The Digital Future

By Jahanvi Sisodia

SOCIAL MEDIA AND ITS MISUSE:

India with its humongous population makes up for one of the biggest users of social media. According to statistics the social media users in the country added up to be 142.23 million in the year 2015, this number is predicted to skyrocket in the year 2022 by 370.77 million^[1]. Amongst these social media users, the most famous applications in the year 2017 were Facebook, along with YouTube and WhatsApp^[2]. With such a huge base of internet usage, there have been numerous consequences of information being tampered for all the wrong reasons. In a very recent controversy, Aleksandr Kogan, a researcher at Cambridge University collected all the personal data off Facebook without people’s consent and sold it off to a third party without procuring the details of what could the party do with such sensitive data.^[3] It turned out that the data was bought by India’s political parties to manipulate electoral polls; by data mining,  political parties create a “digital fingerprint”^[4] which can help them in surveilling the most granular of details about the masses. Such information is not just obtained without consent but comes with the utmost high risk of being exploited by the state. It shatters what a democracy expects and creates a loophole for the people in power to exploit their privileged positions. The penetration of mass surveillance in India, which is carrying on behind the curtains, poses an imminent threat to our right to privacy.^[5]

This paper will discuss the right to privacy and the modern tools of surveillance which have been hampering this right. Through this paper, I will evaluate the risks that are likely to occur if the Indian government’s surveillance goes unchecked, by referring to the government I am also referring to the actors of the state.

The concept of right to privacy was never explicitly mentioned in the Indian Constitution, however, the same has evolved since the country’s independence in 1947. Right to privacy is protected under the right to life and personal liberty which is enshrined in our constitution under Part III. This law has seen various interpretations since its inception. The way any law is interpreted is very important for the nation as it forms rights and within them, creates restrictions. While interpreting, courts need to follow the democratic structure and do so in a manner which does not pose a threat to people’s basic rights. It also needs to keep in mind certain factors like the introduction of technology in the society. Such factors can have a major role in the way boundaries are created by the court. However, with the introduction of the World Wide Web, society created a virtual world which had little regulation. In a complex world like ours, the court often comes across a question- When it comes to right to privacy on the digital forum where should they draw the line?

The paper will try to fathom the legal advancements that have taken place in the Indian courts. In the first part of the paper, I will begin by explaining the evolution of the right to privacy with the help of two case laws, namely M.P. Sharma v. Satish Chandra,^[6] and Kharak Singh v. State of Uttar Pradesh^[7], in terms of how the doctrine moved from a very conservative interpretation to being recognised as a fundamental right today. It will cover discussions of right to privacy within the context of fundamental rights and will try to see the aim behind not recognising it as a right at the time. The second part of the paper is going to deal with more recent case laws namely, Justice K.S. Puttaswamy (Retd) v. Union of India^[8] and Shreya Singhal v. Union of India^[9]. These case laws show a much more progressive interpretation of the right to privacy in the digital scenario, wherein the former deals with the data collection through Aadhaar cards and the penetrative approach of the State. The latter deals with the State prosecuting two girls for allegedly making seditious comments. In both the judgements, the hidden tones are that, it is the government which is infringing on people’s private lives. However, another discussion which will be raised is the fine line between “public” and “private” domain, as the age of internet reinvents the concept of personal privacy^[10]. It will raise questions such as, what is the extent to which the State is allowed to intervene in people’s data available on the internet, or whether it is personal at all once on a public domain.

The paper will then go on to determine whether the interpretations are adequate in this social media age and evaluate the application of the right to privacy by the courts in the cases mentioned hereinabove. The concluding part of the paper compares India’s stand on the right to privacy with the persisting law in the United Kingdom. In the end, I will make a case for widening the ambit of right to privacy, and that there should be more privacy safeguards for the masses.

