DR.

RAM MANOHAR LOHIYA NATIONAL LAW UNIVERSITY, LUCKNOW

Protecting Privacy in Digital Age: Indian Laws vis-à-vis International Legal Framework

2 0 1 6 - 1 7

S U B M I T T E D T O :
M r . A m a n d e e p S i n g h
A s s t . P r o f . ( L a w )
D r . R M L N L U , L u c k n o w

S U B M I T T E D B Y :
S A U R A B H Y A D A V
R o l l N o . 1 1 3
1 0 t h S e m e s t e r
C o n t e n t s
ACKNOWLEDGEMENT3
AIM AND OBJECTIVE3
RESEARCH METHODOLOGY4
UTILITY OF RESEARCH4
INTRODUCTION4
THE CONCEPT OF PRIVACY6
DIFFERENT CATEGORIES OF PRIVATE INFORMATION6
IS THERE A FUNDAMENTAL RIGHT TO PRIVACY IN THE DIGITAL AGE?7
INTERNATIONAL LEGAL FRAMEWORK9
REPORT OF THE HIGH COMMISSIONER10
SPECIAL RAPPORTEUR ON THE RIGHT TO PRIVACY11
DOMESTIC LAWS12
Recent developments which are in pipeline15
CONCLUSION15
BIBLIOGRAPHY18
Books18
Articles and Reports (Available online in PDF)18
Online blogs/News18
A C K N O W L E D G E M E N T

I express my gratitude and sincere thanks to Mr. Amandeep Singh, my mentor, for giving me an opportunity to research on this topic and his support throughout the making of this project. He has provided valuable guidance as and when required without which this project would not have been in this shape.

I would like to thank Dr. Ram Manohar Lohiya National Law University for giving me this opportunity to work on this project. I also want to thank Dr. Madhu Limaye Library and librarian staff for their valuable support while using database and books.

Lastly, I thank my friends for their support, for their help in collecting the material and for critically going through the project and correcting the mistakes.

S a u r a b h Y a d a v

A I M A N D O B J E C T I V E

This piece of work endeavors to explore the concept of Privacy under International Human
Rights framework and in India. Further it makes acquainted with the International Legal
framework to protect this valuable human right and the domestic laws available for the same. As
the technology is on advancement with time and so the laws require the same, this work
endeavors to analyse the laws as whether they are competent to tackle the issues and tries to
come up with some suggestions to strengthen the domestic laws in consonance with the
International Legal framework.

Broad questions to research upon are following:

 Concept of Privacy Rights: whether it is consistent with the international framework?

 What are the potential technology threats?
 Are the existing laws competent to take on the advancement of technology?

RESEARCH METHODOLOGY

The research is comprised of library based descriptive research.

UTILITY OF RESEARCH

The research would be of great use to understand the concept of privacy and its expectation in
the era of technology advancement. It is always valuable for students of law to understand the
emerging concepts and this research work; it would open the minds of the scholors to discuss the
issues which resultantly would come up with valuable suggestions for our legislatures. As the
work also explains the existing legal framework, it would help the advocates to understand the
laws on the point.

INTRODUCTION

We live in a world today where technical advancement is so rapid so as to understand the day-to-
day development is like impossible. A virtual world has been created by the technology and
extensive flow of information in that virtual world has become neutral and unquestioned feature
of modern life. Rapidly growing online services- everything from social media to ecommerce
and virtual collaboration have come to define our life in ways unimaginable a decade ago. But at
the core of all this advancement, it remains a concern to regulate the development in a way so
become favorable for human being but not injurious for their life. Although conceptually Law
and Science are for most obvious reasons different from each other but the core objective i.e.
advancement of society keeps them so instinct that they seem symmetrical to each other. As
science/technology develops, the legal framework must keep watch upon the advancements to
take the shape best possible to regulate the technology.

