fact
that many demands are made by film directors when young girls approach them for certain roles
in films. The media has no business to expose what transpires behind closed doors between
consenting adults, even if the adults happen to be public figures. The link between the media and
one’s right to privacy is important. A sting operation of this kind is definitely not only an
intrusion on privacy but also indecent and disgusting. Indian democracy has much to learn from
the Tehelka episode.161 Indian governance is wrapped up in corruption, which has not spared
even issues relating to national security.162 But the more stinging truth is that it is virtually
impossible to discover the real state of affairs through any normal methods of investigation.
158
Source Link:http://www.dailypioneer.com/columnist1.asp?main_variable=Columnist&file_name=JOGINDER62
(as last visited on 20.04.2022)
159
The Hindu, "Sting operations" regulation under study, Anita Joshua, Thursday, Apr 21, 2005,
160
Deccan Herald,” T.V.Trap”, Aniruddha Sudhir, 28th March, 2005 avaialable at the link:
http://www.deccanherald.com/deccanherald/mar282005/forumasp.(as last visited on 19.05.2022)
161
The Hindu, “The Tehelka Commission” , Rajeev Dhawan, Friday, 15th October, 2004, p-12, also available at the
link: http://www.hindu.com/2004/10/15/stories/2004101500821000.htm (as last visited on 28.04.2022)
162
Ibid
95
There have been huge debates on whether the Tehelka style `stings' are ethical in terms of
invasion of privacy, the breach of normal methods, the use of women as part of the sting and the
unorthodox interviews. To argue that stings can never be done overstates the case against the
`sting' as a legitimate weapon of investigative journalism. Drawing sustenance from the
American concept of public exposure in defamation cases, the Supreme Court in the Auto
Shankar case (1994) rightly reminds public persons that they should have nothing to hide from
the public, which is entitled to know the truth.
India TV’s sting operation - coupled with the publication of what a Mumbai tabloid claimed
were photographs of Kareena Kapoor and Shahid Kapur sharing intimate moments has added to the
demand for a more defined right to privacy in the country. In India, sting operations were made
popular by Tehelka, which claimed to expose corruption in defence deals. The ‘sting’ on the casting
couch syndrome in Bollywood on India TV perhaps has once again brought to the fore the debate on
media ethics. There have been other exposes, both in print and on TV screens. 163 There have been
other instances of provocative material being transmitted through mobile phones and of course,
several indecent proposals on the net. The classification of private and public space is changing. The
problem is compounded by the fact that we do not have an adequate legal framework to tackle this
change.
There have been sting operations in India and elsewhere for several years. Only five
years ago, Tehelka carried out its famous expose on defence deals. 164Then came the cricket
match-fixing ‘scoop’. Now virtually every month, if not every week, some sting or hidden
camera/mike sting is being done somewhere. With the spread of the internet and the availability
of inexpensive and tiny video cameras, it has become relatively simple to record any event in a
covert manner.165Mobile phones, especially camera phones that are multimedia message (MMS)
enabled, can also intrude into people’s lives and disseminate damaging material to the public
domain.
7.3 Comparison with position in U.S.A.
163
See the link: http://www.business-standard.com/bsonline/storypage.php?autono=185352 (as last visited on
18.05.2022)
164
Ibid
165
Ibid
96
In the US, there are set rules against use of hidden cameras without prior permission. Only
investigating agencies are permitted to film persons who are proven offenders. There for example,
one needs legal sanction before undertaking a sting, there are strict guidelines 166:
1. Sting operations can be mounted only against those against whom some evidence of
criminality already exists and a sting operation is considered necessary for getting conclusive
evidence.
2. Permission for sting operations must be obtained from appropriate courts or the attorney
general. This safeguard has been laid down since those who mount a sting operation
themselves commit the offences of impersonation, criminal trespass under false pretences
and make a person commit an offence.
3. While the transcript of the recordings can be edited, the films and the tapes themselves
should not be erased or altered.
4. The US Supreme Court has even defined what amounts to an inducement in a sting. “An
inducement to commit a crime should not be offered unless: there is a reasonable indication,
based on information developed through informants or other means, that the subject is
engaging, has engaged, or is likely to engage in illegal activity of a similar type, or the
opportunity for illegal activity has been structured so that there is reason for believing that the
persons drawn to the opportunity, or brought to it, are predisposed to engage in the contemplated
illegal activity.”167
Obviously there is considerable outrage in India every time a sting or expose is done.
Some call it the moral right of journalists to publish the wrongdoing of an individual or a group.
On other hand, many find this an intrusion of privacy. Not only is our police ill equipped to
handle this new age crime but our laws are also inadequate. There is also an issue of whether
such exposes should be confined to issues of ‘national importance’ and not deal with the
personal lives of celebrities. 168There are no laws or guidelines for conducting sting operations in
India.
Officially, the anti-corruption agencies of the Government conduct sting operations to