RIGHT TO PRIVACY: THE CONSERVATIVE INTERPRETATION

The concept of right to privacy came into existence only after years of interpretation and was incorporated under Article 21 of the Indian Constitution which guarantees protection of life and personal liberty. In the earliest case of M.P. Sharma v. Satish Chandra^[11], the contention in front of the Supreme Court was regarding Section 96 of the Code of Criminal Procedure (“CrPC”) which gave effect to police officials to enter a person’s property  to carry out search and seizures of documents,^[12] and the case was filed under Article 21. The court, however, refused to incorporate the right to privacy in the Indian Constitution and further justified its stand based on the fact that its intention, unlike the US constitution, is not to make right to privacy a fundamental right.^[13]

The interpretation of the right to privacy changed with the case of Kharak Singh v. State of U.P

(Kharak Singh)^[14] in which the police officials were allowed to keep a “history-sheet” for surveilling offenders through an established law. This law, however, was enforced without following any procedure.^[15] The surveillance provision permitted the police officials to enter the person’s house at night, keep an account of the person’s whereabouts and even hold periodical inquiries about such person. ^[16] The question before the court in this case was to determine the scope of “personal liberty” under Article 21. The majority opinion held that the law, which permitted surveilling- is invalid to the extent where it granted powers to enter a person’s household without any warrant. On the scope of right to privacy, however, Justice Ayyangar’s opinion, which was the majority opinion held that “the right to privacy is not a guaranteed right under our Constitution and therefore the attempt to ascertain the movement of an individual which is merely a manner in which privacy is invaded is not an infringement of a fundamental right guaranteed by Part III”.^[17] The progressive approach was of the minority view, where Justice Subba Rao understood the importance of right to privacy and found the need for it to be incorporated under the definition of “personal liberty”. It was the first time that the right to privacy was being introduced in the Indian courts, although it only limited itself to protection in one’s own home, and surveillance of other kinds  was still permitted. Also, due to the majority opinion, this particular right did not make a cut for being an essential element in the Indian Constitution.

The minority opinion in the Kharak Singh^[18] case gained recognition in the case of Gobind v. State of M.P.,^[19] a case in which the right to privacy was recognised as an essential part of the Constitution, not only limiting this right to “protecting privacy at home,”^[20] but also expanding further to other spheres where an individual must be liberated against government intervention. This view was further reiterated in the case of Collector v. Canara Bank,^[21] where it was established that the right to privacy is concerned with “people and not places.”^[22] It further made its stand on surveillance clearer – that only checks which are established through due process of law can be exercised, and should be for reasonable and fair usage.^[23]

People’s Union for Civil Liberties (PUCL) v. Union of India^[24] is another important case, and one of the earliest judgments dealing with the question of surveillance. In this case, a PIL was filed due to increased number of cases of telephone-tapping, and it was found essential to bring this matter in front of the court to determine the validity of Section 5(2)^[25] of the Indian Telegraph Act, 1885 (the Telegraph Act). The contention, in this case, was that since the Telegraph Act was drafted in 1885, it had not foreseen issues related to telephonic tapping, and hence, there were problematic applications of the ancient act which led to arbitrary usage of the aforementioned provision. Through this case the court developed the language of engaging telephonic tapping and held that such an act can only be done in cases of “public emergency and interest of public safety”^[26]. Due to lack of procedural safeguards, the provision was used arbitrarily, hence the court issued certain procedural safeguards to protect its citizens under the right to privacy.

The concept of personal privacy has changed since the M.P. Sharma case, where the court refused to incorporate the right to privacy as a fundamental right. The right to personal liberty and the concept of privacy then saw a jurisprudential wave of change through the Kharak Singh case,  although the court in this case only struck down the provision that allowed domiciliary visits,^[27] and only guaranteed protection from the surveillance of people in their homes. In the later cases of Gobind Singh and Canara Bank, the right to privacy was incorporated as a fundamental right, which not only guaranteed the protection of people beyond their household, but also made it essential that any such law which infringes a person’s fundamental right is only allowed to the extent that the law is “just and reasonable, and not arbitrary, fanciful or oppressive.”^[28]

The most progressive and recent case of PUCL witnessed the  technology change and the shortfalls that existed in the surveillance law at that time. The court understood the grave infringement of the right to privacy, when people’s phones were being tapped arbitrarily under the Indian Telegraph Act, 1885, and thus, set the boundaries of telephonic conversations and privacy violations. However, at the time there was only one Act, the Indian Telegraph Act, 1885, which could deal with cases of surveillance; as technology became more complex and cases of digital transactions, data theft, and other cyber related problems arose, it became even more important to legalise these transactions and introduce cyber laws. Keeping in mind these considerations the Indian legislature enacted the Information Technology Act, 2000, which will be looked at through the lens of the Shreya Singhal case in the second part of this paper.