On 28 January 1981, the European Council signed the Convention for the Protection of
Individuals with regard to Automatic Processing of Personal Data, popularly known as
Convention 108. It is the first legally binding international treaty dealing with privacy and data
protection. The day has since been celebrated as Data Protection Day in Europe and as
International Data Privacy Day around the world. In today’s era of digitization, it is imperative
that we understand the concept—and importance—of data privacy.

According to an Internet and Mobile Association of India report, India has around 400 million
Internet users. This number took a decade to reach 100 million from 10 million, three years to
reach 200 million and just another year to reach 300 million. The Internet is essentially a data
ecosystem where every node is engaged in generation, transmission, consumption and storage of
data. The scale of this data ecosystem can be gauged from the fact that by 2019, the gigabyte
equivalent of all movies ever made will cross India’s Internet protocol networks every hour. But
the situation is such that while we are generating such high volumes of data—most of which is of
the “identifier” type that is used to identify a person, a thing or an entity in the ecosystem—we
do not have in place measures that safeguard the privacy of this data, nor regulate data retention
by platforms collecting it. As a result, ordinary citizens are unaware of how their personally
identifiable information is collected, stored, used and shared. Further, as governance-driven
digitization (Aadhaar, digital lockers, direct account transfers) fuels large-scale sensitive data
collection and storage, the Information Technology Act, with its limited scope to penalize
government agencies for breach of data privacy, is the only legal instrument available to citizens
against contravention of their privacy in the data ecosystem. This leaves citizens exposed—as in
2013, when the Maharashtra government simply lost the personal data of 300,000 Aadhaar card
applicants.
THE CONCEPT OF PRIVACY

The concept of the privacy is linked to the idea that a person should be entailed to claim
sovereignty over himself and lead his life with minimum interference from others. It involves
having a private sphere that allows individuals to remain in control of themselves, their persons,
relationships and communication and the ability to control how he is viewed and portrayed by
others. This view of the privacy has been further elaborated by Philosopher Beat Rossler( 2005),
who suggested that “something count as private if one can oneself control the access to this
something”1. Conversely this means the protection against unwanted access of other people.2

Although the concept of privacy been defined since long but still it remains a concern so as to
limit the scope of it. As stated by one scholar, “Privacy is a vague right, and its contours are not
defined. There are 3 aspects: Arbitrary and unlawful surveillance; Bodily information; Personal
information”3.

DIFFERENT CATEGORIES OF PRIVATE INFORMATION

Based on the juridical definition of privacy, two important aspects which are of specific
relevance for the information profession must be emphasized. The first is the fact that privacy as
a concept is closely related to information - in terms of the definition of Neethling (1996, p. 35)
privacy refers to the entirety of facts and information which is applicable to a person in a state of
isolation. The fact that privacy is expressed by means of information, implies that it is possible to
distinguish different categories of privacy namely, private communications, information which
relates to the privacy of a person's body, other personal information, and information with regard
to a person's possessions. Each of these categories will be briefly dealt with.

 Private communications. This category of privacy concerns all forms of personal

communication which a person wishes to keep private. The information exchanged during a

1
Rossler, 2005, p. 8, cited in Googlebooks.
2
Devdatta, NLU, http://www.medianama.com/2015/11/223-fundamental-right-to-privacy-india/
Delhihttps://books.google.co.in/books?id=NqOeBQAAQBAJ&pg=PA37&lpg=PA37&dq=potential+threat+to+priv
acy+in+era+of+technology&source=bl&ots=jyCSta2ymO&sig=2hnhIR0eakrfaoFKKus2Uot-
3Ps&hl=en&sa=X&ved=0ahUKEwiPzNTC0ZfTAhVLM48KHYjiBvsQ6AEILDAD#v=onepage&q=potential%20t
hreat%20to%20privacy%20in%20era%20of%20technology&f=false
3
Devdatta, NLU Delhi
 reference interview between the user and the information professional can be seen as an
example.
 Privacy of the body (Westin, 1967, p. 351). This normally refers to medical information and
enjoys separate legal protection (Neethling, 1991, p. 35-36). According to this legislation a
person has the right to be informed about the nature of an illness as well as the implications
thereof. Such a person further has the right to privacy about the nature of the illness and can
not be forced to make it known to others. The only exception is when the health, and possibly
the lives of others may be endangered by the specific illness - such as the case may be where
a person is HIV positive and the chance exists that other people may contract the virus.3 This
category of information is of specific importance for an information professional working in
a medical library.
 Personal information. Personal information refers to those categories of information which
refer to only that specific person, for example bibliographic (name, address) and financial
information. This type of information is of relevance to all categories of information
professionals.
 Information about one's possessions. This information is closely related to property right.
According to this a person does have control over the information which relates to personal
possessions in certain instances. For example, a person may keep private the information
about the place where a wallet is kept.

