INTRODUCTION
In this digital era, technology is evolving by and by, where everything is at our fingertips. A new world exists called a ‘Virtual World’ with no limit in using and misusing technology. Nowadays, almost everything is connected digitally through websites, social media platforms, and payment applications, where privacy is the most significant concern of every individual. Privacy is indispensable to human beings, and there are various aspects of privacy, such as privacy of space, body, information, choice, and so on, which have evolved. Every individual has a right to limit the sharing of information digitally. After the KS Puttaswamy judgement 2017, the Right to Privacy is treated as a fundamental right under Article 21[1] of the Indian Constitution.
INFRINGEMENT OF PRIVACY THROUGH TECHNOLOGY
The present is an information-technology era. With the advancement of technology and its accessibility, a new world of enhanced communication, faster information exchange, and greater transparency has emerged. But everything has benefits as well as drawbacks. With the rapid growth of technology comes a surge in its misuse, which is largely unavoidable and exacerbated by the growing use of the Internet to share sensitive, private, and commercial information.
- Deepfake- Recently, a video of actress Rashmika Mandana has surfaced widely on social media platforms, which is generated through Artificial Intelligence (AI) called Deepfake. Deepfake is a type of AI used to create convincing images, audio and video hoaxes where one person is swapped for another and is represented doing or saying something that isn’t done or said, spreading false information. According to the 2023 State of Deepfakes report from the United States-based Home Security Heroes[2], there has been a 550% increase in deepfake videos compared to 2019. A staggering 98% are pornographic, and 99% of those mapped faces are women. This technology is being weaponised against women. Deepfakes pose a significant danger to an individual through blackmailing, causing fraud and threatening to harm their reputation.
- Pegasus Spyware– A shocking report came in July 2021, where at least 300 individuals from India, including journalists, politicians, activists and government officials, were under a target of Pegasus malware. The Israeli cybersecurity company Niv Shalev and Omri (NSO) group developed Pegasus spyware, which sells this software to governments and law enforcement organisations without necessary safeguards and monitoring. Its purpose is to track criminals and terrorists. Still, the most dangerous spyware enters into an electronic device, gathers information, and sends it to a third party without the user’s knowledge or consent. It can infect millions of phones, violating people’s right to privacy.
- Unified Payments Interface (UPI) Transactions– UPI launched in 2016 which was developed by the National Payments Corporation of India (NPCI) and regulated by the Reserve Bank of India (RBI), makes a real-time payment system through UPI virtual ID, QR code and Phone number facilitating contactless inter-bank transactions over a mobile platform. According to the RBI annual report, UPI transactions[3] stood at Rs. 139.20 trillion in Fiscal Year (FY) 2023. Although UPI is a revolutionary development in digital payments, people’s security and privacy are still regarded as being in jeopardy, which includes the revelation of virtual payment addresses, digital identity, transaction information and financial details that increase susceptibility to financial frauds. Digital Payments through UPI are viable, but we need more security features to curb privacy infringement and make UPI transactions sustainable.
- Aadhar Fiasco-The project on Aadhar, established in January 2009 through the Unique Identification Authority of India (UIDAI), has generated over 138 crore Aadhaars[4] by September 2023. Even after the Right to Privacy is treated as a fundamental right, UIDAI still fails to maintain the uniqueness of the identity of Aadhaar. Despite Aadhaar being one of the world’s largest biometric-based identification systems, serious concerns are mentioned in the Comptroller and Auditor General (CAG) report[5], 2021, on the ‘Functioning of UIDAI’. The report stated issues such as (i) due to poor data quality and issues of data matching, the database continues to generate faulty Aadharas, which were already issued, creating a huge problem and threat to the privacy of an individual (ii) Bal Aadhaar cards issued to children below the age of 5 on behalf of biometric details of parents not of children’s biometric details which violates the most distinctive feature of Aadhaar i.e. uniqueness of identity (iii) UIDAI do not have Data Archiving Policy which is vital to mitigate the risk of data protection vulnerability. Due to these issues in this digital era, an individual’s data is vulnerable to theft and misuse, which is a major risk to privacy.