RIGHT TO PRIVACY: LIBERAL INTERPRETATION

Through the lens of the right to privacy as a fundamental right, we saw how this right was developed over the years through case law, although, what stands more relevant is, where do surveillance and privacy laws stand in the current 21^st century? The most recent cases which deal with the position of right to privacy are, Justice K.S. Puttaswamy and Ors. v. Union of India^[29] (Aadhaar Judgement), and Shreya Singhal v. Union of India.^[30] The former case holds more importance in deciding the countries’ position in determining the fundamental right of right to privacy. It is, however, important to contextualise this case by looking at the background of Aadhaar in order to properly examine the judgment rendered by the Supreme Court. The regime of the Aadhaar card was introduced in the year 2009 and was initially introduced as a voluntary activity which would provide people with subsidiary benefits. However, issuance of Aadhaar cards was made mandatory with the passing of the Aadhaar (Targeted Delivery of Financial and other Subsidies, benefits and services) Act, 2016. The Aadhaar card is known for issuing a unique personal identification number, along with recording people’s biometrics. The  Unique Identification Authority of India (UIDAI), a government agency which has, in the past been linked with unanimously inserting their helpline numbers in people’s android devices without acquiring their consent, is also the authority responsible for issuing Aadhaar cards. Google, a company with global access to a large number of people using the internet, admitted that it helped UIDAI in the aforementioned insertion without consent, of helpline numbers in android devices. The fact that Google can access data without people’s permission makes data privacy a great threat, and this admission of collusion with a government agency on Google’s part makes it clear that people’s sensitive data is in the hands of UIDAI. When the government initially introduced Aadhaar cards, it never mentioned its aim of surveillance. However, the true nature of Aadhaar was understood by the masses much later. The Aadhaar Act, 2016  falls within a category of unjust laws responsible for making certain illegal practices lawful by legalising the same under the guise of legislation. The practice of data mining is problematic as it threatens the protection of privacy of individuals. The form of surveillance under Aadhaar is intrusive as the data collected in this manner is proportionate to inserting a GPS on a person.

The government, once in possession of the crucial data can misuse it for various purposes such as ‘corporate mining,’ a practice used by companies such as Amazon and Facebook to determine its audience’s demand and then control the supply market. This same data can be used to determine any citizen’s political agenda, and can further be used to steer people into casting their vote a certain way, as these authorities gain control of what is being propagated to us/citizens through the internet. This phenomenon is also called electoral politics, and is a big threat to democracy as any person’s personal data can be used to manipulate the elections. In today’s day and age, personal data holds the key to knowing every minute detail of the masses, and the same being handed over to the authorities can cause great injustice to privacy rights. Looking at all these threats of what could potentially cut the limbs of our democratic structure, Justice Puttaswamy filed a PIL questioning the legality of the Aadhaar.

