The SC judgment, while recognizing privacy as a fundamental right, also observed “the need to examine and put into place a robust regime for data protection”
As people, Indians have traditionally placed much lesser value on privacy as compared to security. And hence Indian CISOs have really been less concerned about privacy, compared to their counterparts in the West.
However, that will change soon. While legislation to provide safeguard for protecting an individual’s data has been a long standing demand for rights groups—and the government had already taken some first steps—the Supreme Court judgment recognizing privacy as a fundamental right will accelerate a move towards a data protection regime.
While delivering the historic judgment, the judges have explicitly recognized the need for a legislation protecting individual data.
“Informational privacy is a facet of the right to privacy. The dangers to privacy in an age of information can originate not only from the state but from non-state actors as well. We commend to the Union Government the need to examine and put into place a robust regime for data protection. The creation of such a regime requires a careful and sensitive balance between individual interests and legitimate concerns of the state,” Justice DY Chandrachud noted in his judgment on behalf of himself and three more judges, including the CJI. Justice Sanjay K Kaul too strongly endorsed it in his judgment.
“We are in an information age. With the growth and development of technology, more information is now easily available. The information explosion has manifold advantages but also some disadvantages. The access to information, which an individual may not want to give, needs the protection of privacy,” Justice Kaul noted.
The SC judgment is surely going to accelerate the move towards a privacy legislation. The government has already form a committee to look at the issues and draft a bill. A private member bill called Data (Privacy and Protection) Bill has also been introduced by Biju Janata Dal MP Baijayant Panda in the Parliament.
It is a matter of time before privacy legislation is enacted. The CISOs, who already see compliance taking most of their time in next few months, will now have one more very important and diverse item added to their agenda.
In the next few days, we will discuss the issues concerning that a legislation on data privacy should address, largely from the perspective of CISOs.