Right To Privacy

Jun, 28, 2019

Explained: Why govt wants to bank DNA

Context

  • The Union Cabinet cleared the DNA Technology (Use and Application) Regulation Bill once again, paving the way for its reintroduction in Parliament.
  • The Bill had been passed by Lok Sabha in January this year, but could not get the approval of Rajya Sabha before general elections.
  • The fresh clearance by the Cabinet is the third attempt since 2003 by the government to enact a law to regulate the use of DNA technology in the country.
  • The text of the Bill has undergone several changes over the years to address some of the concerns on privacy and the possibility of abuse.

DNA Technology (Use and Application) Regulation Bill

  • The Bill seeks to create a regulatory framework for obtaining, storing and testing of DNA samples of human beings, mainly for the purposes of criminal investigations, and with the objective of establishing the identity of a person.
  • DNA testing is already being used for a variety of purposes, such as criminal investigations, establishment of parentage, and search for missing people.
  • The proposed law seeks to bring in a supervisory structure to oversee these practices, and frame guidelines and rules so that the DNA technology is not misused.
  • To achieve these objectives, the bill proposes to set up two institutional structures — a DNA regulatory board, and a DNA data bank — at the national level.
  • Regional centres of the board as well as the data bank can be set up at the state level as well.

Supervisory structure

  • The DNA regulatory board, which is proposed to be the main regulatory authority, would frame the rules and guidelines for DNA collection, testing and storage.
  • The data bank would be the repository of all DNA samples collected from various people under specified rules.
  • The Bill proposes that testing of DNA samples can be carried out only at laboratories that are authorised to do so by the regulatory board.
  • The bill also specifies the circumstances under which a person can be asked to submit DNA samples, the purposes for which such requests can be made, and the exact procedure for handling, storing and accessing these samples.

DNA Regulatory Board

  • The Regulatory Board will comprise 12 members.
  • Some of them will be experts in the field of biological sciences, whereas the others will be the director-general of the NIA, the directors of the CBI, the heads of the Centre for DNA Fingerprinting and Diagnostics and the Central Forensic Science Laboratory, and a member of the NHRC.
  • The principal responsibility of the Board will be to accredit DNA-testing labs from which data can be collected for the databank and ensure they maintain high quality standards at all times.

Collecting DNA samples

  • DNA samples can be collected from the objects found at the crime scene, or from the body of the accused or volunteer.
  • The samples, collected by an authorised technician or medical practitioner, would have to be sent to an accredited laboratory for tests and analysis.
  • The information generated from these tests would have to be mandatorily shared with the nearest DNA data bank, which in turn, would be required to share it with the national data bank.

DNA data banks

  • Under the provisions, the data banks are required to store the information under one of the five indices — a crime scene index, a suspect or undertrial index, an offenders’ index, a missing persons’ index, and an unknown deceased persons’ index.
  • Although information from DNA can yield a lot of information about the person, the data banks are supposed to store only that information that is necessary to establish the identity of the person.
  • While the information in the crime scene index can be stored permanently, entries in other indices can be removed through processes prescribed.

Removal of information

  • People whose DNA samples have been collected, either from the crime scene, or through voluntary written consent, can also request the removal of their information from the index.
  • DNA samples of people who are not suspects or undertrials cannot be matched with already stored information in the suspects/undertrial index or the offenders’ index.

Using DNA samples

  • According to the provisions of the proposed law, police can ask for DNA samples of the person accused of an offence to facilitate their investigation.
  • But unless the offence is of a very serious nature, punishable by death or by imprisonment for at least seven years, the DNA sample can be obtained only on the written consent of the accused.
  • It can be also be obtained if an authorised magistrate is satisfied that a DNA test is absolutely necessary for investigation of the crime.
  • People who are witness to a crime, or want to locate their missing relatives, or in similar other circumstances, can volunteer to give their DNA samples, again through written consent.

Criticisms  of the bill

I. Over matter of Consent

  • Written consent is required from everyone for their DNA samples to be collected, processed and included in the database except from those who have committed crimes with punishment of 7+ years or death.
  • However, a similarly specific instruction is missing for the collection of DNA samples for civil matters. Such matters include parentage disputes, emigration or immigration and transplantation of human organs.
  • The Bill also doesn’t state that the consent has to be voluntary.

II. Civil Disputes

  • Second, it’s not clear if DNA samples collected to resolve civil disputes will also be stored in the databank (regional or national), although there is no index specific for the same.
  • If they will be stored, then the problem cascades because the Bill also does not provide for information, consent and appeals.
  • If a person’s DNA data has entered the databank, there is no process specified by which they can have it removed.
  • All of these issues together could violate the right to privacy.

III. Authenticity of DNA Labs

  • There’s also the question of whether the DNA labs accredited by the Regulatory Board are allowed to store copies of the samples they analyse.
  • And if so, how the owners of those samples can ensure the data is safe or needs to be removed from their own indices.
  • It’s unclear if the Regulatory Board will oversee other tests performed at the accredited labs.
  • This could become necessary because, unlike one’s biometric data or PAN number, the human genome contains lots of information about every individual.

IV. Overreaching access to identity

  • So a test undertaken to ascertain a person’s identity by analysing her DNA will in the process also reveal a lot of other things about that person, including information about their ancestry, diseases to which they are susceptible, etc. – i.e. information that the individual has a right to keep private.
  • The Bill does not specify which parts of an individual’s DNA can be analysed to ascertain their identity.
  • The more parts are subjected to analysis, the more conclusively a person’s identity can be established.
  • But this can’t be used as a license to parse more than is necessary, because then the DNA lab is also likely to reveal more information than it has the right to seek.

Govt. stance on this

  • The government, on the other hand, has been arguing that since DNA tests are already happening, and frequently used as the most reliable tool to establish identity.
  • It would be better to have regulatory safeguards so that it is carried out only in prescribed manner and by authorised personnel and institutions.
  • The government has also claimed that very limited information is proposed to be stored in the indices — just 17 sets of numbers out of billions that DNA samples can reveal.
Jun, 25, 2019

[op-ed snap] Basic Needs, Basic Rights

CONTEXT

The horrific tragedy in Muzaffarpur, Bihar, where the systemic failure of health care has killed over a hundred children.

Defining rights in a new way

  • First, like the constitutional principle of a basic structure, it is time to articulate an equally robust doctrine of basic rights.
  • Second, these basic rights must be viewed primarily as positive, rights not against interference from the state (negative rights) but to the provision of something by it.
  • Third, just as individuals are punished for legal violations, the government of the day must also be punished for the violation of these basic rights.

Basic RIghts

  •  Basic rights flow from basic needs such as physical security or subsistence.  Their non-fulfilment can cause great harm, even kill.
  • The failure to get an antibiotic if you have a bacterial infection can hurt you very badly.
  •  Needs depend on the way human bodies are constituted. They are a solid necessity; one cannot get on without them.
  • Nor can they be fulfilled by substitutes.
  • For us, nothing can take the place of water, food and air.

Impact of lack of basic needs

  • People suffer if basic needs are met inadequately or with delay. They are then denied a minimally decent life.
  • Elementary justice requires that before anything else, the state does everything at its disposal to satisfy all basic needs of its citizens, particularly of those who cannot fend for themselves.

Basic Rights 

1.Right to physical security –

  • The right to physical security, the first basic right, is socially guaranteed when the state provides its people a well-trained, professional police force.
  • It follows that basic rights are a shield for the defenceless against the most damaging threats to their life which include starvation, pestilence and disease.

2. Economic Security –

  • The second is the right to minimum economic security and subsistence, that includes clean air, uncontaminated water, nutritious food, clothing and shelter.
  • By showing the devastation caused by its absence, the Muzaffarpur tragedy amply proves that the right to primary health care is also an integral part of the right to subsistence.
  • For this, proper budgetary allocation is required that depends in turn on getting one’s political priority and commitment right. When a government fails to provide primary health care to those who can’t afford it, it violates their basic rights.

3. The right to free public expression –

  • The right to free public expression of helplessness and frustration, if deprived of other basic rights.
  • The right to make one’s vulnerability public, be informed about the acts of commission and omission of the government regarding anything that adversely affects the satisfaction of basic needs, to critically examine them and to hold state officials publicly accountable is a basic right on a par with right to physical security and subsistence and inseparably linked to them.

 

Conclusion

  • These three basic rights can be summed up in a single phrase, the right to a minimally decent life.
  • A society may soar, strive for great collective achievement. Anything short of a minimally decent life is simply not acceptable. It is this precisely that horrifies us about the callousness of the Bihar government in Muzaffarpur and governments in India more generally.
  • They routinely abdicate responsibility for the suffering they directly or indirectly cause.
  • This is why we must ask why governments are not immediately and severely penalised when they undermine the exercise of these basic rights.
Apr, 23, 2019

Right to travel abroad is a basic human right: SC

News

  • The right to travel abroad is a genuine and basic human right like marriage and family, the Supreme Court has observed in a recent order.