IS THERE A FUNDAMENTAL RIGHT TO PRIVACY IN THE DIGITAL AGE?

“Violation of privacy doesn’t mean anything because privacy is not a guaranteed right” – GoI4

This statement was given by the Attorney General of India in the Honb’le Supreme Court before
a three judge bench while responding in the case of challenging Aadhaar5.

There is no fundamental right to privacy, the Government of India represented by attorney

general Mukul Rohatgi repeatedly told the three judge bench of the Supreme Court of India.

4
http://www.medianama.com/2015/08/223-privacy-india-aadhaar/
5
Primarily in the petition Justice K.S. Puttaswamy & Ors. v. UOI &Ors., WP (C) No. 494 of 212, in which a bunch
of petitions were heard challenging Aadhar.
In response to Rohatgi’s statement that the “Violation of privacy doesn’t mean anything because
privacy is not a guaranteed right”, Justice Bobde said that privacy is “a part of liberty. Privacy
telescopes to liberty and the breach of privacy leads to a violation of liberty which is protected
under Article 21 of the Constitution.6”

The government argued that no telescoping of rights is allowed because privacy is not a
fundamental right. The exchange that followed:

Justice Bobde: “Then you don’t agree, fundamentally, that privacy is a part of liberty?”
Rohatgi: That is correct.
Bobde: If privacy was a part of liberty then would you agree that it is a fundamental right?
Rohatgi: Yes.
Bobde: So privacy has no fundamental status?
Rohatgi: Yes.

So the law officer of India denied the preposition that privacy is a part of liberty. Although
Justice Bobde observed that Right to Privacy is enshrined under the Fundamental Right to
liberty, but the outcome as interim order suggests that Judiciary itself is confused and hesitating
to accommodate the Right to Privacy as fundamental right. The matter has been referred to
constitutional bench and we have to wait for the final outcome.

Further the debate among the scholors over the issue can be seen as a paradigm shift as how it
has been treated for past days a decade way back, we can’t imagine the situation in the coming
generations and it would not be a surprise if it becomes unquestionable to protect this valuable
right with the advancement of technology.

Today with the advent of internet, social media and mobile gazettes, whatever we do and
wherever we are, remains in public domain. We can’t expect that much privacy as we could have
a decade ago. Internet follows you as we enjoy the virtual world created by the technology
advancement. To this Founder of Facebook Zuckerberg takes,"You have one identity. The days
of you having a different image for your work friends or co-workers and for the other people you
know are probably coming to an end pretty quickly … Having two identities for yourself is
6
Supra Note 3.
anexample of a lack of integrity," he was quoted as saying in David Kirkpatrick's book, The
Facebook Effect.7

The cases like one of Whatsapp case8 in which High Court of Delhi refused to interfere in the
privacy policy regarding the sharing of limited data with its parent company Facebook, make it
clear that the expectation of privacy in this era as it used to be could not be fostered.

Government unregulated policies like Aadhar,National Intelligence Grid (NATGRID), Crime

and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre
(NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and
Monitoring (CCSRM), Internet Spy System Network And Traffic Analysis System (NETRA) of
India, in itself are sign of a potential threat to the privacy rights.

