Data is something that surrounds everyone around & is generated virtually in everything we perform. We share the data deliberately & when we do something, the data is generated. For example, travelling or ordering a meal or using transportation. There is an uncertainty regarding the data when the data is of significant value & a number of companies are inclined to acquire such approach to the data. Data is the new currency in this newly advanced world. Regardless of all the information known, potentiality of the data is yet not known entirely. New forms of technology are emerging and new application are being developed, it results in enhancing the worth of such information. There are several questions regarding this: Whom does such data belong to? Who should have approach to such data? What must be the restrictions on manipulation of such data? Because of these questions, Jurists all over the world are still striving to understand these traditional notions of the law. Now that the situation is very critical, various governments are demanding & seeking approach to the data from the corporates & citizens. Meanwhile there are questions like about the bounds of privacy of an individual? Could the data be demanded for assisting such primary services, travel or interest of government? Would national security override the present concerns of privacy?
Disputation regarding this is on a new level now.
The Court of Last Resort in India reached the conclusion that ‘right to privacy’ considered as a fundamental right that is guaranteed by Part III of the Indian Constitution on 24th Aug,2017. A decision as such will be widespread, branching out any laws and regulations. The new laws would be tested on the parameters that are equivalent upon the laws which are making an unauthorised copy upon personal liberty and it has been tested under Article 21 of the Indian Constitution. After all this the right to privacy still possesses question in everyone's mind about its limits & contours. India doesn’t have any comprehensive legislation that deals in the protection of data & privacy. The policies & legislation which exist, essentially, are sectoral in its nature. These sectoral legislations are related provisions of such IT Act, 2000 & thus provided rules that regulates gathering process, usage of such private information & sensitive private information or date by the ‘body corporate’ within India. The Government regulates the formulation for some depth legislation which helps govern data privacy & protection. Further efforts are required in that direction which was started by a group formed by experts on the privacy that is led by Justice A.P. Shah who is a preceding judge of the High Court of Delhi, that presented their comprehensive report on October 16, 2012. Then the government appointed one expert commission under the leadership of Justice Srikrishna who was a preceding judge of Last Resort in India, who review issues that concerns the data preservation in India & also regarding particular suggestions that are needful in the best interest of the Central Government on principles that are to be taken account for protection of data in India with a proposition draft a bill for data protection. The commission then submitted their report in mid-2018. Independently, the TRAI also proposed one deliberation paper on the privacy, ownership & security of data within the telecom sector. The report of our Household Finance Committee within RBI had prompted for the ‘rights based’ data protection framework which is against the idea of using consent to be considered as a first mechanism for protection of data to improve outcome of household financial.
There are some of the key legal provisions which focuses and governs privacy protection and personal data provisions Key legislations are under as follows:
Information Technology Act, 2000.
Information Technology (Reasonable Practices & sensitive personal information & procedures) Rules, 2011.
The rules & regulations that governs the following sectors:
• Medical and Healthcare.
The Right to Information Act, 2005.
General Data Protection Regulations-GDPR (EU).