Right to travel abroad

  • The court was hearing an appeal filed by an IPS officer who was refused permission to take a private trip abroad to visit relatives as he had a departmental enquiry pending against him.
  • The court ruled that the right to travel abroad is an important basic human right for it nourishes independent and self-determining creative character of the individual.
  • The right also extends to private life; marriage, family and friendship are humanities which can be rarely affected through refusal of freedom to go abroad and clearly show that this freedom is a genuine human right.

Referring the 1958 Kent vs Dulles Judgment

  • Setting aside the order, the Supreme Court referred to its Maneka Gandhi judgment upholding the right to travel and the landmark U.S. Supreme Court case of 1958 Kent vs Dulles.
  • The Bench quoted the majority opinion of Justice William O. Douglas in the latter case which said freedom to go abroad has much social value and represents the basic human right of great significance.
  • The court said that this basic human right also extends to private life; marriage, family and friendship.
  • These are part of human nature which can be rarely affected through a refusal of freedom to go abroad.
Jan, 09, 2019

Lok Sabha Passes DNA Technology Bill – All You Need to Know

Note4students

Mains Paper 3: Science & Technology | Developments and their applications and effects in everyday life

From UPSC perspective, the following things are important:

Prelims level:  DNA Technology (Use and Application) Regulation Bill, 2018

Mains level: Understanding the importance of DNA Profiling in curbing crime in India.


News

  • The Bill that provides for regulation of use and application of DNA technology for establishing the identity of certain categories of persons, including offenders, victims, suspects and undertrials, was passed in Lok Sabha.

What it aims to bring?

  1. The use of DNA data is also likely to be useful in quickly identifying missing persons and resolving criminal cases in which repeat offenders might be involved.
  2. This includes offences under the IPC, 1860, as well as offences under other laws such as the Immoral Traffic (Prevention) Act, 1956, the Medical Termination of Pregnancy Act, 1971, the Protection of Civil Rights Act, 1955, and the Motor Vehicles Act, 1988.

DNA Technology (Use and Application) Regulation Bill, 2018 

  1. The primary intended purpose for enactment of the bill is for expanding the application of DNA-based forensic technologies to support and strengthen the justice delivery system of the country.
  2. The utility of DNA based technologies for solving crimes, and to identify missing persons, is well recognized across the world.
  3. Other aims include Speedier justice delivery and Increased conviction rate.
  4. Bill’s provisions will enable the cross-matching between persons reported missing and unidentified dead bodies found in various parts of the country, and also for establishing the identity of victims in mass disasters.
  5. By providing for the mandatory accreditation and regulation of DNA laboratories, the Bill seeks to ensure the data remain protected from misuse or abuse in terms of the privacy rights of our citizens.
  6. The Bill has two major components : the DNA databanks and the DNA Regulatory Board.

DNA databanks

  1. There will be two kinds of databanks: a national one and multiple regional ones.
  2. Every databank will maintain DNA data in one of the following categories: the crime scene index, the suspects’ or undertrials’ index, the offenders’ index, the missing persons’ index and an ‘unknown’ deceased persons’ index.

DNA Regulatory Board

  1. The Regulatory Board will comprise 12 members.
  2. Some of them will be experts in the field of biological sciences, whereas the others will be the director-general of the NIA, the directors of the CBI, the heads of the Centre for DNA Fingerprinting and Diagnostics and the Central Forensic Science Laboratory, and a member of the NHRC.
  3. The principal responsibility of the Board will be to accredit DNA-testing labs from which data can be collected for the databank and ensure they maintain high quality standards at all times.
  4. But in light of recent privacy and surveillance issues, the Board’s responsibility towards ensuring the DNA data is stored securely, used properly and only for identification purposes will also be under close watch.

Criticisms

Matter of Consent

  1. Written consent is required from everyone for their DNA samples to be collected, processed and included in the database except from those who have committed crimes with punishment of 7+ years or death.
  2. However, a similarly specific instruction is missing for the collection of DNA samples for civil matters. Such matters include parentage disputes, emigration or immigration and transplantation of human organs.
  3. The Bill also doesn’t state that the consent has to be voluntary.

Civil Disputes

  1. Second, it’s not clear if DNA samples collected to resolve civil disputes will also be stored in the databank (regional or national), although there is no index specific for the same.
  2. If they will be stored, then the problem cascades because the Bill also does not provide for information, consent and appeals.
  3. If a person’s DNA data has entered the databank, there is no process specified by which they can have it removed.
  4. All of these issues together could violate the right to privacy.

Authenticity of DNA Labs

  1. Third, there’s also the question of whether the DNA labs accredited by the Regulatory Board are allowed to store copies of the samples they analyse.
  2. And if so, how the owners of those samples can ensure the data is safe or needs to be removed from their own indices.
  3. It’s unclear if the Regulatory Board will oversee other tests performed at the accredited labs.
  4. This could become necessary because, unlike one’s biometric data or PAN number, the human genome contains lots of information about every individual.

Overreaching access to identity

  1. So a test undertaken to ascertain a person’s identity by analysing her DNA will in the process also reveal a lot of other things about that person, including information about their ancestry, diseases to which they are susceptible, etc. – i.e. information that the individual has a right to keep private.
  2. The Bill does not specify which parts of an individual’s DNA can be analysed to ascertain their identity.
  3. The more parts are subjected to analysis, the more conclusively a person’s identity can be established.
  4. But this can’t be used as a license to parse more than is necessary, because then the DNA lab is also likely to reveal more information than it has the right to seek.
Dec, 26, 2018

[op-ed snap] On a shaky foundation

Note4students

Mains Paper 2: Governance | Important aspects of governance, transparency & accountability

From the UPSC perspective, the following things are important:

Prelims level: IT Act provisions

Mains level: Section 69 of the IT Act and how it affects individual freedom


Context

Misusing Section 69 of IT Act

  1. The Union Home Secretary has promulgated an order authorising 10 Central agencies to monitor, intercept and decrypt information which is transmitted, generated, stored in or received by any computer
  2. Under the order, an individual who fails to assist these government agencies with technical assistance or extend all facilities can face up to seven years of imprisonment or be liable to be fined
  3. The notification was reportedly issued in pursuance of powers stipulated in Section 69 of the Information Technology Act, 2000, which enables government agencies to intercept personal information of citizens under certain conditions

Section 69 is now invalid

  1. Section 69 of the IT Act after K.S. Puttaswamy v. Union of India — ‘the right to privacy case’, in 2017 — seems to fail the litmus test of constitutionality
  2. The nine-judge bench in K.S. Puttaswamy declared that there is a fundamental right to privacy flowing from inter alia Articles 19 and 21 of the Constitution
  3. In order for a restriction such as Section 69 allowing for interception of personal data on a computer to be constitutionally valid, it would not only have to pursue a legitimate state aim (say, for instance, national security) but also be proportionate, so that there is a rational nexus between the means adopted (i.e., authorisation of interception) and the aim

Problems with Section 69

  1. Section 69 of the IT Act is so broadly worded that it could enable mass surveillance to achieve relatively far less serious aims such as preventing the incitement of the commission of a cognisable offence
  2. Such surveillance could be justified to achieve relatively far less serious objectives such as a Facebook post expressing dissent against government policy which, in the state’s opinion, is offensive
  3. The state, through the powers under Section 69, can therefore justify authorising surveillance, purporting this to be a grave concern

Right to free speech under danger

  1. Under Section 69, the government can intercept personal information under any of the following conditions: when it is necessary in the interest of Indian sovereignty or integrity; security of the state; friendly relations with foreign states; public order; and for preventing incitement to the commission of any cognisable offence related to these
  2. While the first four feature in Article 19(2) of the Constitution, the last, namely preventing incitement to commission of cognisable offences, is not an enumerated restriction
  3. A restriction in the form of authorised surveillance would not be justified unless it is in order to maintain public order, a reasonable restriction under Article 19(2)
  4. While public order is characterised by public peace and tranquillity, law and order requires preventing the incitement of an offence
  5. Section 69 allows mass surveillance even when only law and order is affected while public order prevails: merely for precluding the incitement of the commission of an offence
  6. Such a broadly worded provision can have potential ramifications on free speech
  7. This is because a constant sense of being watched can create a chilling effect on online communication, crippling dissent

Against natural justice

  1. Section 69 also falls short of meeting with the principles of natural justice by failing to accommodate pre-decisional hearings
  2. The Section only makes post-decisional hearings before a review committee possible as a part of its procedure, compelling people to give up their personal information without being given an opportunity to be heard