INTERNATIONAL LEGAL FRAMEWORK

In December 2013, the United Nations General Assembly adopted resolution 68/1679, which
expressed deep concern at the negative impact that surveillance and interception of
communications may have on human rights. The General Assembly affirmed that the rights held
by people offline must also be protected online, and it called upon all States to respect and
protect the right to privacy in digital communication. The General Assembly called on all States
to review their procedures, practices and legislation related to communications surveillance,
interception and collection of personal data and emphasized the need for States to ensure the full
and effective implementation of their obligations under international human rights law.

As General Assembly resolution 68/167 recalled, international human rights law provides the
universal framework against which any interference in individual privacy rights must be
assessed. The International Covenant on Civil and Political Rights10, to date ratified by 167
States, provides, “no one shall be subjected to arbitrary or unlawful interference with his or her

7
https://www.theguardian.com/technology/2010/aug/21/facebook-places-google
8
The case is pending in Hon’ble Supreme Court to be heard by five Judge Bench.
9
Resolution adopted by the General Assembly on 18 Dec. 2013 on the Report of Third Committee
(A/68/456/Add.2), The Right to Privacy in Digital Age.
10
A multilateral treaty adopted by the General Assembly on 19 Dec. 1966. It considered and reaffirmed the
principles proclaimed in the Charter of United Nations i.e. recognition of inherent dignity and equal and inalienable
rights of all members of the Human Family is the foundation of freedom, justice and peace in the world.
privacy, family, home or correspondence, and not to unlawful attacks on his/her honour and
reputation11”. It further states that “Everyone has the right to the protection of the law against
such interference or attacks.12”

Other international human rights instruments contain similar provisions. While the right to
privacy under international human rights law is not absolute, any instance of interference must
be subject to a careful and critical assessment of its necessity, legitimacy and proportionality.

The said resolution calls uponall States13:

(a) To respect and protect the right to privacy, including in the context ofdigital communication;

(b) To take measures to put an end to violations of those rights and to createthe conditions to
prevent such violations, including by ensuring that relevantnational legislation complies with
their obligations under international human rightslaw;

(c) To review their procedures, practices and legislation regarding thesurveillance of

communications, their interception and the collection of personaldata, including mass
surveillance, interception and collection, with a view toupholding the right to privacy by
ensuring the full and effective implementation ofall their obligations under international human
rights law;

(d) To establish or maintain existing independent, effective domestic oversight mechanisms

capable of ensuring transparency, as appropriate, and accountability for State surveillance of
communications, their interception and the collection of personal data.

REPORT OF THE HIGH COMMISSIONER

Through the adoption of resolution 68/167, the General Assembly requested that the High
Commissioner for Human Rights prepare a report on the right to privacy in the digital age. In the
words of the resolution, the report was to examine:

11
Art 17, International Covenant on Civil and Political Rights, 1966.
12
Ibid.
13
Supra note 1at point no. 4.
“The protection and promotion of the right to privacy in the context of domestic and
extraterritorial surveillance and/or interception of digital communications and collection of
personal data, including on a mass scale, to the Human Rights Council at its twenty-seventh
session and to the GeneralAssembly at its sixty-ninth session, with views and recommendations,
to beconsidered by Member States.14”

The report was presented to the Human Rights Council at its twenty-seventh session15and to the
General Assembly at its sixty-ninth session.

OHCHR encouraged all interested parties to share information and perspectives on the issues
raised in resolution 68/167.16

In its decision 25/117, adopted in March 2014, the Human Rights Council decided to convene at
its twenty-seventh session a panel discussion on the promotion and protection of the right to
privacy in the digital age. This was in the context of domestic and extraterritorial surveillance
and the interception of digital communications and collection of personal data, including on a
mass scale, with a view to identifying challenges and best practices.

