Abstract

This research paper examines the role of Corporate Social Responsibility Policies in promoting data privacy for its customers in the wake of digitalization of the economies. By analyzing the existing data protection laws and its compliance by the companies, especially in the Indian context it seeks to argue that the fundamental right of privacy is not protected completely and is still under threat due to various reasons such as data loss or data breaches, etc. CSR Policy, aimed at protecting data privacy, by companies which deal with data, especially in AI and IoT, will prove to be more effective in protecting privacy and seeks to further argue that it should be made obligatory for the companies which deal with data to include data privacy as part of the CSR Policy given the amount of power that they are endowed with. This research seeks to examine how the gap, which is created when, on the one hand, customers cannot enforce their fundamental right to privacy under Art. 32 of the constitution against private entities and on the other hand, the regulations made by the state as legislations are vague, incomplete and mere compliance of the same will not ensure complete transparency with respect to how data is used, is bridged when data privacy is part of the CSR Policy of the company.

Keywords