Way forward

  1. Surveillance does not show direct discernible harms as such but rather imposes an oppressive psychological conformism that threatens the very existence of individual freedom
  2. Section 69 of the IT Act allows for disproportionate state action, and is antithetical to the right to privacy
Dec, 25, 2018

[op-ed snap] The case against surveillance

Note4students

Mains Paper 2: Governance | Important aspects of governance, transparency & accountability

From the UPSC perspective, the following things are important:

Prelims level: Not much

Mains level: India’s march towards a surveillance state and preventing such moves via the right to privacy


Context

Extended surveillance of citizens

  1. A Ministry of Home Affairs (MHA) notification authorising 10 Central agencies to intercept, monitor, and decrypt online communications and data has caused a furore in both Parliament and the wider civil society
  2. The notification was described as an incremental step towards a surveillance state
  3. The government’s defence was equally swift: it protested that the notification created no new powers of surveillance. It was only issued under the 2009 Information Technology Rules, sanctioned by the previous United Progressive Alliance government
  4. The 10 agencies had not been given a blank check; rather, specific surveillance requests, the government contended, still had to be authorised by the MHA in accordance with law

Status of surveillance in India

  1. The existing surveillance framework is complex and confusing
  2. Two statutes control the field: telephone surveillance is sanctioned under the 1885 Telegraph Act (and its rules), while electronic surveillance is authorised under the 2000 Information Technology Act (and its rules)
  3. The procedural structure in both cases is broadly similar, and flows from a 1997 Supreme Court judgment: surveillance requests have to be signed off by an official who is at least at the level of a Joint Secretary

Features of the regime

  • It is bureaucratised
  1. Decisions about surveillance are taken by the executive branch (including the review process), with no parliamentary or judicial supervision
  2. An individual will almost never know that she is being surveilled means that finding out about surveillance, and then challenging it before a court, is a near-impossibility
  •  The surveillance regime is vague and ambiguous
  1. Under Section 69 of the IT Act, the grounds of surveillance have been simply lifted from Article 19(2) of the Constitution, and pasted into the law
  2. They include very wide phrases such as “friendly relations with foreign States” or “sovereignty and integrity of India”
  • The regime is opaque
  1. There is almost no information available about the bases on which surveillance decisions are taken, and how the legal standards are applied
  2. Indeed, the evidence seems to suggest that there are none: a 2014 RTI request revealed that, on an average, 250 surveillance requests are approved every day
  3. It stands to reason that in a situation like this, approval resembles a rubber stamp more than an independent application of mind

The tradeoff between security and privacy

  1. Surveillance is essential to ensure national security and pre-empt terrorist threats, and it is in the very nature of surveillance that it must take place outside the public eye
  2. Consequently, the regime is justified as it strikes a pragmatic balance between the competing values of privacy and security
  3. The staunchest civil rights advocates will not deny that an individual reasonably suspected of planning a terrorist attack should be placed under surveillance

Need for a better process

  1. A heavily bureaucratised and minimally accountable regime of surveillance does nothing to enhance security but does have significant privacy costs
  2. Such a system often has counterproductive effects: a government that is not checked in any meaningful way will tend to go overboard with surveillance and, in the process, gather so much material that actually vital information can get lost in the noise
  3. It is exceedingly important to assess the balance on the basis of constitutional principles and fundamental rights, rather than blindly accepting the government’s rhetoric of national security
  4. After the Supreme Court’s 2017 judgment in K.S. Puttaswamy v. Union of India (‘the right to privacy case’), the constitutional contours within which the questions of ‘how, when, and what kind’ have to be answered have been made clear
  5. Any impingement upon the right to privacy must be proportionate. One of the factors of the proportionality standard is that the government’s action must be the least restrictive method by which a state goal is to be realised
  6. In other words, if the same goal — i.e., protecting national security — can be achieved by a smaller infringement upon fundamental rights, then the government is constitutionally bound to adopt the method that does, indeed, involve minimal infringement

What can be done for improvement?

  1. Given the seriousness of the issue, a surveillance regime cannot have the executive sitting in judgment over the executive: there must be parliamentary oversight over the agencies that conduct surveillance
  2. They cannot simply be authorised to do so through executive notifications
  3. And equally important, all surveillance requests must necessarily go before a judicial authority, which can apply an independent legal mind to the merits of the request, in light of the proportionality standards
  4. Judicial review will not achieve much if the grounds of surveillance remain as broad and vaguely worded as they presently are
  5. Therefore, every surveillance request must mandatorily specify a probable cause for suspicion, and also set out, in reasonably concrete terms, what it is that the proposed target of surveillance is suspected of doing
  6. As a corollary, evidence obtained through unconstitutional surveillance must be statutorily stipulated to be inadmissible in court

Way forward

  1. Across the world, there is an increasingly urgent debate about how to protect basic rights against encroachment by an aggressive and intrusive state, which wields the rhetoric of national security like a sword
  2. The MHA notification lays bare the lopsided character of the surveillance framework in India and highlights an urgent need for comprehensive reform
Dec, 22, 2018

[op-ed snap] Move fast and fix things: on safeguarding users' privacy

Note4students

Mains Paper 2: Governance | Government policies & interventions for development in various sectors & issues arising out of their design & implementation

From the UPSC perspective, the following things are important:

Prelims level: Not much

Mains level: Safegurading citizens data and right to privacy in India


Context

Right to privacy under strain

  1. Movement on a privacy law has become gridlocked in recent months
  2. A draft law to safeguard it is beset with controversy in a closed drafting process without much transparency
  3. It has no clear path to enactment and is not listed for the ongoing winter session of Parliament
  4. On the other hand, the government has prioritised more data collection and privacy-impairing legislation
  5. These include the DNA Technology (Use and Application) Regulation Bill, which is listed for discussion and voting
  6. Another instance is the political firestorm after Ministry of Home Affairs issued a notification authorising digital surveillance by 10 Central government agencies

Involvement of Facebook

  1. Facebook’s motto was to “move fast and break things”
  2. By now we have all heard various variations of it to mock the social networking platform which is identified globally for privacy breaches and misinformation campaigns — even interfering in the election processes of major democracies
  3. The latest in this torrent of disclosures is the investigation by The New York Times documenting a range of private deals struck by Facebook for reciprocal sharing of user data with the knowledge of top management
  4. Some deals permitted access even to private chats

Similar ploy in India

  1. Even prior to the disclosures by Cambridge Analytica, Indian civil society activists had fought against Facebook very publicly on net neutrality
  2. The company had proposed to offer users without Internet on their phones a platform called “Free Basics”, with a bouquet of essential websites
  3. In December 2015 it argued that by facilitating access to websites beyond Facebook, its intent was purely altruistic
  4. This deal was opposed on grounds of net neutrality by those who recognised that Facebook would become a gatekeeper to the Internet
  5. The opposition to “Free Basics” won, with a ban on it being imposed by the telecom regulator
  6. Facebook was not clearly stating how it would use the personal data of users on the Free Basics platform

Shaping political preferences

  1. By March 2018 the Cambridge Analytica exposé gathered steam
  2. Blockbuster reports by The New York Times and The Observer documented the compromising of personal data of Facebook users to micro-target them with subtle forms of political campaigning without their knowledge
  3. This was reportedly aimed at influencing their voting preferences and the outcome of elections

Investigation pending

  1. Concurrently the Parliamentary Standing Committee on IT in April 2018 also started examining this issue
  2. While it did invite public comments, its proceedings have not been disclosed
  3. Subsequently, the matter at the ministerial level was referred to the Central Bureau of Investigation, which launched a preliminary investigation in September 2018
  4. Till date, there is little public information on movement in this investigation

Way forward

  1. Many of these problems go much beyond Facebook, to the entire wave of digitisation from the big building blocks down to a fine grain of Indian society
  2. To properly harness digitisation, we now have the challenge of developing and prioritising institutions of governance to protect users
  3. This must start immediately with a strong, rights-protecting, comprehensive privacy law
  4. At present, despite having the second highest number of Internet users in the world, India has little to show as a country in investigatory outcomes, measured regulatory responses or parliamentary processes which safeguard users
Dec, 06, 2018

[op-ed snap] Short on nuance

Note4students

Mains Paper 2: Governance | Important aspects of governance, transparency & accountability

From the UPSC perspective, the following things are important:

Prelims level: B N Srikrishna committee, Draft data protection bill

Mains level: Concerns about data privacy and the role of government


Context

Draft data protection bill

  1. B N Srikrishna committee’s draft data protection bill is expected to be tabled soon in Parliament after final touches
  2. However, the committee has failed to develop an effective vocabulary to deal with the complex subject
  3. A data protection framework is unlikely to be grounded in reality without first formulating a data usage policy — this has been the discourse’s major lacuna

