Data Protection Law In India Is Needed

Every individual loves his or her personal space and in order to enjoy the same he/she must exercise his/her privacy and data protection rights effectively. But what would happen if there are no privacy laws and data protection laws at all to protect such rights? This not only is scary but is also difficult to accept. But in India we have neither dedicated privacy laws nor dedicated data protection laws.

This makes the sensitive information and personal details of Indian citizens “highly vulnerable” to misuse. The Indian government has been promising enactment of privacy laws and data protection laws for long but till now we have none.

This indifference of Indian government towards privacy laws, data security laws and data protection laws is also becoming a headache for government itself. Controversial issues like illegal phone tapping, imposition of Aadhar project, launch of projects like national intelligence grid (Natgrid) and crime and criminal tracking network and systems (CCTNS) without any procedural safeguards, etc requires not only enactment of a dedicated and constitutionally sound privacy law but also putting in place sufficient data protection mechanisms.

India’s intention to use cloud computing and m-governance has further complicated the issue. With the proposed use of cloud computing, software as a service (SaaS) and m-governance by Indian government, more “privacy violations”, “cyber security” and many more “regulatory issues” would arise in future believes techno legal experts of India. These “initiatives” cannot succeed in India in the absence of adequate and strong laws in this regard.

With the proposed draft electronic services delivery bill 2011 (EDS Bill 2011) things would even become more complicated. When most of the public services would be delivered through mandatory e-governance model, a very strong data protection regime and privacy protection regulatory framework would be required.

Now government of India has once more declared that it is going to enact a privacy law for India. However, this seems to be another declaration alone as there is no sign of any Bill in this regard that can be analysed by public at large. In the absence of privacy Bill this statement of India government has no significance.

Further, even if, by some miracle, privacy law is introduced it is doubtful whether it would cater the privacy issues of information age. Only time would tell how much serious is Indian government regarding privacy rights of Indians.