Abstract
The notion of privacy has been a contentious issue since its emergence, sparking intense debate and discussion. A landmark judgment by the Supreme Court in Justice K.S. Puttaswamy (Retd)
- Union of India (2017)[1] highlighted the significance of information in the digital age. As Justice D.Y. Chandrachud noted, the omnipresence of data has profound implications for individual autonomy, underscoring the notion that “knowledge is power”.
India’s rapid digitalization has been a significant driver of economic growth, with data emerging as a vital input, comparable to capital and labor, in the digital economy. The government’s increasing demand for access to citizen data has sparked concerns regarding data protection and the potential for misuse.
An examination of the existing Indian legislative framework reveals a lack of robust safeguards against data exploitation. The Sensitive Personal Data (SPD) rules, introduced in 2011, have proven insufficient in regulating the transfer of personal data, leaving individuals vulnerable to data breaches.
Introduction
In response to these concerns, after many iterations the India’s Data Protection law[2] represents a significant step forward in the development of a comprehensive data protection regime. By placing individual consent at the forefront of data sharing, the act seeks to ensure that personal data is utilized in a fair and reasonable manner, while also recognizing the fundamental right to privacy. However, the primary concern at present revolves around the act’s adoption and effective implementation and whether it’s comprehensive and standalone to safeguard the rights of citizens. which will be crucial in determining its efficacy in safeguarding citizen data.
[1] AIR 2017 SC 4161.
[2] The Digital Personal Data Protection Act, 2023