Inclusive functioning approach 

  1. The committee’s inclusive functioning style and seeking a public opinion at all stages are commendable
  2. Its recommendations pertaining to user-centric design, setting up of an independent data protection authority, regulating the government along with the private sector and a new law for intelligence gathering for national security are steps in the right direction
  3. Also welcome is the suggestion that the Aadhaar Act requires several modifications and provisions for regulatory oversight
  4. So is the recognition the committee has accorded to data portability

Some aberrations

  1. There is a suggestion that the UIDAI be both the data fiduciary and the regulator for Aadhaar
  2. There is also the curious suggestion that even though personal data can be transferred outside India, data fiduciaries will be required to store a local copy. Does this benefit the individual or is it a surveillance requirement of the state?
  3. The concepts of fair and reasonable processing, purpose and collection limitation, notice and consent, data quality and data storage limitation have largely failed to prevent identity thefts, unethical profiling and other privacy violations
  4. Dictums such as “personal data shall be processed in a fair and reasonable manner” are non-specific and they do not adequately define the contours of the required regulatory actions
  5. Ex-post accountability and punitive measures of the kind the committee has recommended may be largely ineffective, as they have been elsewhere
  6. The committee has not explored the ex-ante preventive measures adequately

Areas of omission

  • A data protection framework is incomplete without an investigation of the nuances of digital identity, and guidelines for the various use cases of authentication, authorisation and accounting
  1. It is also incomplete without an analysis of the extent to which personal information needs to be revealed for conducting businesses, and during eKYC processes
  2. In addition, effective protection requires an understanding of the possible pathways of information leaks, comprehending the limits of anonymisation with provable guarantees against re-identification attacks and a knowledge of the various possibilities with virtual identities
  3. Also required is an analysis of the possibilities of privacy preserving tools, techniques and protocols from computer science including hash functions, symmetric and public key cryptography, trust as negotiable protocols, selective disclosures, k\-anonymity, unlinkability and untraceability, one-time anonymous and dynamic credentials, zero-knowledge protocols, and quantifying information leak about individuals using techniques of differential privacy
  • The committee discusses about artificial intelligence and big-data analytics but fails to define clear-cut guidelines for their safe use
  1. But it ends up vaguely suggesting that no processing of personal data should result in taking decisions about a person without consent, but does not provide guidelines about enforcement
  2. Most theories for improving state efficiency in the delivery of welfare and health services using personal data will have to consider improved data processing methods for targeting, epidemiology, econometrics, tax compliance, corruption control, analytics, and topic discovery
  3. This, in turn, will require digitisation, surveillance and processing of large-scale personal transactional data
  4. Acquisition, storage and processing of personal health data will be crucial to such systems
  5. There should be detailed analyses of how such surveillance — targeted towards improving the efficiency of the state’s service delivery — can be achieved without enabling undesirable mass surveillance that may threaten civil liberty and democracy
  6. The committee needs to balance the seemingly conflicting requirements of individual privacy and the benefits of large-scale data processing, and it is not obvious that a trade-off is inevitable
  • A data protection framework is incomplete without defining the requirements and standards of access control, and protection against both external and insider attacks in large data establishments, both technically and legally
  1. The computer science sub-areas of security and automatic verification will certainly have a lot to offer

Way forward

  1. Civil society’s participation in discussions on data protection has been exemplary
  2. The institutions engaged in economics, public policy and computer science have to now wake up and produce comprehensive studies and white papers on all aspects of data usage and data protection for the framework to be successful
Aug, 24, 2018

[op-ed snap] The RBI’s misguided digital protectionism

Note4students

Mains Paper 2: Governance | Government policies & interventions for development in various sectors & issues arising out of their design & implementation

From UPSC perspective, the following things are important:

Prelims level: Not much

Mains level: Recent demands for data localisation & their possible impact


Context

RBI’s measures for data localisation

  1. The Reserve Bank of India’s (RBI’s) proposal that digital payment companies store all user data in India by October is both unnecessary and misguided
  2. If the RBI’s underlying concern relates to ensuring the Indian government’s access to data for regulatory oversight, that’s simply no justification for such a data localization policy

What this essentially means?

  1. If the RBI persists with its proposed requirement that firms store data locally (or even store a copy of the data locally, a concept known as data mirroring), it reveals that concerns about regulatory oversight are simply cover for protectionism

What will these measures lead to?

  1. If the RBI enacts this data localization requirement, it will create a trade barrier and present another issue of contention in its trade relationship with the US, the European Union, and others
  2. Forced data localization discriminates against firms (whether domestic or foreign multinationals) that use foreign data services, as it forces them to use or set up local services when they otherwise would not
  3. This adds a duplicative cost that makes these firms and their services less competitive compared to local firms, which may only use domestic data services
  4. Data localization also stops these firms from exporting data from India, which affects the services these firms are able to provide, such as fraud detection and prevention, and their ability to use data from India to create innovative new service offerings
  5. The spread of such data localization policies would have a large impact on India’s export-focused services sector

Possible remedies

  1. As part of any review, if the RBI reports that it is having issues with payment services firms not providing timely access to data, it should publicize these cases and pursue legal remedies against these firms, whether this involves revoking operating licences or imposing fines
  2. If these remedies have proven insufficient, then this should also be part of any policy revision to ensure firms comply in the future

Alternate measures that can be used

  1. Firms can readily use the convenience of modern information technologies (such as cloud computing) to facilitate such access with the click of a button

Way Forward

  1. The government’s move to embrace digital protectionism as an industrial development strategy is rather short-sighted
  2. The Indian government should instead focus on any underlying policy issues around regulatory access to data and on the broader issues that need to be addressed in order to improve access and use of digital payment services in the country
Aug, 11, 2018

[op-ed snap] Decoding the DNA Bill

Note4students

Mains Paper 2: Governance | Government policies & interventions for development in various sectors & issues arising out of their design & implementation

From UPSC perspective, the following things are important:

Prelims level: DNA Technology (Use and Application) Regulation Bill, 2018

Mains level: Privacy concerns related to DNA profiling and resolving those by improvements in the proposed legislation


Context

DNA profiling bill cleared

  1. The DNA Technology (Use and Application) Regulation Bill, 2018 has been introduced in India’s Parliament
  2. It aims at creating a national DNA database for use by the police in solving crimes and identifying missing persons

Use of DNA samples

  1. Using DNA effectively during criminal investigations requires proper crime scene examination, trained and reliable policing, a trusted chain of custody of samples, reliable analysis, and proper use of expert evidence in court
  2. Without these prerequisites, a DNA database will exacerbate rather than solve problems in the criminal justice system
  3. Many errors occur before samples get to the laboratory
  4. False matches or misinterpretation or planting of evidence, and diverting resources could lead to miscarriages of justice

Privacy protections not given in the bill

  1. An important one is the need to restrict DNA profiling so that it uses only non-coding DNA, a commonly used international standard for one, which prevents the use of parts of the DNA which code for personal characteristics, including medical conditions
  2. Any international sharing of DNA profiles should also be covered by a privacy or data protection law, and meet international human rights standards
  3. It is a best practice to separate the databases for missing persons and for criminals set up by the Bill so that people who volunteer their DNA to help find their missing relatives are not treated as suspects for criminal offences
  4. Provisions allowing the use of these databases for civil cases, for example, to test paternity, should be deleted from the Bill
  5. Volunteers must be fully informed about future storage and uses of their genetic information before they give consent

What more needs to be done?

  1. The requirement for laboratory accreditation in the Bill should include quality assurance for crime scene examination
  2. Consideration should be given to an independent forensic science regulator to ensure oversight of both laboratory quality assurance and crime scene examination
  3. There is also a need for elimination databases for police, crime scene examiners and laboratory workers, whose DNA may contaminate the evidence they touch
  4. Provisions which give the government or the DNA Profiling Board the power to amend aspects of the safeguards in the Bill, and to avoid accountability in court, should be deleted

Way Forward

  1. Important safeguards and a cost-benefit analysis are still lacking for this Bill
  2. The Bill needs further improvement, and full parliamentary scrutiny should be utilised to achieve that end
Aug, 03, 2018

[op-ed snap] Data localisation is not enough

Note4students

Mains Paper 3: Internal Security | Challenges to internal security through communication networks, role of media & social networking sites in internal security challenges

From UPSC perspective, the following things are important:

Prelims level: Draft Personal Data Protection Bill

Mains level: Rising cyber crimes and the role data protection bill would play in reducing them


Context

Data protection bill seeks localisation of data

  1. The Justice Srikrishna Committee in its report accompanying the draft Personal Data Protection Bill notes that eight of the top 10 most accessed websites in India are owned by U.S. entities
  2. This reality has often hindered Indian law enforcement agencies when investigating routine crimes or crimes with a cyber element
  3. Police officials are forced to rely on a long and arduous bilateral process with the U.S. government to obtain electronic evidence from U.S. communication providers
  4. The committee seeks to correct this
  5. The Bill calls for a copy of user data to be mandatorily localised in India

Is data localisation enough?

