New Delhi: Amid growing concerns over the potential misuse of personal data, the government is moving to enact India’s first law to safeguard privacy, a move aimed at least partly at deflecting worries over the immense amount of data it proposes to collect about its citizens.
The United Progressive Alliance government has set up a panel of senior officials of the rank of secretary to prepare a blueprint laying down the ground rules for privacy and data protection and fixing the criminal liability of offenders.
Once in place, the law will effectively recognize the right to privacy of an individual as a fundamental right. It will contain specific rules that will address any breach of a citizen’s right to privacy and include safeguards against potential violations of the law even by the government.
“The talks on having a privacy Bill have been going on for a long time. But this is the first time the government has set up such a committee. The decision was taken two weeks ago,” said a senior home ministry official, who didn’t want to be named.
According to the official, the government has decided to move on the privacy law in the immediate context of Aadhaar, the project to provide unique identity cards to residents of the country, and the National Intelligence Grid (Natgrid), which will assist investigators in obtaining information tracked by 11 law enforcement and intelligence agencies. The agencies will have access to details of phone calls, credit card transactions, visa and immigration records, property records and driving licences of all citizens.
The initiative to put a law in place follows concerns flagged by civil rights activists about Aadhaar, a project headed by Infosys Technologies Ltd co-founder Nandan Nilekani, and Natgrid, on grounds that individual privacy could be compromised.
“With an increasing amount of sensitive citizen information being stored in the electronic form both in the government and the private sector, there has to be a proper policy framework around privacy,” said another senior government official, who also did not want to be named.
Existing laws are designed to protect data against theft as opposed to safeguarding an individual’s privacy.
“You have to legally deal with not only the privacy of individuals but also data privacy. In addition, you will need to have stringent provisions pertaining to protection of such private confidential data,” said Pavan Duggal, a Supreme Court lawyer.
The Information Technology Act deals with the security of electronic records, e-commerce transactions and Web content. The Act does not refer to individual privacy.
“There’s a need to have a point of view on privacy. Though the IT Act and other regulations deal with the security of information, there’s a need for a legislation to decide what is private and what is not,” said a panel member, who didn’t want to be named.
Shantanu Consul, secretary (personnel) in the department of personnel and training, will head the committee. Home secretary G.K. Pillai, finance secretary Ashok Chawla and secretary in the department of information technology, R. Chandrashekhar, will also be on the panel.
“The first step is to step back and look at an overarching framework, which can be domain-specific and can fill all the gaps in all existing legislation,” the government official quoted in the first instance said. “It also has to make sure that it doesn’t override the current regulations and has to coexist with them.”
Manish Ranjan contributed to this story.