The Human Rights Council requested that the High Commissioner organize the panel discussion
in consultation with States, relevant United Nations bodies, civil society, non-governmental
organizations, the private sector and national human rights institutions. The discussion took place
on 12 September 2014. OHCHR then prepared a summary report on the outcome, which was
submitted to the Human Rights Council at its twenty eighth session.

SPECIAL RAPPORTEUR ON THE RIGHT TO PRIVACY

The General Assembly adopted resolution 69/166 at its sixty-ninth session, noting with interest
OHCHR’s report on the right to privacy in the digital age. Calling upon all States to respect and
protect the right to privacy, the General Assembly encouraged the Human Rights Council to
consider the possibility of establishing a special procedure to further this aim.

14
Ibid at 5.
15
Held on 08-26 Sept. 2014, contained in A/HRC/27/2.
16
See Note Verbale to Member States.
In April 2015, the Human Rights Council adopted resolution 28/16 at its twenty-eighth session,
deciding to appoint for a period of three years a Special Rapporteur on the right to privacy17. The
resolution directed the Special Rapporteur, amongst other responsibilities, to report on alleged
violations of the right to privacy including in connection with the challenges arising from new
technologies. States were called upon to cooperate fully and assist the Special Rapporteur.

A ten point agenda was construed to work upon. It was observed that we should concentrate on
the market providing privacy as the same will flourish with time attracting consumers to play
with technology without compromising their human rights.

DOMESTIC LAWS

Right to Privacy Under Indian Law Right to privacy in India is a peculiar blend of constitutional,
customary and common law right scattered over various legal fields. Privacy is not a static
concept, but a dynamic one. Though, it varies time to time, culture to culture, it is always
inevitable for the civilized society. There is no express provision in the Constitution of India, but
right to privacy has got a secure position under it. Article 21 miraculously has been playing a
major role in the safeguard of privacy as an essential ingredient of personal liberty. Though,
there are several customary and constitutional provisions for right of privacy, without statutory
protection this right cannot be protected in a meaningful way18.

The Constitution of India does not specifically guarantee a right to privacy, however through
various judgments over the years the Courts of the country have interpreted the other rights in the
Constitution to be giving rise to a (limited) right to privacy – primarily through Article 21 – the
right to life and liberty. In 2015, this interpretation was challenged and referred to a larger Bench
of the Supreme Court (the highest Court in the country) in the writ petition Justice K.S

17
In the present report, submitted to the Human Rights Council pursuant to Council resolution 28/16,
the Special Rapporteur on the right to privacy described his vision for the mandate, his working
methods and provides an insight into the state of privacy at the beginning of 2016 and a work plan for
the first three years of the mandate.
18
Deshta Kiran, Right to Privacy under Indian Law, 2012.
Puttaswamy & Another vs. Union of India and Others19, the case is currently pending in the
Supreme Court.

The constitutional right to privacy in India is subject to a number of restrictions. These

restrictions have been culled out through the interpretation of various provisions and judgements
of the Supreme Court of India:
The right to privacy can be restricted by procedure established by law which procedure would
have to be just, fair and reasonable Maneka Gandhi v. Union of India20.
Reasonable restrictions can be imposed on the right to privacy in the interests of the sovereignty
and integrity of India, the security of the State, friendly relations with foreign States, public
order, decency or morality, or in relation to contempt of court, defamation or incitement to an
offence as enshrined under Article 19(2) of our Constitution.

The following observations of Supreme Court of India are worth to mention here:

 The right to privacy can be restricted if there is an important countervailing interest which is
superior21.
 The right to privacy can be restricted if there is a compelling state interest to be served.22
 The protection available under the right to privacy may not be available to a person who
voluntarily thrusts her/himself into controversy23.
 Like most fundamental rights in the Indian Constitution, the right to privacy has been mostly
interpreted as a vertical right applicable only against the State, as defined under Article 12 of
the Constitution, and not against private citizens24.