  1. A fundamental error that the Srikrishna Committee seems to have made is in its belief that the location of data should determine who has access to it
  2. The reason that Indian law enforcement relies on an outdated Mutual Legal Assistance Treaty (MLAT) process to obtain data stored by U.S. companies is because the U.S. law effectively bars these companies from disclosing user data to foreign law enforcement authorities
  3. Technology companies are allowed to share data such as content of an email or message only upon receiving a federal warrant from U.S. authorities
  4. This scenario will not change even after technology companies relocate Indian data to India

Crimes across the globe not covered

  1. The draft bill mandates local storage of data relating to Indian citizens only
  2. Localisation can provide data only for crimes that have been committed in India, where both the perpetrator and victim are situated in India
  3. Prevalent concerns around transnational terrorism, cyber crimes and money laundering will often involve individuals and accounts that are not Indian, and therefore will not be stored in India
  4. For investigations into such crimes, Indian law enforcement will have to continue relying on cooperative models like the MLAT process

Is location sole measure of claiming data rights?

  1. Questions around whether access to data is determined by the location of the user, location of data or the place of incorporation of the service provider have become central considerations for governments seeking to solve the cross-border data sharing conundrum
  2. The Clarifying Lawful Overseas Use of Data (CLOUD) Act, passed by the U.S. Congress earlier this year, seeks to de-monopolise control over data from U.S. authorities
  3. The law will for the first time allow tech companies to share data directly with certain foreign governments
  4. This requires an executive agreement between the U.S. and the foreign country certifying that the state has robust privacy protections and respect for due process and the rule of law
  5. The CLOUD Act creates a potential mechanism through with countries such as India can request data not just for crimes committed within their borders but also for transnational crimes involving their state interests

Way Forward

  1. With the highest number of users of American technology offerings and a high number of user data requests, second only to the U.S., India is a clear contender for a partnership under the CLOUD Act
  2. If India recognises this opportunity and reforms laws around government access to data, both the Indian user and law enforcement will be better served in the long run
Jul, 30, 2018

[op-ed snap] Draft data protection bill recommendations throw up questions of acceptability, feasibility

Note4students

Mains Paper 2: Governance | Government policies & interventions for development in various sectors & issues arising out of their design & implementation

From UPSC perspective, the following things are important:

Prelims level: General Data Protection Regulation

Mains level: Importance of Justice K S Puttaswamy (retd.) and Anr. vs Union Of India And Ors case in upholding the right to privacy in India and its impact on other proposed legislation concerning privacy issues


Context

Draft data privacy law

  1. The Committee of Experts under the chairmanship of Justice B N Srikrishna has submitted its proposed law on data protection
  2. Guided by the principles laid down by the Supreme Court in Justice K S Puttaswamy (retd.) and Anr. vs Union Of India And Ors, the framework seeks to empower individuals to protect their personal data

Data protection is now a global concern

  1. In the past few decades, data protection has emerged as a hotbed of legislative action globally
  2. The European Union has implemented its General Data Protection Regulation recently

Proposed provisions

  1. The crux of the proposed legislation is that the personal data of individuals (data principals) can be processed (i.e. collected, used, stored, disclosed to third parties, etc.) by entities (data fiduciaries) only if the individual has given her free, informed and specific consent
  2. Such consent is capable of being withdrawn
  3. Personal data may also be processed under certain specific circumstances such as state function, emergent health and safety situations, compliance with a judicial order etc.
  4. However, in each case, data fiduciaries, be it the government or private entities, will be required to strictly comply with principles such as collection limitation, purpose limitation, security safeguards, and measures of transparency and accountability that are laid down in the law
  5. The law provides heightened safeguards for processing of sensitive personal data, such as financial data, health data, sex life and sexual orientation, caste or tribe, official identifiers such as Aadhaar, religious and political beliefs or affiliations, etc.
  6. The proposed law will be applicable to both private and public entities

Concerns related to these provisions

  1. The proposed law contains exemptions for the processing of personal data for certain purposes, such as journalistic activities, law enforcement, security of the state, etc.
  2. It has been pointed out that the exemption may be too broad and may not effectively address the issue of surveillance and systematic access to citizens’ data by the state
  3. The proposed data protection law ensures that state surveillance agencies attempting to access personal data or sensitive personal data without the authorisation of law will not be able to avail of this exemption

Current status of data protection in India

  1. As of now, there is no statutory framework that holistically protects the informational privacy of individuals in India
  2. The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 were a small but significant step in this direction
  3. However, these Rules are selectively applicable to certain body corporates and suffer from poor implementation
  4. There are scattered oversight mechanisms laid down in statutes such as the Telegraph Act of 1885

Principles laid down in Puttaswamy case

It held that to allow a restriction on privacy, three requirements ought to be fulfilled:

  1. First, the restriction must be by law
  2. Second, it must promote a legitimate state interest of which national security is an example; and
  3. Third, it must be necessary and proportionate

Applicability still an issue

  1. Many of the recommendations made by the committee throw up important questions of acceptability and feasibility for the industry, stakeholders and allied sectors
  2. The stance on cross-border flow of personal data heightened organisational measures on data fiduciaries, and individual participation rights have sparked a debate on compliance burdens on data fiduciaries and perceived impediments to a free and fair digital economy

Way Forward

  1. The committee has set the ball rolling on several issues concerning the protection of personal data by setting out a proposed law
  2. The proposed data protection law, after taking into account the existing gaps in the current framework and global best practices, creates a novel framework tailored to India’s constitutional, economic, and socio-political realities
  3. It is expected that through further consultations and dialogue, citizens and stakeholders will build on this foundation by giving suggestions to strengthen the legal framework and ensure that an effective data protection regime is set up in India
Jul, 28, 2018

Srikrishna panel upholds primacy of data privacy

Note4students

Mains Paper 3: Internal Security | Basics of cyber security

From UPSC perspective, the following things are important:

Prelims level: Highlights of the Srikrishna Committee Report, Right to be forgotten

Mains level: Need for protection of personal data.


News

Draft Personal Data Protection bill, 2018

  1. The right to privacy is a fundamental right which necessitates protection of personal data as an essential facet of informational privacy says the draft Personal Data Protection bill, 2018.
  2. It was submitted to the government by a high-level expert group headed by former Supreme Court judge B.N. Srikrishna.
  3. The much-awaited bill is under the government’s review and has been made public for inviting suggestions.

Provisions of the Bill

  1. The bill deals with issues such as collection and processing of personal data, consent of individuals, penalties and compensation, code of conduct and an enforcement model.
  2. According to the draft bill, personal data collected, used, shared, disclosed or otherwise processed by companies incorporated under Indian law will be covered, irrespective of where it is actually processed in India.

Data Protection Authority of India (DPA)

  1. It proposes setting up of a DPA, an independent regulatory body responsible for the enforcement and effective implementation of the law, consisting of a chairperson and six full-time members.
  2. In case of any appeal against an order of the DPA, an appellate tribunal should be established or an existing appellate tribunal should be granted powers to hear and dispose of any appeal.

Highlights of the Panel Report

  1. The committee has recommended phased timelines for the adoption of different aspects of the privacy law, making data protection a critical component in India’s security posture.
  2. The report said that sensitive personal data will include passwords, financial data, health data, official identifier, sex life, sexual orientation, biometric and genetic data, and data that reveals transgender status, intersex status, caste, tribe, religious or political beliefs or affiliations of an individual.
  3. It noted that consent should be the lawful basis for the processing of personal data and the consent should be free, informed, specific, clear and capable of being withdrawn.
  4. For sensitive personal data, consent should be explicit.

Right to be forgotten

  1. The committee came out with a recommendation on the right to be forgotten.
  2. It said that the right should be adopted, with the proposed data protection authority determining the eligibility of the application on the basis of five points which are:
  • Sensitivity of the personal data sought to be restricted
  • Scale of disclosure sought to be restricted
  • Role of the data principal (whose data it is) in public life
  • Relevance of the personal data to the public
  • Nature of the disclosure.