catch the corrupt. In such cases, numbered and chemically treated currency notes are given to
officials demanding bribe. This money does not come from the Government but from the
166
Ibid
167
Ibid
168
Ibid
97
complainant and is the investigating agency's property till the final verdict has been delivered on
the case. Thus, the use of Government money for the conduct of such sting operations is
generally frowned upon because it means encouraging corruption. Legal experts define sting
operations as entrapment as inducement or persuasion. This is based on the premise that "a
person is 'entrapped' when she/he is induced or persuaded to commit a crime that she/he had no
previous intent to commit." The law as matter of policy forbids conviction on such a case. There
is no law against entrapment in India, although our cyber laws have specific clauses prohibiting
sting operations that intrude into an individual's privacy.
The Government which was quick to act in case of cyber law by enacting legislation on
the subject to prevent its misuse has not acted promptly enough in case of sting operations or
telephone tapping. This requires action as these sensitive areas are no more the monopoly of
public sector and many private players have entered the field. The authority, which can authorize
such operations, must be specified and the reasons for ordering such a probe specified. The
private agencies should be debarred from indulging in the same and stiff punishments including
closure of their operations should be made mandatory in case they are found guilty of undertaking
such activities. It is strange that the mushroom growth of detective agencies, security agencies,
indulging in illegal methods to recover bank loans is being allowed without any legislation to govern
their working.169
CHAPTER- 8
.Conclusion & Proposed Suggestions
169
Central Chronicle,” Watch Tower: Regulate sting operations “, Thursday January 12, 2006, available at the link:
http://www.centralchronicle.com/20060112/1201304.htm (as last visited on 28.04.2022)
98
As for sting operations a time has come when media organizations like the Press Council
of India should step forward and regulate this activity. In case they fail to do so, the job of
censorship or regulating TV channels will fall on Government which will be worse than the
original crime as it would give them power to introduce censorship through the backdoor. In
this entire debate one must keep in mind the fact that as new technologies develop they will
provide many new benefits but will also open doors for their misuse by unscrupulous agencies
in public as well as private sector. The Government and media organizations must remain
vigilant and deal with all such activities before they get out of control. The possibilities of
invading the privacy of individuals have become very easy with new aids available so the
temptations to use them for short-term gains will remain strong unless the regulators are equally
alert. Heeding to a long demand from the industry to make privacy related laws more stringent;
the government will make circulating video or still pictures of a person without permission a
punishable offence.170
The Department of Personnel and Training (“DoPT”) had prepared a draft bill on right to
privacy in the year 2011, the Right to Privacy Bill, 2011 (“Draft Bill 2011”). Although there had
been several discussions on the Draft Bill 2011, however the same has failed to materialize into a
comprehensive legislation on privacy. The need for stand-alone legislation was felt in the wake of
leak of the Nira Radia tapes in the year 2010, raising serious threats and concerns over the privacy of
individuals and its protection. The Draft Bill 2011 prescribes certain principles of Privacy. These
principles have been drafted in line of the provisions of the Information Technology Act, 2000. The
privacy principles are intended to be applicable to the collection, processing and use of personal
information, through any mode including interception, as well as audio and video recordings.
The call for a comprehensive legislation for protection of an individual’s right of privacy
is a need of the hour, especially with the rampantly increasing number of internet users in India
year on year. As an inevitable consequence, there have also been an increase in the number of
registration of cases and arrests in cases of breach of confidentiality and privacy under provisions
of Section 72A of the IT Act. The IT Standing Committee has recently expressed its desire that
the Department of Electronics and Information Technology in coordination with the DoPT, multi
disciplinary professional and experts, should come out with a comprehensive and people friendly
170
Source Link: http://www.siliconindia.com/shownewsdata.asp?newsno=29890&newscat=Technology (as last visited on
25.04.2022)
99
policy for protection of the privacy of citizens and which is also foolproof from the security
prospective.
The proposed bill will make TV Channels and publications liable for prosecution. One
consequence of the proposed amendments may be that sting operations will become difficult. On the
positive side, sleazy hotels recording unsuspecting couples in intimate moments will face a stronger
deterrent if the cabinet approves the bill. The amendments to the IT Act, which have been submitted
to the law ministry for approval, address issues never explored before in Indian legal history. The
issues of privacy, including the definition of what constitutes a private moment and which are the
private parts of a human body, have all been dealt with in the version of the Act submitted to the law
ministry.
The bill also recommends a compensation of Rs 25 lakh to the person whose privacy has
been infringed. The offender can also be jailed for one year with a fine of Rs 2 lakh. This means
that even television channels that carry images of MMS clips can be held liable even though they
may not have originally captured it. Financial transactions like purchase and sale of visual
images will entail imprisonment of two years for those circulating the content. Under the
proposed rules, no action will be taken till the person whose images are captured registers a
complaint. Being part of a society often overrides the fact that we are individuals first. Each
individual needs his/her privaye space for whichever activity (assuming here that it shall be legal).
The state accordingly gives each individual that right to enjoy those private moments with those
whom they want to without the prying eyes of the rest of the world. The right of privacy is not a right
against the state, but against the world. The individual does not want to share his thoughts with the
world and this right will help protect his interests.
In this day and age, this right is becoming more essential as everyday passes. With all our
lives being splattered over the media are it through social networking sites or the spy cameras,
we need protection so that we can function in a way we want to and not think of others before
our actions. After all, the only ones we owe an explanation to is ourselves, and not to the entire
world.
BIBLIOGRAPHY
PRIMARY SOURCES
I. BARE ACTS:-
100
1. Fair Credit Reporting Act, 1970
2. Indian Easements Act, 1882
3. Indian Penal Code, 1860
4. Information Technology Act, 2000
5. Indian Telegraph Act, 1885
6. Privacy and Indecent Representation of Women (Prohibition) Act, 1987
7. Regulation of Investigatory Powers Act, 2000
8. Right to Information Act 2005
9. United Kingdom Data Protection Act, 1998
SECONDARY SOURCES
I. BOOKS & JOURNALS:-
1. Arthur R.Miller, “The Assault on Privacy”, 169 Bookman Publishing 40(1972)