The Aadhaar Judgement has successfully overturned the rulings of the M.P. Sharma case along with the Kharak Singh case, it has successfully recognised the right to privacy as a right under Article 21. However, the right comes with certain restrictions, and the following requirements of the proportionality test should be infringed in order to bring any case under right to privacy:- “ (1) legality, which requires for the law to be present; (2) need, defined in terms of a legitimate State aim; and (3) proportionality which ensures a rational nexus between the objects and the means adopted to achieve them” ^[31] By following these tests, the majority opinion of the court upheld the constitutionality of the Aadhaar act. The court said that the act was established by following the procedure established by law. It further believed that it was impossible to track any individual from their unique identification code and that the aim of the act is not surveillance, but rather to make “one identity” to curb the duplicating of identities and to incorporate marginalised sections of the society. However, the majority struck down two sections, along with other provisions, from the Aadhaar act, namely Section 7, in which the government made a mandatory provision to link the Aadhaar card code with other government databases,^[32] and Section 57, which gave private entities like private banks, mobile network services network or private schools the authority to retrieve the personal information of people through Aadhaar. These two laws have been seen as a way of bringing the masses under their regime for mass surveilling. Further, Section 57 enabled the corporate sector to intervene with people’s private information for data mining. The majority failed to fathom the alarming problem of collection of data through an established law as they didn’t see the bigger picture of the problem, in which the government could misuse this data. The progressive opinion is of the minority opinion given by Chandrachud, J, who was the only judge out of the five judges to understand the potential risks of the Aadhaar Act. According to Chandrachud, J, “when Aadhaar is seeded into every database, it becomes a bridge across discreet data silos, which allows anyone with access to this information to reconstruct a profile of an individual’s life.”^[33] He understood that it was quite possible to create a person’s virtual image, and gave the example of how, although, under Section 2(k) of Aadhaar Act, the Aadhaar excludes storage of individual information related to one’s race, caste, or ethnicity,^[34] if such details have been linked with the Aadhaar, and the same has been linked with different government databases due to the mandatory  provisions, it becomes almost impossible to get rid of stereotype which the person can be discriminated for. It was the minority opinion which saw the threat of surveillance, while on the other hand, the majority were quite illiterate about the potentially threatening consequences of such possession of data in the hands of the government. The Aadhaar judgement was not ideal, but it was progressive to the extent that the fundamental right to privacy was recognised after decades of battle since the M.P. Sharma case. The right to privacy under our constitution today can successfully be exercised against property or private intervention by the State and the same has been made possible by a longtime incremental approach to establish this right.

It should further be noted that the right to privacy was recognised through the Aadhaar case, although this right has not been made absolute. The right is limited inter alia by the Information Technology (IT) Act, 2000. In the case of Shreya Singhal v. Union of India^[35], one of the sections under contention was 66-A which allowed for police to arrest any person who posted “any information” on the internet on the grounds of such information being “grossly offensive” or intimidating to be false information which would incite people. The section was challenged on the grounds of vagueness as the act had missed out on many definitions and did not even specify whether, in the absence of these definitions, the Indian Penal Code,1860 would apply. Further, it also missed out on the ingredients of “incitement to an offence”^[36] which under the Indian Penal Code forms as an offence. In this case, the right to freedom of speech along with right to privacy  was infringed and the court held the section as unconstitutional. The court further held that mere causing of annoyance is not a ground to be prosecuted. These are the current cyber laws in our country, which are heavily prejudiced towards the benefit of the State. These laws not only prosecute innocent people but also give unchecked powers in the hands of the State to control the populous. Even the judiciary has been unable to keep up with the complex cyber scenarios, and the legislatures are continuously making laws which are in their favor. Although surveillance by the State is restricted by virtue of our recently established fundamental right to privacy, the masses need to be more aware of the data that they decide to give up, and it is the need of the hour to re-think our laws and to protect the people of India.

PUBLIC v. PRIVATE DOMAIN

Another debate which usually spark among scholars is that in this new age of technology is there any concept of privacy on the world web domain. Recently a bill was passed in the parliament for making the Information Technology Act, 2000, more current and adaptive to deal with new complex cyber situations. The Information Technology Rules, 2011 make some interesting points with regards to body corporates and individuals when they mishandle sensitive information, they notify that it is indeed important for “body corporates… to maintain confidentiality…. and obtain consents from persons for collecting such sensitive personal data for lawful and necessary purpose”^[37], although they also define sensitive personal information under section 3 of the bill,  the proviso excludes, “any information that is freely available or accessible in public domain… shall not be regarded as sensitive personal data”^[38].  The problem with not charging a person who misuses any information which is accessible online is that that the same can be misused for innumerable reasons. The very act of not protecting people for their self -disclosed information which is available online goes unchecked, means that the law in itself at this point becomes oppressive as it does almost nothing to create a safe space on the internet, and the crime can still be committed without holding anybody but the victim who made the information public, responsible for her/his act. In a lot of scenarios when people post something on Facebook the same can be screenshotted and shared innumerable times leading it to end up in the wrong hands, but the current laws do not protect citizens from such circumstances.