Penalty Provisions

  1. Regarding data misuse, the committee recommended a penalty of either a certain percentage of the total worldwide turnover of the data misuser, or a fixed amount set by the law.
  2. It recommended that the penalty may extend up to ₹5 crore or 2% of the data misuser’s total worldwide turnover of the preceding financial year, whichever is higher in situations where the company fails to take “prompt and appropriate action” in response to a data security breach.
  3. In situations where the norms on personal data, sensitive personal data, and the personal data on children are violated, the report has recommended a penalty of ₹15 crore or 4% of the total worldwide turnover of the preceding financial year of the company.
Jul, 14, 2018

Surveillance state if every message is monitored: Supreme Court

Note4students

Mains Paper 2: Governance | Government policies & interventions for development in various sectors & issues arising out of their design & implementation

From UPSC perspective, the following things are important:

Prelims level: Articles 14, 19(1)(a) and 21 of the Constitution

Mains level: Government move to monitor social media and concerns related to the right to privacy


News

Opposing Social Media Communications Hub

  1. The Supreme Court has issued a notice to the Centre on a plea challenging its proposed move to set up a Social Media Communications Hub
  2. SC observed that “we will be moving to a surveillance state” if every tweet and WhatsApp message is monitored

What’s the issue?

  1. The government has already issued the Request For Proposal (RFP) by the Broadcast Engineering Consultants India Ltd (BECIL), a public sector enterprise under the Ministry of Information and Broadcasting
  2. It invited proposals to select a bidder for the supply, installation, testing and commissioning (SITC) of a software tool for the hub of the Ministry of Information and Broadcasting
  3. The stated aim of the project was to enable the government to understand the impact of social media campaigns on welfare schemes and improve the reach of such campaigns
  4. The project had two aspects — “mass surveillance apparatus that aims at collecting and analysing huge volumes of data, and profiling people based on that” and “utilising this data to predict the mood of people online and issue responses, including those targeted at individuals or groups”

Violation of Right to Privacy

  1. The social media analytical tool is expected to ‘listen’ to conversations on all major digital channels, including Facebook, Twitter, Instagram, LinkedIn, Tumblr, as well as blogs and news channels and also to be able to monitor email
  2. Such intrusive action on the part of the government is not only without the authority of law but brazenly infringes the fundamental right to freedom of speech under Article 19(1)(a) of the Constitution
  3. Such action of the government also violates the right to privacy
  4. The entire scheme/scope of the SMCH, as sought to be set up through the impugned RFP, is violative of Articles 14, 19(1)(a) and 21
Jul, 14, 2018

Proposed DNA bank will not store data permanently

Note4students

Mains Paper 3: Science & Technology | Science and Technology- developments and their applications and effects in everyday life

From UPSC perspective, the following things are important:

Prelims level:  Particulars of the DNA Bill.

Mains level:  Addressing concerns related to the Bill.


News

Data will be erased once case ends

  1. India’s proposed DNA databank, to be used during an investigation into crimes or to find missing persons, will not permanently store details of people.
  2. The DNA details will be removed, subject to judicial orders.
  3. The DNA Profiling Board, according to the proposed legislation, is supposed to be the regulatory authority that will grant accreditation to DNA laboratories.
  4. The Board, in consultation with members of the judiciary, will frame rules on how long the DNA details of an entrant on a crime index would be maintained.
  5. The rules will come after Parliament approves the DNA Technology (Use and Application) Regulation Bill, 2018, framed by the Department of Biotechnology in 2015.

Proposed DNA Data Bank

  1. The aim of that draft legislation was to establish an institutional mechanism to collect and deploy DNA technologies to identify persons based on samples collected from crime scenes or to identify missing persons.
  2. The Bill envisages a DNA Profiling Board and a DNA Data Bank.
  3. To help in investigations, there would be a central databank as well as regional ones, and these would store DNA profiles under various heads, such as a ‘crime scene index’ or ‘suspects index’ or ‘offenders index.’

What were the concerns raised by the Bill?

  1. It necessitated a Law Commission analysis —whether the databanks were secure enough to protect the privacy of those from whom DNA details were collected.
  2. It also deliberated on how, and who were authorised, to collect such information.
  3. An important thing that the Bill achieves is to ensure that private laboratories don’t proliferate and work without scientific validation.

Global Scenario on DNA Data Storage

  1. In France, for instance, the profiles of convicted persons are kept for 40 years after conviction. Crime scene stains are deleted forty years after they have been analysed.
  2. In the United Kingdom, the profiles of convicted persons and suspects are retained indefinitely, and crime scene stains are kept until they have been identified.

Back2Basics

DNA Based Technology (Use and Regulation) Bill, 2017

  1. DNA technology is being increasingly relied upon in investigations of crime, identification of unidentified bodies, or in determining parentage.
  2. It seeks to establish regulatory institutions and standards for DNA testing, and supervise the activities of all laboratories authorised to carry out such tests.
  3. It prohibits the collection of any “bodily substance” from an arrested individual (for the purposes of a DNA test) without his/her consent, except if the individual is arrested for certain specific offences.
  4. The penalty for misuse of data remains a prison term of up to three years and a fine up to Rs 1 lakh, a reference to a minimum prison term of one month has been removed.
  5. The Bill seeks to set up two new institutions — a DNA Profiling Board and a DNA Data Bank.
  6. The Board, with 11 members, is supposed to be the regulatory authority that will grant accreditation to DNA laboratories and lay down guidelines, standards and procedures for their functioning.
  7. A national databank of DNA profiles is proposed to be set up, along with regional databanks in every state.
Jul, 05, 2018

[pib] Cabinet approves DNA Technology (Use and Application) Regulation Bill, 2018

Note4students

Mains Paper 3: Science & Technology | Developments and their applications and effects in everyday life

From UPSC perspective, the following things are important:

Prelims level: DNA Profiling

Mains level: Understanding the importance of DNA Profiling in curbing crime in India.


News

The Union Cabinet has approved The DNA Technology (Use and Application) Regulation Bill 2018

Background

  1. The government was responding to a PIL in 2012 on the use of DNA profiling for identifying unclaimed bodies, especially to match them with cold cases of missing persons.
  2. The government had informed the Supreme Court that it will introduce a DNA profiling Bill in the Monsoon Session of the Parliament.

NCRB Report on Such Crimes

  1. The aggregate incidence of such crimes in the country, as per the statistics of the National Crime Records Bureau (NCRB) for 2016, is in excess of 3 lakhs per year.
  2. Of these, only a very small proportion is being subjected to DNA testing at present.
  3. It is expected that the expanded use of this technology in these categories of cases would result not only in speedier justice delivery but also in increased conviction rates, which at present is only around 30% (NCRB Statistics for 2016).

DNA Technology (Use and Application) Regulation Bill, 2018 

  1. The primary intended purpose for enactment of the bill is for expanding the application of DNA-based forensic technologies to support and strengthen the justice delivery system of the country.
  2. The utility of DNA based technologies for solving crimes, and to identify missing persons, is well recognized across the world.
  3. Other aims include Speedier justice delivery and Increased conviction rate.
  4. Bill’s provisions will enable the cross-matching between persons reported missing and unidentified dead bodies found in various parts of the country, and also for establishing the identity of victims in mass disasters.
  5. By providing for the mandatory accreditation and regulation of DNA laboratories, the Bill seeks to ensure the data remain protected from misuse or abuse in terms of the privacy rights of our citizens.

Benefits of DNA Profiling

Forensic DNA profiling is of proven value in solving cases involving offenses that are categorized as affecting the human body (such as murder, rape, human trafficking, or grievous hurt), and those against property (including theft, burglary, and dacoity).