- Social Media- With the emergence of the Internet, it is important to remember that privacy should be respected in the physical world and cyberspace. Internet and social media use has increased in India due to the availability of smart devices, decreased internet costs, and worldwide connection. Social media is an interactive hub where individuals can digitally communicate, and it is a strong instrument for freely expressing oneself to a big audience. Individuals make their personal information public, but privacy is still expected. However, there is a risk of an individual’s sensitive personal data being exposed. In certain cases, the individual is aware that the social media networking sites are collecting information about him; yet, there may be times when the user is completely unconscious of the information trail he is leaving online, over which he has no control at all. Such information can be used by potential perpetrators to perpetrate bodily crimes.
LAWS RELATING TO THE PROTECTION OF THE RIGHT TO PRIVACY
- Information Technology Act, 2000 (I.T. Act)- The IT Act is regarded as comprehensive legislation that only addresses privacy-related issues. In addition to compensating the person harmed by unjust gain or loss, Section 43A[6] deals with putting reasonable security measures in place for sensitive personal data or information. The government is permitted by Section 69A[7] to restrict public access to any information via any computer resource for specific grounds.[8]
- Digital Personal Data Protection (DPDP) Act, 2023-On August 11, 2023, the DPDP Bill, 2022, became the Digital Personal Data Protection Act. The DPDP Act applies to all digital personal data, whether it is stored online or was originally stored offline and then digitized. It also applies to the processing of digital personal data outside of India’s borders, particularly when it involves the provision of goods or services to individuals on Indian territory. Individuals have the right under the DPDP Act to seek information on how their data is processed, the right to correct inaccurate or incomplete data, the right to erase data that is no longer required for processing, the right to file a complaint in the event of a data breach, and the right to appoint another individual to exercise these rights in the event of incapacity or death.
- Judicial Approach-After the landmark judgement of KS Puttaswamy vs Union of India in 2017, the Right to Privacy became an integral part of Fundamental Rights under Article 21 of the Indian Constitution and is available to every person. Individuals have the right to file a writ petition under Article 32[9] and Article 226[10] of the Indian Constitution in case of infringement of the right to privacy.
CONCLUSION
Privacy is an important aspect of an individual’s life. It enables people to decide how much and where to share their personal information. It checks the unwanted interference and activities of others in one’s life. Privacy is not only a basic right or a fundamental right, instead, it is more of a human dignity, safety, reliability and faith in the existing rules and regulations. Privacy is more a human right than a fundamental right. But, given the present vicious cycle existing in a virtual world where your own provided information becomes your enemy and haunts you by compromising your privacy. So, it is clear that in today’s era of digital media and a virtual cum real world, privacy is as much a myth as the virtual world is.
Privacy can be made a reality by shouldering a shared responsibility between the citizens and the government. The government brought robust and foolproof laws with proper guidelines, such as the DPDP Act 2023, to ensure citizens’ right to privacy. At the same time, individuals must be cautious on digital platforms. They should avoid oversharing, follow the guidelines provided by the various digital platforms, remain vigilant of phishing scams and unauthorised sites, and many more precautions should be taken.
We must follow the rule of ‘less is more’ in the context of our privacy because even our small mistakes can put us and our privacy in great danger.
Author(s) Name: Prasoon Kumar Ravi (Campus Law Centre, Faculty of Law, University of Delhi)
References:
[1] Indian Constitution, art 21
[2] Brandon King, ‘2023 State of Deepfakes’ (Home Security Heroes, 2023) <https://www.homesecurityheroes.com/state-of-deepfakes/> accessed 18 November 2023
[3] Sangeeta Ojha, ‘Online Payments in India, (Mint, 20 June 2023) <https://www.livemint.com/money/personal-finance/online-payments-in-india-how-upi-is-changing-the-face-of-digital-payments-11687241104262.html> accessed 19 November 2023
[4] UIDAI, ‘Generation of Aadhaar Cards’ (UIDAI, September 2023) <https://uidai.gov.in/en/about-uidai/unique-identification-authority-of-india.html#:~:text=About%20UIDAI,-The%20Unique%20Identification&text=The%20UID%20had%20to%20be,to%20the%20residents%20of%20India> accessed 19 November 2023
[5] Ministry of Electronics and Information Technology, Functioning of UIDAI (Performance Audit, Report No. 24 of 2021) paras 3.2.2, 3.2.3, 3.3.1, 3.6.1
[6] The Information Technology Act 2000, s 43A
[7] The Information Technology Act 2000, s 69A
[8] if such information is prejudicial to the sovereignty and integrity of India, defense of India, security of the State, friendly relations with foreign States or public order or incites the commission of any cognizable offence relating to above
[9] Indian Constitution, art 32
[10] Indian Constitution, art 226
