An Analysis of Data Protection and Privacy Laws in India​​

Nivedita Baraily
University of North Bengal, India.

Volume IV, Issue I, 2021

Data Protection and Privacy are two interrelated issues regarding internet governance. Data Protection is a legal instrument to ensure the privacy of citizens. Privacy can be defined as a right to control one’s personal information and data and disseminate the same according to their will and choice. Right to privacy has been recognised as a fundamental right in India with the help of various judicial decisions and a legal right with the help of statutes. It has also been recognised in international instruments such as the Universal Declaration of Human Rights, 1948 and the International Covenant on Civil and Political Rights, 1976 among many other international and regional human rights conventions. The UN Special Rapporteur was appointed in July 2015 for the Right of Privacy in Digital Age which reflects the increasing importance of privacy in global digital policy and the need for recognising and addressing privacy rights issues in both international and national levels. India as of 2020 does not have a dedicated law on data protection and privacy and hasn’t adopted any international instrument on the same. Specific provisions of the Information Technology Act, 2000 (IT Act) can be applied to data protection and privacy, however, they are in no way exhaustive. The Personal Data Protection Bill, 2019 was introduced in the Lok Sabha on December 11, 2019 by the Minister of Electronics and Information Technology, Mr. Ravi Kumar. The Bill not only seeks to ensure protection of personal data but also to establish a Data Protection Authority for the same.

Keywords: Data Protection, Privacy, Information Technology, Personal Data Protection Bill