Back2Basics

DNA profiling technology

  1. DNA fingerprinting or DNA profiling is a method of isolating and identifying variable elements within the base-pair sequence of DNA.
  2. DNA fingerprinting technology is utilized by police all over the world for fool-proof identification of criminals who leave their traces at the crime scene while committing the crime.
  3. The technology plays a crucial role in solving crimes as it has potential to link a series of crimes by placing the suspects by linking them with the crime scene.
May, 02, 2018

Govt to table DNA Profiling Bill in Monsoon session

Note4students

Mains Paper 2: Polity | Parliament & State Legislatures – structure, functioning, conduct of business, powers & privileges & issues arising out of these

From UPSC perspective, the following things are important:

Prelims level: DNA profiling Bill, mandamus (Read about various writs that can be issued by the judiciary)

Mains level: Privacy concerns and the ethics involved in DNA profiling


News

DNA profiling Bill

  1. The government has informed the Supreme Court that it will introduce a DNA profiling Bill in the Monsoon Session of the Parliament
  2. The government was responding to a PIL in 2012 on the use of DNA profiling for identifying unclaimed bodies, especially to match them with cold cases of missing persons
  3. The court said that with the competent authority undertaking to bring about a legislation there was no need for a mandamus from the Supreme Court in this issue

Law Commission report

  1. The Law Commission of India in its 271st report had prepared the draft Bill named The DNA Based Technology (Use and Regulation) Bill, 2017 after examining various judicial pronouncements and constitutional provisions
  2. The exercise was initiated by the Commission after the Department of Biotechnology forwarded its draft of ‘The Use and Regulation of DNA based Technology in Civil and Criminal Proceedings, Identification of Missing Persons and Human Remains Bill, 2016’

Recommendations of Law Commission

  1. The Commission recorded that DNA profiling was indeed used for disaster victim identification, investigation of crimes, identification of missing persons and human remains and for medical research purposes
  2. The Commission said the procedure for DNA profiling if given statutory recognition, should be done legitimately as per constitutional provisions
  3. The Bill provides for the setting up of a statutory DNA Profiling Board to spell out procedures and standards to establish DNA laboratories and grant of accreditation to these labs
  4. The Board should also be tasked with advising the Centre and the State governments on the operation of these labs and ethical/human rights issues relating to DNA testing in consonance with international standards
  5. The Board should also have the responsibility to supervise, monitor, inspect and assess the laboratories
Apr, 05, 2018

[op-ed snap] The economics of privacy in the digital world

Note4students

Mains Paper 3: Internal Security | Basics of cyber security

From UPSC perspective, the following things are important:

Prelims level: Not much

Mains level: Data privacy and issues related to it


Context

Digital economy functioning

  1. Information capture sits at the heart of important parts of the digital economy
  2. We voluntarily pay in personal data rather than cash
  3. This can be called Digital exchange—personal information for free access to platforms

Abuse of personal data

  1. The potential for personal data to be abused—for discrimination, manipulation, and censorship—is a huge cause for concern
  2. It can make people the victims of targeted manipulation
  3. Personal data can be used to manipulate people in ways they don’t recognize at the time of sharing their data

Framing IP Rights for data

  1. The framing of intellectual property rights is a good example of an encumbrance to trade that works for everyone
  2. It provides the necessary incentives to the producers and balances progress with the public distribution of intellectual goods
  3. The same technologies that enable distributed rights management could enable privacy protection that travels with the data

Way forward

  1. As monitoring and recording capabilities are embedded in our surroundings, there is a need to redefine private spaces that will not be infringed
  2. The government and businesses should start by adopting privacy-by-design principles in their data-accumulation practices
  3. Governments and supreme courts all over the world will have to rethink their stand in order to secure citizens’ privacy and control over their data
Jan, 06, 2018

[op-ed snap] This too is a right: the right to sexual privacy

Note4students

Mains Paper 2: Polity | Indian Constitution- historical underpinnings, evolution, features, amendments, significant provisions & basic structure

From UPSC perspective, the following things are important:

Prelims level: Joseph Shine v. The union of India, Section 497 of the Indian Penal Code, Constitution Bench, K.S. Puttaswamy case (2017), Suresh Kumar Koushal case (2013), NALSA v. Union of India (2014)

Mains level: Adultery law and various issues related to it


Context

The law on adultery

  1. Joseph Shine v. The union of India, the petition challenging the constitutional validity of the criminal prohibition on adultery under Section 497 of the Indian Penal Code, has now been referred to the Constitution Bench by the Supreme Court
  2. The petition was admitted by the court with the preliminary observation that the provision attacks the independent identity of the woman and is archaic in its nature

The right to sexual privacy

  1. The right to privacy is valued and cherished for it involves the most intimate decisions and choices
  2. The right to engage in sexual intercourse is an intrinsic part of the right to privacy
  3. Privacy has to invariably contain the right to bodily integrity, self-determination and sexual autonomy

How is adultery law affecting the right to privacy?

  1. By criminalising adultery, the state is, in fact, showing a paternalistic attitude by telling individuals how to lead their lives and what behaviour to adopt
  2. It carries moralistic undertones of imposing what living an ideal life means for the state
  3. Such an approach seriously undermines the underlying values of personal liberty

Upholding right to privacy

  1. In the celebrated privacy judgment in K.S. Puttaswamy case (2017), exercising the police power of the state in matters of private choices was repelled by the apex court
  2. SC judge had said that anybody would not like to be told by the state as to what they should eat or how they should dress or whom they should be associated with either in their personal, social or political life
  3. It seems to follow that individuals must be free from the interference of the state in matters of their sexual choices, or even in choosing their sexual partner

Foreign jurisprudence

  1. None of the European countries has criminalised adultery
  2. In most of South America, adultery is no longer a crime
  3. Many States in the U.S. have either repealed adultery laws or put them to disuse
  4. Following this global trend, in 2012, a working group of the United Nations called upon countries to do away with laws penalising adultery

Approach of the Supreme Court of India

  1.  SC approach towards the right to sexual privacy has been ambivalent
  2. The judgment in Suresh Kumar Koushal case (2013) upholding the criminalisation of voluntary sexual intercourse between those of the same sex remains a serious blow to the right to sexual freedom
  3. Subsequently, in NALSA v. Union of India (2014), the Court said that the value of privacy is fundamental to those of the transgender community

Way forward

  1. Reviewing law on adultery is perhaps the first occasion where the privacy judgment in Puttaswamy case is going to be doctrinally and forensically tested
  2. It is equally crucial that the right to sexual privacy forms a distinct and independent ground
Aug, 28, 2017

[op-ed snap] A sterling judgement on right to privacy

Image Source

Note4students

Mains Paper 2: Governance | Welfare schemes for vulnerable sections of the population by the Centre and States and the performance of these schemes; mechanisms, laws, institutions and Bodies constituted for the protection and betterment of these vulnerable sections.

Q.) “The Supreme Court has reaffirmed the primacy of the individual and served as a check on legislative and executive power.” Comment in the light of the recent SC judgment on “Right to Privacy.”

From UPSC perspective, the following things are important:

Prelims level: Not Much

Mains level: Important observations in the article.


News

Context

  1. The article talks about the recent SC Judgment on Right to Privacy
  2. The privacy judgement reaffirms the strength of the Constitutional protections given to fundamental rights

Why was Government’s stance different from the Judgement?

  1. The government’s stance that there is no fundamental right to privacy is based on the precedent of two Supreme Court judgements
    (1) M.P. Sharma vs Satish Chandra, 1954 and
    (2) Kharak Singh vs State of Uttar Pradesh in 1962
  2. And these judgments noted that the Constitution did not “specifically protect” the right to privacy

Article 14, Article 21 and opinion of the SC judge

  1. Article 14, which guarantees equality before the law, ensures that state laws cannot be arbitrary in nature or application
  2. They must be reasonable
  3. Article 21 protects life and personal liberty and the petitioners in the current case have argued that it implicitly contains the right to privacy as well
  4. Those protections and rights can be constrained by “procedure established by law”
  5. Without the reasonableness guaranteed by Article 14 to test that procedure
  6. But justice D.Y. Chandrachud notes in his opinion, this doctrine was set aside by an 11-judge bench in 1970’s Rustom Cavasjee Cooper vs Union of India judgement
  7. And 1978’s judgement in Maneka Gandhi vs Union of India by a seven-judge bench established the new doctrine that the distinct fundamental rights are not carved out from each other but overlap

Far-Ranging implications of the judgement

  1. The litigation against the Aadhaar programme is still pending in a separate case, but this judgement is bound to bolster it
  2. There are far-ranging implications for digital business models, as well—and more broadly, for the knowledge economy
  3. According to to some experts, the SC observations on digital technology front don’t quite take the rapidly evolving nature of the digital economy into account

Other noted outcomes of the judgement

  1. The judgement cites women’s abortion rights and the execrable Section 377 to note that sexual orientation
  2. The gender identity and women’s bodily autonomy are bound with human dignity and the right to privacy
  3. This has profound implications for women and the LGBT (lesbian, gay, bisexual and transgender) community
Aug, 26, 2017

Privacy ruling to have bearing on beef ban cases: SC

Image Source

Note4students

Mains Paper 2: Governance | Government policies and interventions for development in various sectors and issues arising out of their design and implementation.

From UPSC perspective, the following things are important:

Prelims level: Not Much

Mains level: It is important to note the effects of ‘Right to Privacy judgement’ on various issues.