 The laws in question have come a long way from recognising the right to privacy, firstly by way of protecting privacy of an individual vis-à-vis private properties, secondly, safeguarding telephonic conversations and thirdly, extending it in the age of internet domain through codifying the Information Technology Act, 2000. However, the laws are not current as the internet age is going to dominate the future and the need of the hour is to have strong codifications which can avoid personal information being turned against people and save them from themselves.

COMPARISION WITH THE U.K.

The government regime on the surveillance law was introduced in the year 2014 through, what was famously called the Snooper’s Charter. The charter was hurriedly codified into Data Retention and Investigatory Powers Act, 2014 (DRIPA) which infringed the right to privacy, as recognised under by Article 8 of the European Convention of Human Rights^[39] and Article 7 of the EU’s Charter of Fundamental rights^[40]. The DRIP Act was challenged on various grounds after the government admitted that, the data which is available online in the possession of big-tech companies like Google, Facebook, and Twitter can be accessed by the State without the need to procure a warrant.^[41] The provisions in the act gave self-authorisation power to the State, to gain access to people’s personal data.^[42] The very act of intervening in people’s live is a step towards violating their fundamental right, the mine of information could especially be misused to create bias in the elections and cut the limbs of democracy by using unfair election practices.

The DRIPA was challenged in the UK High Court in the case of R (Davis & Watson) v. Secretary of State for the Home Department^[43], which led the court to render the Act being invalid and unconstitutional on the grounds of it being inconsistent with the European Union laws. The DRIPA was introduced under the garb of laws which would monitor terrorist activities, but the court held that it in fact has not been effective in curbing such activities rather it has caused great injustice to people’s fundamental right to privacy.^[44] Following the demise of the rogue law, the government in the year 2016 introduced the Investigatory Powers Act (IPA), as the new surveillance law. The old act was scrapped out to introduce new laws which could strike a balance between right to privacy and state-monitoring activities but the regressive approach of the legislative in codifying IPA failed the people’s expectations of safeguarding data privacy, yet again. In one of the provisions of the IPA, the State could call-upon any of the tech companies, like Google or Facebook, to store a person’s personal data for a period of 12 months which at later stage could be obtained by the State for investigation purposes.^[45] This provision gave government the authorisation to access personal data without issuing a warrant. However, another landmark case which restored UK public’s right to privacy was, The People v. The Snooper’s Charter^[46], it made the home-office issue safeguards against self-authorisation by the government and made a separate body of Investigatory Power Commissioner that would be responsible for approving the release of the sensitive data^[47]. The privacy laws in the UK have been constantly violated but the faith was restored by the judiciary, the people are not fully satisfied with the current laws but the most recent judgement which questioned the Snooper’s Charter has significantly curbed the government from retrieving personal data at their own sweet convenience and overstepping on people’s rights.

Comparing the interpretation of right to privacy by the courts in the UK with the Indian judgements, it can be observed that the Indian judiciary in its very recent Aadhaar judgement has taken a step to protect people’s interest. But this judgement still allows the linkage of Aadhaar cards with other government bodies, the minority opinion of Chandrachud, J would have helped us Indians to achieve our right to privacy under the same standards as guaranteed

to signatory parties of Universal Declaration of Human Rights, however, the majority still gave legitimacy to the Aadhaar Act. Unlike the UK’s high court which pronounced DRIPA unconstitutional, the Indian judiciary failed to understand the government’s ulterior motive in passing the Aadhaar Act and gave effect to the same without providing any substantial safeguards.

CONCLUSION

The recent interpretation of right to privacy in India has created waves in the judiciary and developed a sense of awareness among masses. The first step in achieving any right is by creating awareness within the citizens and informing them about their rights and now is the right time to question the government’s intentions. In the coming few years the judicial interpretation will determine the fate of the democracy in our country. The current laws in the country do not provide transparency regarding to what extent the State fishes out the personal information nor does it require any warrant to retrieve people’s data. The lack of accountability by the government proves that these laws are coveted for the sole purpose of being misused for mass surveillance which hinders our fundamental right. Not only it threatens a person’s safety but also hamper with their right to freedom of expression along with their freedom of religion and other rights.