2. Edward Shils, "Privacy: Its Constitution and Vicissitudes", 2 Law and Contemporary
Problems 31 (Spring 1966)
3. Gross,” The Concept of Privacy”, 42N.Y.U.L.Review 34, 35-37 (1967)
4. Hyman Gross, “Privacy and Autonomy, Privacy” 169 NOMOS XIII (1971)
5. Michael A Weinstein, “The Uses Privacy in the Good Life, 94, NOMOS, XIII (1971)
6. Mishra G, “Right To Privacy in India”, 48, 151 (Preeti Publications, Ist Ed) (1994)
7. Rajinder Sachar, “Telephone tapping an invasion of individual’s privacy” PUCL
Bulletin, 2006
8. Raman Mittal Neelotpal Deka, “Cyber Privacy”
9. Richard B. Parker, “A Definition of Privacy”, 27 Rutgers L Review 275(1974)
10. Ruth Gavison,” Privacy and limits of Law”, 425 Yale Law Journal 89(1980)
11. Justice P.B. Sawant, Press Freedom, Legal Restrictions and National Interests, Mass
Media in Contemporary Society, Published by Capital Foundation Society
12. Samuel D. Warren and Louis Brandeis, “The Right to Privacy”, 4 Harvard Law
Review, 193 (1890)
13. Thomas M. Cooley, Law of Torts 91 (2nd ed 1888)
101
14. Weber , History of Indian Literature , pp 16-20
15. Westin. A.F. (Ed.) (1971) “Information Technology in a democracy”, Cambridge, MA:
Harvard University Press
II. WEBSITES :-
1. http://www.business-standard.com/bsonline/storypage.php?autono=185352 , dt.18.04.2022.
2. http://www.dailypioneer.com/columnist1.asp?main_variable=Columnist&file_name=JOGINDE
6, dt.20.03.2022.
3. http://www.deccanherald.com/deccanherald/mar282005/forumasp ., dt.19.03.2022.
4. http://www.epic.org dt.20.03.2022.
5. http://economictimes.indiatimes.com/articleshow/1211133.cms , dt.25.03.2022
6. http://europa.eu.int/comm/internal_market/privacy/instruments/ocdeguidelineen.h ,
dt.17.03.2022.
7. http://www.flonnet.com/fl2302/stories/20060210002508900.htm , dt.25.03.2022.
8. http://www.ipc.on.ca/userfiles/page_attachments/safnet-e.pdf , dt.11.03.2022.
9. http://www.legalservicesindia.com/articles/mom1.htm , dt.15.03.2022.
10. http://www.legalsitecheck.com/dataprotection.html ., dt.23.03.2022
11. http://www.manupatra.com/downloads/2005-data/TelePIL.pdf. , dt.17.04.2022.
12. http://www.mondaq.com/article.asp?articleid=15725 , 23.03.2021, dt.15.04.2022.
13. http://www.naavi.org/praveen_dalal/whatis_obscenity_feb03.htm#_ftn2 , dt.23.04.2022.
14. http://www.naavi.org/cl_editorial_05/edit_june_24_05_01.htm ., dt.18.04.2022.
15. http://www.naavi.org/praveen_dalal/e_pornography_dec10.htm , dt .20.04.2022.
16. https://www.privacyexchange.org/japan/privacyguide04.pdf ., dt.20.04.2022.
17. http://www.nasscom.org , dt.20.04.2022.
18. http://www.privacyrights.org , dt.19.05.2022.
19. http://refresh.blog.co.uk/2006/02/21/respect_privacy~580935 , dt.18.05.2022.
20. http://www.siliconindia.com/shownewsdata.asp?newsno=29890&newscat=Technology ,
dt.25.04.2022.
21. http://stlr.stanford.edu/STLR/Articles/index.htm , dt.20.05.2022.
22. http://www.twobirds.com/engkish/publications/articles/control_informationby_law.cfm ,
dt.20.05.2022.
102
23. http://www.un.org/overview/right.html , dt.18.05.2022.
24. http://www2.warwick.ac.uk/fac/soc/law/elj/jilt/1998_1/blume/>,dt.12.05.2022
http://www.peacebuildinginitiative.org/index.cfm?pageid=1849.
103