News

Observation of the SC on Beef Ban

  1. A two-judge bench of the SC has observed that the privacy ruling will have a bearing on the Maharashtra beef ban case pending before it
  2. This observation came after the yesterday’s judgment of the SC which ruled that right to privacy is a fundamental right

The State of Gujarat vs Mirzapur Moti Kureshi Kassab case, 2004

  1. Petitioners also sought a review of the Supreme Court’s 2004 judgment in this case in which a seven-judge bench had imposed a total ban on slaughter of bovines even if unproductive
  2. The court adjourned the matter for two weeks
  3. At the next hearing, it will decide on the plea for a larger bench to take up the matter
Aug, 25, 2017

[op-ed snap] Right to Privacy: We, the private people

Note4students

Mains Paper 2: Governance | Welfare schemes for vulnerable sections of the population by the Centre and States and the performance of these schemes; mechanisms, laws, institutions and Bodies constituted for the protection and betterment of these vulnerable sections.

Q.) “With the landmark Right to Privacy verdict, SC expands the individual’s fundamental rights, etches firmer boundaries for the state.” How will this expansion of Fundamental Rights help normal citizens of India?

From UPSC perspective, the following things are important:

Prelims level: Particulars of the judgement, article 21, article 14

Mains level: It was a much awaited judgement. It will have a great impact on Government policies.


News

Context

  1. The article talks about the recent SC judgement on the Right to Privacy

What is the Ruling?

  1. The SC’s rules that the “Right to Privacy is an integral part of the Right to Life and Personal Liberty guaranteed in Article 21 of the Constitution”
  2. From now on, ‘Right to Privacy’ is a fundamental right

Observations of the Court

  1. According to the court, Privacy enables each individual to take crucial decisions which find expression in the human personality
  2. It enables individuals to preserve their beliefs, thoughts, expressions, ideas, ideologies, preferences and choices against societal demands of homogeneity
  3. Privacy is an intrinsic recognition of heterogeneity, of the right of the individual to be different and to stand against the tide of conformity in creating a zone of solitude

Government’s argument in court

  1. Government draws on two Supreme Court verdicts: M.P. Sharma vs Satish Chandra, 1954 and Kharak Singh vs State of UP, 1962
  2. The attorney general had argued that the Constitution does not guarantee a right to privacy

Lesson for future Juries

  1. Democratic societies require their judiciary to self-correct, as done in this judgement
  2. The spirit of self-correction and commitment to human dignity are also behind the court’s decision to set aside its 2013 verdict that resuscitated Section 377

The way forward

  1. The court does impose reasonable restrictions on the Right to Privacy
  2. A democracy can survive when citizens have an undiluted assurance that the rule of law will protect their rights and liberties
  3. Government and Judiciary should take care of it in future as well
Sep, 24, 2016

Whatsapp told by HC to delete from its servers info of users who opt out

  1. The Delhi High Court directed instant messaging service Whatsapp to delete from its server all information of users who chose to opt out of its services after September 25
  2. September 25 is the deadline after which Whatsapp said it would be sharing information of users with social media giant Facebook
  3. Background: A petition was filed in the HC saying that Whatsapp’s new policy was an infringement of users’ privacy
  4. Whatsapp was not giving any option to its users but to share the information with Facebook
  5. The bench had expressed concern over what happens to information of users who opt out of Whatsapp services
  6. Regulation? The court has also directed the Union and TRAI to see if they can bring Internet based messaging services like Whatsapp under a regulatory framework
Jul, 08, 2016

Putin signs controversial Big Brother law

  1. News: Russian President Vladimir Putin has signed a package of controversial anti-terror amendments dubbed ‘Big Brother’ measures by critics
  2. Aim: The law boosts the government’s surveillance powers for the security services, by requiring the telecom operators to store key data and to provide it to security forces
  3. Requires telecom operators to store users’ calls, messages, photographs and videos for 6 months, as well as metadata for up to 3 years
  4. Impact: May cost internet companies billions
  5. Response: Snowden called the decision a ‘dark day for Russia’
Oct, 15, 2015

Right to privacy concerns: Aadhaar holder can block his biometric info

First time, UIDAI has disclosed that a mechanism exists under which a card holder can choose to block the biometric information linked to his Aadhaar card.

  1. An Aadhaar card holder can block his card along with his demographic and biometric information if he wants to opt out of the UID system.
  2. Government tried to convince the Supreme Court that Aadhaar is “purely voluntary”.
  3. If a person wants to block the information about him contained in the biometric database, he can do it voluntarily and nobody will be able to unblock it, till he wants.
Oct, 15, 2015

Absolute privacy is a futile notion, says A-G

The A-G argued that right to privacy of an Indian citizen has become a futile notion in an era when Facebook can track every detail, thought and movement through its WhatsApp software application.

  1. The govt. is going at great lengths to convince that Aadhaar is a voluntary authentication device.
  2. It is not a snooping device or meant to be an instrument of control of the likes used by authoritarian States to keep tabs on citizens.
  3. He said the Aadhaar was the most widely held identity card in the country at 92 crore compared to 7 crore PAN card, 5 crore having passports and 12-15 crore people with ration cards.
Oct, 09, 2015

SC to re-look right to privacy, courtesy Aadhaar

New bench will hear the fundamental issue whether the state is in the right by creating a situation by which a citizen is enticed to voluntarily part with his privacy rights, for social benefit schemes

  1. The new Constitution Bench will sit for the first time on October 14.
  2. Over 60 years after an eight-judge Bench declared that Right to Privacy is not a fundamental right.
  3. Previous order by the Supreme Court on August 11, restricting the use of Aadhaar to PDS and LPG schemes.
  4. The Supreme Court decided to set up another Constitution Bench to re-look the question in that, Aadhaar card scheme is an invasion into citizen’s privacy.
  5. In 1954, the SC Bench by Chief Justice M.C. Mahajan held that Right to Privacy is not recognised by the Constitution makers as a fundamental right, and so no need to strain to make it one.
Aug, 01, 2015

A basic right is in danger

  1. The Attorney General’s argument questioning right to privacy is against the interests of the people, and also seems to be politically motivated.
  2. India has ratified the International Covenant on Civil and Political Rights, which unequivocally supports the existence of the right to privacy.
  3. It is inconsistent for the govt. to argue that US has violated Indian citizen’s right to privacy and denying the same right domestically.
Jul, 29, 2015

India’s DNA profiling bill may become one of the world’s most intrusive laws

Among all the forensic tools available to criminal investigators, DNA analysis is the only one that has consistently produced reliable results.


 

  1. Now Narendra Modi, India’s prime minister, wants to ensure that the technique be used more widely to convict criminals in the country.
  2. Is it going to be one of the most intrusive bills to be put in motion?

 

The bill proposes creation of a national DNA data bank, without requisite safeguards for privacy, and opens the information to everything from civic disputes to compilation of statistics.


 

Some pertinent questions – 

  1. Is DNA evidence infallible?
  2. Can the DNA profiling board protect our genetic information? do we have adequate safeguards against cyber attacks?
Jul, 29, 2015

DNA profiling Bill triggers debate

DNA Bill could result in large scale violation of human rights.


 

  1. DNA profiling is a forensic technique used to identify individuals by characteristics of their DNA.
  2. One sample of a person’s DNA is maintained by forensic authorities.
  3. That sample can be matched to DNA obtained from a crime scene to establish whether that person was present or not.
  4. “Does the Bill mean to say that once a criminal always a criminal?” asked Thushar Nirmal Sarathy, an advocate and human rights activist from Trivandrum, Kerala.
Jul, 23, 2015

Where’s right to privacy? You decide, Govt tells SC

Attorney General Mukul Rohatgi asked the court to constitute a nine-judge bench to decide what he said is a disputed question of law and constitutional provisions.


 

 

 

  1. Is right to privacy a fundamental right? The NDA government raised this question in the Supreme Court Wednesday, and went on to state that the Constitution does not assign right to privacy that status.
  2. What’s going on here?
  3. NDA is defending the validity of the Aadhaar card since a batch of petitions have contended that collection and sharing of biometric information was a breach of their “fundamental” right to privacy.
  4. It must first be settled authoritatively whether privacy is a fundamental right.
Jul, 23, 2015

Privacy not a right, Aadhaar legit: Centre

Quoting a SC judgement of 1962 in Kharak Singh case, Centre replied that the right to privacy was a ‘vague concept’ and not a ‘guaranteed right’ under the Constitution.


 

However, the petitioner pointed to several decisions of the SC subsequent to the Kharak Singh case, including the Maneka Gandhi case, in which the court gave a very wide ambit to the right of personal liberty.

Privacy is at the core of our vital needs. Privacy leads to fulfilment of our goals, enrichment of ourselves and our growth. The need for privacy distinguishes humans from other animals. It is a fundamental right,” Mr. Divan said even as Justice Chelameswar suggested that since there was a “divergence of opinion” the matter may be referred to a larger bench.

  • Subscribe

    Do not miss important study material

8
Leave a Reply

Please Login to comment
0 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
0 Comment authors
Recent comment authors
  Subscribe  
newest oldest most voted
Notify of