Regressive laws like these threaten the democracy as it creates a misbalance between the structure of power given to the legislature, executive and judiciary. If the legitimacy of the Aadhaar Act is not questioned, then our democracy will witness turning itself into a nation with strict surveillance laws, like China or North Korea, the very foundation of our rights are guaranteed in the constitution and any unfavorable force to suppress our human rights are a direct threat to the democracy.

Analysing the UK people’s battle for breaking through regressive laws, what we realise it that it is important to take a step forward and question the laws which can hamper with the basic structure of the democracy. The approach that Indian courts have adopted is of incorporating right to privacy within the government’s framework of surveillance, such an interpretation is not free of political pressures and tampers with societal interest. Our privacy rights are intrinsic to our dignity and as said by Chandrachud, J while pronouncing the Aadhaar judgement, “Life and personal liberty are inalienable rights. These are rights which are inseparable from a dignified human existence. The dignity of the individual, equality between human beings, and the quest for liberty are the foundational pillars of the Indian Constitution…”^[48],and it is in the hands of the citizens to make a conscious effort to question the legitimacy of these rogue laws and further widen the scope of right to privacy in India. The interpretation of the right to privacy by the Indian courts has seen both conservative and liberal approach, due to the judiciary being the guardian of the constitution it has been able to lay down definite test of proportionality in the Aadhaar judgement and to remove any further discrepancy.

---

[1] ‘Social Media Users In India | Statista’ (Statista) <https://www.statista.com/statistics/278407/number-of-social-network-users-in-india/> accessed 20 August 2020.

[2] ‘India: Social Media Penetration | Statista’ (Statista, 2020) <https://www.statista.com/statistics/284436/india-social-network-penetration/> accessed 21 August 2020.

[3] Gilles Hangal, ‘Like Cambridge Analytica, India’s Political Parties Mined Voters’ Psychographic Data’ (Quartz India, 2020) <https://qz.com/india/1247197/cambridge-analytica-indias-bjp-and-congress-mined-voters-psychographic-data/> accessed 21 August 2020.

[4] Utkarsh Roshan, ‘Data Mining May Determine How 100 Million Indians Vote For The First Time In 2019’ (The Citizen, 2020) <https://www.thecitizen.in/index.php/en/NewsDetail/index/8/15810/Data-Mining-May-Determine-How-100-Million-Indians-Vote-for-the-First-Time-in-2019> accessed 21 August 2020.

[5] Chinmayi Arun, ‘PAPER-THIN SAFEGUARDS AND MASS SURVEILLANCE IN INDIA’ (2014) 26 National Law School of India Review <https://www.jstor.org/stable/44283636> accessed 21 August 2020.

[6] MP Sharma v Satish Chandra [1954] AIR 300 (SC).

[7] Kharak Singh v State of Uttar Pradesh [1963] AIR 1295 (SC).

[8] Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.

[9] Shreya Singhal v. Union of India [2015] AIR 1523 (SC).

[10] Alyssa Brumis, ‘The Right To Privacy In A Digital Age: Reinterpreting The Concept Of Personal Privacy’ (2016) 8 Inquiries Journal <http://www.inquiriesjournal.com/articles/1450/the-right-to-privacy-in-a-digital-age-reinterpreting-the-concept-of-personal-privacy> accessed 21 August 2020.

[11] [1954] AIR 300 (SC).

[12] Mahendra Pal, V.N. Shukla’s Constitution Of India (12th edn, EBC Publishing (P) Ltd 2015).

[13] Chinmayi Arun, ‘PAPER-THIN SAFEGUARDS AND MASS SURVEILLANCE IN INDIA’ (2014) 26 National Law School of India Review <https://www.jstor.org/stable/44283636> accessed 21 August 2020.

[14] [1963] AIR 1295 (SC).