From the perusal of the observations made in these matters by our Apex Court it is still not
conclusive as whether such right is guaranteed under our constitution or not. But at the same
time we could rush to the International obligation which is consistent in its view that protecting
privacy is one of the paramount functions of the State.

19
WP (CIVIL) NO. 494 of 2012.
20
(1978) 1 SCC 248.
21
Gobind v. State of M.P, AIR 1975 SC 1378.
22
Ibid.
23
R. Rajagopal v. Union of India, AIR 1995 SC 264.
24
Zoroastrian Cooperative Housing Society v District Registrar
In previous section we specifically talked about the protection of privacy in Digital Age and the
International legal framework provided for the same. And further relying upon the Constitution
of India25 we can say that it is to be protected by the State in India itself despite all confusions
pertaining to the position of such right in Indian Legal framework.

India does not have anycomprehensive privacy legislation and limited data protection standards
can be found under Information Technology Act 2000 and the rules made therein. Section 43A26
specifically deals with the leakage of personal data and sets liability of the custodian of the data
in case it goes out.

Fostering International obligations,India has ratified the International Covenant on Civil and
Political Rights (‘ICCPR’). Article 17 of the ICCPR provides that “no one shall be subjected to
arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to
unlawful attacks on his honour and reputation”. The Human Rights Committee has noted that
state partiesto the ICCPR have a positive obligation to “adopt legislative and other measures to
give effect to the prohibition against such interferences and attacks as well as to the protection of
privacy.

25
Art. 51 (3) of Indian Constitution obliges State to foster respect for International Law and Treaty obligations.
26
Sec 43A inserted vide IT Act, 2008.
Recent developments which are in pipeline

Government realized that the need of the hour is a comprehensive legislation that provides for a
right to privacy as a fundamental entitlement to citizens. The groundwork for such legislation has
already been laid in 2012 by a Justice A.P. Shah-headed group of experts constituted by the
Planning Commission27. The commission had proposed a set of national privacy principles that
would place an obligation on data controllers to put in place safeguards and procedures that
would enable and ensure protection of privacy rights. A nine point code was proposed by the
committee which allows individual to have access to the data and sets accountability of the Data
controller28. It proposed to have privacy commissioner at central as well as at state level and
suggested to harmonise the proposed Privacy Act with the RTI Act.

The proposed framework aims at being technology neutral and compliant with international
standards already in place to protect user privacy. It also recognizes the multiple dimensions of
privacy and aims at establishing a national ethos for privacy protection, while remaining flexible
to address emerging concerns. It seeks horizontal applicability with both the public and private
sectors bought under the purview of privacy legislation. An attempt to introduce such legislation
in Parliament failed in 2011 as there could not be a consensus on which government agencies
could seek exclusion from such provisions and collect citizen data without any oversight.

CONCLUSION

Law must follow the technology with the same pace as scientific advancement to regulate the
same for the benefit of human being. Adopting science into law is the basis of a regulated
society. We don’t have any comprehensive legislation on the subject and since the proposal
submitted by A P Shah committee to planning commission; we have not come forward towork
upon the issue, which shows our lethargic attitude and at the same time a negative attitude can be
seen when Government of India argued for no guaranteed privacy right in the Apex Court.

We must understand the potential threats of the technology on personal freedom which is an
inalienable right, and start following the developments in science by enacting competent

27
See http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf
28
Ibid
legislations to protect human rights. One area where the Privacy and Data Protection are
absolutely missing in India pertains to Cyberspace. Privacy Rights in India in the Information
Age are absolutely missing in India. On the contrary there are “Fully Functional E-Surveillance
Projects” that are “Actively Violating Privacy Rights” of Indian citizens.For instance, India has
launched Projects like Aadhar,National Intelligence Grid (NATGRID), Crime and Criminal
Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central
Monitoring System (CMS), Centre for Communication Security Research and Monitoring
(CCSRM), Internet Spy System Network And Traffic Analysis System (NETRA) of India, etc.
None of them are governed by any Legal Framework and none of them are under Parliamentary
Scrutiny.

