S.S.

JAIN SUBODH LAW COLLEGE

Internet Surveillance and Right to Privacy

Submission To: Submitted By:

MS. BHAVYA GANGWAL ASHISH SHARMA

ASST. PROF. OF LAW Roll no: - 08

X Semester

S.S. Jain Subodh Law

College

Page | 1
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
 CERTIFICATE

To whomsoever it may concern, This is to certify that, the dissertation titled

“Internet Surveillance and Right to Privacy” submitted by Ashish Sharma in
fulfillment for the award of the degree of B.A.LL.B. at S.S. Jain Subodh Law College
is the project of research carried out under my guidance and supervision.

Ms. Bhavya gangwal

Asst. Prof. of Law
S.S. Jain Subodh Law College

Page | 2
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
 AKNOWLEDGEMENT

I take this opportunity to express our humble gratitude and personal regards to Ms.
Bhavya gangwal for inspiring me and guiding me during the course of this project
work and also for her cooperation and guidance from time to time during the course
of this project work on the topic “Internet Surveillance and Right to Privacy”.

Date:
Place: Jaipur
Ashish Sharma

Page | 3
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
 RESEARCH METHODOLOGY

Aims and Objectives:

The aim of the project is to present a detailed study of the topic Internet

Surveillance and Right to Privacy forming a concrete informative capsule of the

same with an insight into its relevance in the Indian market.

Scope and Limitations:

In this project the researcher has tried to include different aspects pertaining to the
concept of Internet Surveillance and Right to Privacy .

Data Collection:
The following secondary sources of data have been used in the project-
 Websites
 Books

Method of Writing and Mode of Citation:

The method of writing followed in the course of this research project is
primarily analytical. The researcher has followed Uniform method of citation
throughout the course of this research project.

Page | 4
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
Introduction

with development of the Internet into a ‘global market place’, the world has seen a
sudden emergence of new, speedy means of communication. Not only has the
internet emerged as a lucrative centre for the commercial transactions, it has also
grown into an area where individuals from different corners of the world get to
communicate freely and cost-effectively. Communication, speech and expression
undoubtedly constitute some of the most basic liberties of individuals and, to a large
extent, can be considered inalienable. In the Indian context these rights are given
statutory recognition in part III of the Constitution As a necessary corollary to the
freedom to communicate and speak, is the fact that this must be allowed with as little
state interference as possible, i.e., in the absence of state intrusion and interference
into the content of the communication. This immediately raises the controversial
issue of the ‘right to privacy’. The right to privacy, it can be said, is considered a
logical corollary to the liberty to speak and express oneself.

An important point to note is that the Indian constitution does not include the ‘right to
privacy’ as a fundamental right. Its existence, therefore, as a constitutionally
guaranteed fundamental right is debatable. Nevertheless, the judiciary has, on more
than once occasion, opined that the right is implicit in the right under Article 21,
which provides that no person shall be deprived of his life and personal liberty
without a procedure established by law.

Page | 5
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
RIGHT TO PRIVACY UNDER CYBER LAW

There is a common misconception that the right to privacy is merely a weapon to

ensure confidentiality in human affairs. Confidentiality is, no doubt, one element in
the panorama of rights covered by the right to privacy, but it is just that one element.
It must not be forgotten that the right to confidentiality only arises after information
regarding human transactions or affairs have reached third parties. It has to be
recognised that the right to privacy extends over the entire gamut of collection,
retention, use and disclosure of information. It stems out the basic human desire for
a secure identity of one’s own and, to that extent, cannot be denied. In this context, it
may be said that privacy involves the right to control one’s personal information and
the ability to determine if and how that information should be obtained and used. It
may be necessary to examine the guidelines along which the extent of the right to
privacy may be determined. The guidelines, which may be generally taken as
accepted, have been framed by a European organization, named the Organisation
for Economic Co-operation and Development, in 1980.

The principles are as follows:

 Firstly, collection of personal data should be done with the consent of the
person and lawfully.

 Secondly, the data collected should be pertinent to the subject under

investigation. Therefore, for example, a man’s medical problems ought
not to be investigated while data on his tax returns is being collected.

 Thirdly, the purpose as to collection ought to be clearly specified.

 Fourthly, such data should not be further used except without express
consent of the subject and under the sanction of the law.

 Fifthly, there ought to be adequate security safeguards so as to prevent

leakage of data into the hands of unauthorised persons or the
destruction of classified material.

 Sixthly, there ought to be a higher degree of accountability detailing the

persons who are in charge of the process of collection and this is linked

Page | 6
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
 with the next point, which deals with the individual’s participation in the
process of data collection.

 Seventhly, the individual should have the right to confirm whether there
is any data on him and whether such data is pertinent or relevant to the
purpose for which it is collected.

 He should also have the right to access any data dealing with him at any
time as may be convenient to him and such data should be made
completely available to him in a reasonable manner and if the data
collected is not entirely accurate he should have the opportunity to point
out the facilities that may exist.

These then may be said to be the broad principles governing the existence of the
slightly ambiguous right to confidentiality.

The right to privacy has been held by the Hon’ble Supreme Court as an integral part
of the fundamental right to life under Article 21 of The Constitution of India. Privacy
concerns exist wherever uniquely identifiable data relating to a person or persons
are collected and stored, in digital form or otherwise. In some cases these concerns
refer to how data is collected, stored, and associated. In other cases the issue is who
is given access to information. Other issues include whether an individual has any
ownership rights to data about them, and/or the right to view, verify, and challenge
that information various types of personal information often come under privacy
concerns. For various reasons, individuals may not wish for personal information
such as their religion, sexual orientation, political affiliations, or personal activities to
be revealed. This may be to avoid discrimination, personal embarrassment, or
damage to one’s professional reputation.

