Right to Privacy vs. Technology based Surveillance  {In the wake of COVID-19}

0

This post has been written by Anushree Tadge, a student, ILS Law College, Pune

Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.                                                         –  Bruce Schneier

Rise of Covid-19 cases

With the increasing number of COVID-19 cases all around the globe there has been an increase in the overall surveillance by the states on subjects too. More than 13 lakh people have been infected by the contagious virus. Mass surveillance in these times is essential to protect people in health crisis may it be monitoring quarantine of poeple or tracking travel routes of citizens. As much as necessary this mechanism is, it posses a bigger threat to mankind at large. The freedom of maintaining our private information to ourselves is sacrificed with a great ease in this situation of ‘emergency’, even the Universal Declaration of Human Rights Art.12 explicitly mentions ‘right to privacy’ essential to people. This outbreak is and will continue to demand till its existence an unprecedented amount of surveillance by the State. Since the challenge is curbing the disease, while using technology to an extent that it does not hinder basic freedoms, the question that is disturbing most of the digital law advocates is – till what extent the right to privacy guarantees privacy in situation privacy in situation of emergency, from tracking individuals through geotagging features to using drones to observe mass quarantine in lockdown, how far can a State use surveillance laws to its own whims and fancies.

Developments of Cov-Tech surveillance

Singapore’s contact-tracing app, Chinese ‘Alipay Health Code’, Hongkong’s app ‘StayHomeSafe’ and Poland’s home quarantine app, all these are a very few example of technology based surveillance taking place all around the globe. India too is using this technology, like for example in Kerala, the government uses geotagging features to track people. Karnataka and Telangana have come up with a unique ‘selfie mechanism’ whereby an app is installed in a person’s mobile phone, selfie is requested every half an hour to track people by using geotags on such selfies. BrihanMumbai Corporation in Maharashtra has launched an app for monitoring and telemedicine. The Interactive Video Response System has also gained a lot of popularity in these times. The Indian app Aarogya Setu is used to identify potential risks and other alerts available in 11 different languages. It helps people asses the risk of getting infected. Tamil Nadu is also using ‘face recognition apps’. Now, it needs to be taken into consideration that behind the usefulness of this app in such times of crisis, we give away some really important personal information like retina scans, thermal imaging, geotagged locations, personal data, health data along with telephonic data.

Right to Privacy

Right to Privacy is now a constitution enabled right considered as an intrinsic right under Art.21 and as a part of freedoms guaranteed by Part III. But it was not always so. Over the course of 60 years , two important judgements relevant to this topic created divergent and gave rulings otherwise. The two cases were M P Sharma Vs Satish Chandra, 1954 and Kharak Singh Vs State of Uttar Pradesh, 1962. Both held that Right to Privacy is not provided by Constitution. So by the means of numerous judgements over the year, some courts recognized (limited) right to privacy, while others absolutely did not and this long confusion was finally challenged in the Supreme Court in the writ petition of Justice K S Puttuswamy and Anr. Vs Union of India and other. Even before this, number of judgements laid out the extent to which right to privacy is applicable.

The right to privacy can be restricted by procedure established by law which procedure would have to be just, fair and reasonable (Maneka Gandhi v. Union of India);

  1. Reasonable restrictions can be imposed on the right to privacy in the interests of the sovereignty and integrity of India, the security of the State. (Article 19(2) of the Constitution of India, 1950)
  2. The right to privacy can be barred in situations of important countervailing interest which is high priority.(Gobind v. State of M.P.);
  3. The protection available under the right to privacy may not be available to a person who voluntarily thrusts her/himself into controversy (R. Rajagopal v. Union of India).
  4. Like most fundamental rights in the Indian Constitution, the right to privacy has been mostly interpreted as a vertical right applicable only against the State, as defined under Article 12 of the Constitution, and not against private citizens. (Zoroastrian Cooperative Housing Society v District Registrar) 11. India does not have a comprehensive privacy legislation and limited data protection standards can be found under section 43A and associated Rules in the Information Technology Act, 2000. Now, activities by the State or other authoritarian/ security agencies like surveillance can only be reasonable when they are laid out in regulated legislations.

Surveillance laws in India

  • The India Telegraph Act, 1885 (for interception of calls).