This position is not only in active violation of protections conferred under the Constitution of
India but they are also violative of the recent United Nations (UN) Draft Resolution on the Right
to Privacy in the Digital Age. Of course, a provision has been suggested in the proposed Privacy
Law of India that Illegal Phone Tapping in India may attract Rs 2 Crore Penalty.

India must not only enact dedicated Privacy and Data Protection Laws but it must also formulate
E-Surveillance Policy of India and Indian Encryption Policy. As on date the Privacy and Data
Protection Aspects in Indian Cyberspace are in really bad shape.

Until such provisions are established by law, it will be necessary to adopt mechanisms that
ensure compliance towards use of privacy enhancing technologies (PET). PETs are essentially
processes and tools that allow end users to safeguard the privacy of their personally identifiable
information that they willingly provide to government agencies and other service providers.
PETs put the end user in control over what information to share, with whom to share and a clear
knowledge of the recipients of this information. The use of data encryption and mandating multi-
factor authentication for access to end user data can be examples of other PETs that can be
implemented by service providers and government agencies alike.

Our government needs to start with aligning our technology laws with the evolving Internet
landscape. User privacy concerns and secure designing should be integrated in the charters of
respective standard-setting organizations. There needs to be active user education that makes
them aware of their choices. Lengthy and complex privacy policies that practically hand over
control of user data to the platforms collecting it need to be replaced with ones that are user
friendly in draft and execution. Policy documents that address these concerns need to be widely
discussed and debated in the public domain. Recently, the Indian government released its draft
Internet of Things Policy and it devotes only one line to the need to have security and privacy
standards. The policy document on Smart Cities is indifferent to these concerns as well.
BIBLIOGRAPHY

Books
 Regulating Internet Abuses: Invasion of Privacy, edit. by Phaedon John Kozyris, Kluwer
Law International, UK
 Right to Priavacy under Indian Law by Kiran Deshta, 2012.

Articles and Reports (Available online in PDF)

 Stakeholders Report, Universal Periodic Review, 27th Session India, The Right to Privacy
in India, submitted by CISI & Privacy International, Oct. 2016.
 Resolution 68/167: The Right to Privacy in Digital Age, General Assembly Resolution,
68th session. (available at : https://ccdcoe.org/sites/default/files/documents/UN-131218-
RightToPrivacy.pdf)
 The law of online Privacy in India by Apar Gupta, The Practical Lawyer. (available at:
http://www.supremecourtcases.com/index2.php?option=com_content&itemid=1&do_pdf
=1&id=20967)
 Technology and the Right to Privacy: The Convergence of Surveillance and Information
Privacy Concerns by Thomas B. Kearns, Vol. 7 Issue 3, William & Mary Bill of Rights
Journal.
 Policy Making, Technology and Privacy in India by Subhajit Basu, Vol.6, The Indian
Journal of Law and Technology, 2010.
 Right to Privacy and Data Protection by Aashit Shah & Nilesh Zacharias, Nishith Desai
Associates.
(available at:
http://www.nishithdesai.com/fileadmin/user_upload/pdfs/Right_to_Privacy_-
_data_protection.pdf)

Online blogs/News

 http://www.iamwire.com/2014/08/indian-laws-privacy-digital-information-users/84277
 http://www.cyberblogindia.in/internet-privacy-india-legal-social-perspective/
 http://cis-india.org/internet-governance/blog/privacy/safeguards-for-electronic-privacy
 https://www.lawctopus.com/academike/position-perspective-privacy-laws-india/
 http://www.indialawjournal.org/archives/volume7/issue-2/article3.html
 http://www.livemint.com/Opinion/ucp5me8oXUafwS1kPZSHNK/Ensuring-privacy-in-a-
digital-age.html
 http://ptlb.in/iips/?p=405
 https://www.manupatra.com
 http://www.medianama.com