Spamming, sending unsolicited mails and websites collecting information about

individual surfers and selling it off for monetary considerations lead to violation of
their privacy in cyberspace.

Telephone – Tapping is a serious invasion of an individual’s privacy. With the

growth of highly sophisticated communication technology, the right to a telephone
conversation, in the privacy of one’s home or office without interference, is
increasingly susceptible to abuse.
Page | 7
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
There is no comprehensive legislation on privacy in our country. As such it has been
left to the Judiciary to interpret privacy within existing legislations. On April 11, 2011,
India’s Ministry of Communications and Information Technology notified the
Information Technology (Reasonable security practices and procedures and
sensitive personal data or information) Rules, 2011 under the Information
Technology Act, 2000. India now has a privacy law, brought into force with
immediate effect with wide ramifications on the way companies will do business in
India.
The firm is competent to deal with cases involving invasion of privacy even in the
absence of a suitable law governing this issue.

The firm puts all its experience into use in handling cases arising out of:

 Insecure electronic transmissions

 Data trails and logs of email messages

 Online transactions

 Tracking of web pages visited

 Phone tapping

 Spamming

 Unauthorized Access

 Identity theft

In this information technology era a special attention must be paid to the privacy
rights in India in the information age. We believe that data protection requirements
are essential part of civil liberties protection in cyberspace. With the growing use of
information and communication technology (ICT), data protection requirement has
become very important. It would not be wrong to assume privacy and data protection
rights as integral part of human rights protection in cyberspace.

Page | 8
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
However, despite the importance of these fields, till now we lack legal frameworks in
the fields of data security, data protection and privacy protection. We urgently need
to formulate data protection law in India and privacy laws in India.

It is safe to assume that the privacy of individuals is certainly a concern of the law.
Taking this as a given, we can go on to examine what the legal and policy response
is and what it ought to be. Fundamentally, there are various approaches that may be
taken:

 Legislation

 Self-Regulation

 Reliance on Trustworthy Third Parties who will set and enforce

standards

Most legal systems will be a mixture of these approaches, something that can easily
be seen in the US.

THE U.S POSITION

The Federal Trade Commission (FTC) has made a key role in the development of
the response of the US Federal Legal system to the issue of information and data. In
1998, it brought out a report called Privacy Online, which was a report to the
Congress which was the result of a three year privacy initiative. The report
recognised of four core principles:

1. Notice Principle: Consumers must be given notice of an entities

information practices.

2. Choice Principle: They must have a choice with respect to use and
discrimination of information.

3. Access Principle: Data provider should have access to current data.

4. Security Principle: Consumers must have sufficient security from the

data collector.

Page | 9
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
DATA PROTECTION IN UK

The Data Protection Act, 1998 came into force recently, on the 1st of March, 2000. It
lays down rules for processing personal information and applies to paper records as
well as those held on computers. The Rules provide that anyone processing
personal data must comply with the eight enforceable principles of good practice.
That data must be:

 Fairly & lawfully processed

 Processed for limited purposes

 Adequate, relevant & not excessive

 Accurate

 Not kept longer than necessary

 Processed in accordance with the data subject’s rights

 Secure

 Not transferred to countries without adequate protection

PRIVACY UNDER INDIAN IT ACT, 2000 [section 72]

This provision deals only with information collected by a person who secures the
information in pursuance of powers that he/she exercises under the act. When it
comes to protection, TRUST is an independent NPO and it was the first online
privacy SEAL programme. It provides a monitoring and oversight programme and
even a complaint procedure. It includes third party monitoring and periodic reviews of
licenses to ensure compliens with programme requirement. TRUST examines and
monitors changes in licenses privacy statement and tracks unique identifiers in their
database to determine whether consumers requests to remove themselves from the
database.

Licensee must respond to all the reasonable enquiries within five days. TRUST also
plays a part in resolving consumer complaints. It also provides for public reporting of
complains and inappropriate circumstances it will refer the cases to the commission.

Page | 10
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
In case of breach, imprisonment for a term is sentenced which may extend to 2yrs
and there is also a provision of fine up to Rs. 100,000.

Page | 11
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
CONCLUSION

True, the right to privacy is recognised as inherent in the right to life with dignity in
Article 21 and the right to freedom of speech and expression in Article 19. Neither of
these can and should e allowed to stand as an impediment in curbing activities
prejudicial to national security and interests. Not surprisingly, both these rights
contain express conditions when they may be deprived. At the same time, he
balance cannot be allowed to tilt completely to one side, so as to negate the basic
liberties, even when not absolutely essential. The only way out is a compromise
between the two extremes. The Supreme Court of India must expand privacy rights
in India as that is the need of hour. However, in the ultimate analysis, it is the
constitutional duty of Indian Parliament to do the needful in this direction. Indian
Parliament must enact sound and effective privacy and data protection laws for India
as soon as possible.

Page | 12
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR
BIBLIOGRAPHY

 Law Relating to Computers, Internet & E-commerce by Nandan Kamath

 Referred to Notes given teacher

 http://perry4law.org/cecsrdi/?topic=privacy-rights-and-laws-in-india

Page | 13
S.S. JAIN SUBODH LAW COLLEGE, JAIPUR