Under this Act, any Authorised official can trace and record calls, during public ‘emergencies’ and in ‘interests of public safety’. In 1996, Supreme Court for the first time laid out guidelines for the regulation of powers under this Act which in turn formed the Rule 419 A in Telegraph Rules, 2007.

  • The Information Technology Act, 2000 (for interception of electronic data).

The Sec 69 of this Act enables officials to intercept, monitor and decrypt data in the interest of sovereignty and integrity of country, defence, security and public order, preventing incitement of offences. Now all these situations dramatically broaden the ‘ambit’ of powers.

  • By Sec. 91 and 92 of the Cr.P.C, police officers and Courts respectively can summon a person to produce ‘any’ document / object essential to the investigation of proceeding.
  • 26 of Indian Post Office Act, 1898 enables Govt. to intercept postal articles.

So, by the face of it, In India, surveillance can be carried out easily without any barrier by law. In 2012, a group of experts were appointed by Planning Commission to identify privacy issues and prepare a paper. The experts mentioned as a part of their review that both The Telegraph Act and Information Technology act had major inconsistencies on the subjects of-

  • Grounds permitted by these Acts,
  • Type of data and what kinf of interception to be procured,
  • Destruction and retention of data guidelines.

As far as protecting personal data is concerned, there is

  • No data protection Agency.
  • No data protecting Act.

Conflict between Right to Privacy and Excessive Surveillance

In 2008, Indian Income Tax Dept. authorized by Ministry of Home Affairs procured telephonic conversations and such data was recorded for the purpose of suspected tax evasion. Some of the recorded tapes found to be leaked. To read more on this please go to

In 2015, Hardik Patel was booked for criminal conspiracy by evidence- tapping of phone calls, he in turn questioned the legality of phone call tapping in the courts.

The largest ID Regime in the world- Aadhar database of 1.3 billion people has also been breached

In 2017, a hacker stole data of 17 million users on the food delivery app, Zomato. So a total data of email addresses and passwords was completely hacked.

And within 2 months post it, Jio’s compromised information on customers had been hacked and even published online.

By all these incidents, one thing can be clearly interpreted that data protection and surveillance laws in India are weak. An even better example is the National Population Register. The National Population Register is authorised to store personal data of citizens like two iris scans, ten fingerprints and a photograph. All this data is digitized and therefore, it would not be wrong to say that there is a possibility that it can be hacked. So, right from our physical attributes to what we tweet/ order everything can be traced and hacked even. How private are our private actions then?

Probable Future

The time we are living in right now, is the most digitized time there has ever been. Especially with the excessive surveillance due to the outbreak, an unprecedented authority of State to monitor actions of people in Metropolitans  to remote villages is possible and sadly these actions come with judicial oversight.

These extreme times may end up in two ways-

  • The country may continue to be a product of the excessive surveillance of state even after the outbreak because the terms ‘emergency’ and ‘for public safety’ cannot be interpreted concisely, they are broad and give State an absolute power. We need to accept that power is corrupt and absolute power corrupts absolutely, in case no barriers are provided. We are already facing situations of mass surveillance and if this is not regulated after the ‘crisis’ it will only worsen.
  • Right now it is a silly choice between rights of few and public health crisis. But after these difficult times, one can definitely hope that citizens will question the legality of all surveillance activities in country and urge to put them under broad legislations.

Finally, the recommendations of Justice A P Shah through planning commission can be put to use. Proportionality, Legality and Necessity in Democratic State are the keywords. These should be kept in mind while putting power to use, these should be regarded as barriers to the unlimited scope of surveillance right now. For  reference- http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf

Conclusion

The state has and shall always have some superior authority when it comes to surveillance. Even so because its responsibility also includes protection of citizens in times and not in times of ‘crisis’. But this scope should have a specific ambit or else it will turn monstrous. The National Privacy Principles by Justice AP Shah Committee should be adhered to while formulating legislations and giving authority. Citizens should be proactive and aware of their rights. A very good example of this is https://www.article19.org/resources/covid-19-states-use-of-digital-surveillance-technologies-to-fight-pandemic-must-respect-human-rights/.

Subscribe to Latest Posts !

Subscribe For Latest Updates

Signup for our newsletter and get notified when we publish new articles for free!