Right To Privacy With Special Reference To Electronic Media

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Right To Privacy With Special Reference To Electronic Media

Uploaded by

Copyright:

Available Formats

S MEDIA

RIGHT TO PRIVACY WITH SPECIAL REFERENCE TO ELECTRONIC

Mr. KAUSHLENDRA SIR

Institute of Legal Studies

Institute of Legal Studies

WITH SPECIAL REFERENCE TO ELECTRONIC MEDIA” is a bonafide

research undertaken by me in partial fulfilment of LL.M (One Year) programme at Sri

the able guidance and supervision of Asst. Prof. Mr. Kaushlendra.

anywhere for any degree or diploma.

Date: June 22, 2022

TO WHOMSOEVER IT MAY CONCERN

dissertation, titled “RIGHT TO PRIVACY WITH SPECIAL REFERENCE TO

study would not have been successfully completed.

my talent in bringing out this project work as a successful one.

1. Boyd v. United States. 116 U.S. 616 (1965)………………………………….…….……11

CHAPTER - 2 Conceptual Framework of Privacy…………………………………………...15

CHAPTER - 3 Statutory protection of Right to Privacy in India……..…………..….....38

CHAPTER - 4 Data Protection & Privacy……………………………………………..…47

CHAPTER - 5 Informational & Workplace Privacy……………………………....…………72

CHAPTER – 6 Telephone Tapping-An Invasion of Privacy…………...……………….83

CHAPTER - 7 Sting Operations - An Invasion of Privacy……………………….……..94

CHAPTER- 8 Conclusion & Proposed Suggestions…………………………………..….99

AIR : All India Reporter Art. : Article

CJI : Chief Justice of India

SCC : Supreme Court Case

S.C.R : Supreme court report

UDHR : Universal Declaration of Human Right

U,P : Uttar Pradesh

U/A : Under article

WWW : World Wide Web

1.1. 2. Privacy at Political Level

1.1.3. Privacy at the Socio-Cultural Level

2.1 Historical Framework of Privacy in India

2.1.3 Privacy in Grihya Sutras

2.2 Privacy: A Zero-Relationship

The phenomenon of privacy exists only in contexts in which interaction, communication

2.3 Constitutional Framework of Privacy

2.4 Safeguarding Identity of Children

As far as taking photographs of certain vulnerable persons is concerned, he admitted to

2.5 Safeguarding Identity of Rape Victims

2.6 Trial by Media & Media Victimization

"…the publication, (whether by words, spoken or written or by signs, or by visible

2.7 Sting Operations

In a recent judgment on a supposed sting operation conducted by M/s. Associated

2.8 Land Mark Cases

In State of Maharashtra v. Madhukar Narayan Mardikar,50 departmental proceeding was

JUSTICE K.S. PUTTASWAMY v. UNION OF INDIA AND ORS

3.1 Privacy as under Easements Act, 1882

3.2 Privacy and Indecent Representation of Women (Prohibition) Act, 1987

3.3 Privacy as under Indian Penal Code 1860

3.4 Privacy as under Right to Information Act, 2005

3.4.3 Right to information and Electronic governance:

4.1 Meaning of Data

1. Is being processed by means of equipment operating automatically in response to

1. from the data, or

4.2 Need Regulation of Data Protection

4.2.1 Data Protection Laws in India

The Government has notified the Information Technology (Reasonable Security Practices

 the sovereignty or integrity of India,

4.2.2 Information Technology Act, 2000

4.2.3 Grounds on which Government can interfere with Data

1. Accesses or secures access to such computer, computer system or computer network

4.2.6 Computer related offences