Amid right to privacy debate, new data protection law on the anvil, says govt

Published: Wed, Aug 02 2017

IT ministry appoints panel to draft data protection law even as Supreme Court hears case on whether right to privacy is a fundamental right

Even as the Supreme Court’s Constitution bench hears key arguments on whether the right to privacy is a fundamental right, the ministry of electronics and information technology (MeitY) has appointed an expert group headed by former Supreme Court judge B.N. Srikrishna to draft a data protection legislation.

Data protection and privacy are related issues and the case being heard by the Supreme Court has significantly dwelt on the former. The case was prompted by several other cases on the universality, applicability and legality of Aadhaar, the unique ID number issued by the Unique Identification Authority of India (UIDAI).

The number has become the linchpin of several government programmes and is also being widely used to identify individuals. The government also sees it becoming the back-bone of electronic transactions.

The key challenge against it in the court, leading up to the current hearing by the Constitution bench, concerns the absence of privacy and data protection laws.

The ministry’s appointment of the 10-member committee headed by a former judge is clearly aimed at addressing this gap; the official memo was issued on 31 July.

The members of the committee include department of telecommunications secretary Aruna Sundararajan, UIDAI chief Ajay Bhushan Pandey, national cybersecurity coordinator Gulshan Rai, who is part of the Prime Minister’s Office, Indian Institute of Technology Bhilai director Rajat Moona, Indian Institute of Management Indore director Rishikesha Krishnan and Vidhi Centre for Legal Policy’s Arghya Sengupta.

The decision was communicated by UIDAI to the Supreme Court on Tuesday.

“This move by the government seems to be a bid to shift focus from the larger ongoing issue of the right to privacy towards data protection in the country. The data protection laws as of today mainly focus on corporate structures and don’t have much to do when it comes to applicability to government entities,” said a security expert who did not want to be named.

The same person argued that the composition of the committee is such that it is likely to defend Aadhaar and its security framework rather than change and challenge it.

So far, more than 1.16 billion Aadhaar cards have been generated.

MeitY, in consultation with other members, will have to collect information and provide it to the expert committee within eight weeks.

A nine-judge Constitution bench headed by the Chief Justice was set up on 18 July to rule on the question of whether the right to privacy constituted a fundamental right.

The limited question had cropped up in the context of legal challenges to the 12-digit identification number, which has now become the bedrock of government welfare programmes, the tax administration network and online financial transactions.

Tushar Mehta, additional solicitor general, appearing for UIDAI, told the court that the right to privacy was a valuable common right that was duly protected under statutes and did not need to be elevated to the status of a fundamental right.

“It is a right that cannot be defined and is too subjective. What may be the notion of privacy for one person may differ from that of another,” Mehta said.

On this, justice D.Y Chandrachud asked what would happen if tomorrow Parliament decided that Aadhaar was not needed. “Then do we go back to pre-2016 situation?” he asked.

In his intervention, justice Rohinton F. Nariman, cited the possibility of the court recognizing the right to privacy as a fundamental right and balancing it against the interests of Aadhaar.

Once the privacy question is settled by the nine-judge Constitution bench, the remaining issues related to Aadhaar will be heard by a smaller bench.