[15] Mahendra Pal, V.N. Shukla’s Constitution Of India (12th edn, EBC Publishing (P) Ltd 2015).

[16]Mahendra Pal, V.N. Shukla’s Constitution Of India (12th edn, EBC Publishing (P) Ltd 2015).

[17] Mahendra Pal, V.N. Shukla’s Constitution Of India (12th edn, EBC Publishing (P) Ltd 2015).

[18] [1963] AIR 1295 (SC).

[19] Gobind v State of M.P [1975] 2 SCC 148 (SC).

[20] Gobind v State of M.P [1975] 2 SCC 148 (SC).

[21] Collector v. Canara Bank [2005] 1 SCC 496 (SC).

[22] Collector v. Canara Bank [2005] 1 SCC 496 (SC).

[23] Chinmayi Arun, ‘PAPER-THIN SAFEGUARDS AND MASS SURVEILLANCE IN INDIA’ (2014) 26 National Law School of India Review <https://www.jstor.org/stable/44283636> accessed 21 August 2020.

[24] People’s Union for Civil Liberties v. Union of India [1997] 1 SCC 301 (SC).

[25]  Indian Telegraph Act 1885, s 5(2).

[27] [1963] AIR 1295 (SC).

[28] Maneka Gandhi v. Union of India [1978] 1 SCC (SC) 574-75.

[29] Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.

[30]Shreya Singhal v. Union of India [2015] AIR 1523 (SC).

[31]Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.

[32] Reetika Khera, ‘Aadhaar Verdict: Big Data Meets Big Brother’ livemint (2018) <https://www.livemint.com/Politics/0LTYZzCHQb9X6UFsn09lBI/Aadhaar-verdict-big-data-meets-big-brother.html> accessed 21 August 2020.

[33] Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.

[34]Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.

[35] Shreya Singhal v. Union of India [2015] AIR 1523 (SC).

[36] Shreya Singhal v. Union of India [2015] AIR 1523 (SC).

[37] ‘India: Significant Changes Proposed To Personal Data Protection…’ (Roedl.com, 2020) <https://www.roedl.com/insights/india-eu-gdpr-data-privacy-law> accessed 21 August 2020.

[38] (Meity.gov.in, 2011) <https://meity.gov.in/writereaddata/files/GSR314E_10511%281%29_0.pdf> accessed 21 August 2020.

[39] ‘Guide On Article 8 Of The European Convention On Human Rights’ (Echr.coe.int, 2020) <https://www.echr.coe.int/documents/guide_art_8_eng.pdf> accessed 21 August 2020.

[40] EU Charter of Fundamental Rights [2007] OJ C 303/17.

[41] Owen Bowcott and James Ball, ‘Social Media Mass Surveillance Is Permitted By Law, Says Top UK Official.’ The Guardian (2014) <https://www.theguardian.com/world/2014/jun/17/mass-surveillance-social-media-permitted-uk-law-charles-farr> accessed 21 August 2020.

[42] Ian Cobain, ‘UK Has Six Months To Rewrite Snooper’s Charter, High Court Rules’ The Guardian (2018) <https://www.theguardian.com/technology/2018/apr/27/snoopers-charter-investigatory-powers-act-rewrite-high-court-rules#:~:text=The%20British%20government%20must%20rewrite,the%20high%20court%20has%20ruled.> accessed 21 August 2020.

[43]R (Davis & Watson) v Secretary of State for the Home Department & Ors,[2015] EWHC 2092.

[44] R (Davis & Watson) v Secretary of State for the Home Department & Ors,[2015] EWHC 2092.

[45] Matthew White, ‘Britain’s Mass Surveillance Regime Is Directly Opposing Human Rights’ (The Conversation, 2018) <https://theconversation.com/britains-mass-surveillance-regime-is-directly-opposing-human-rights-93323> accessed 21 August 2020.

[46] ‘SNOOPERS’ CHARTER – Liberty’ (Liberty) <https://www.libertyhumanrights.org.uk/fundamental/mass-surveillance-snoopers-charter/> accessed 21 August 2020.

[47] Ian Cobain, ‘UK Has Six Months To Rewrite Snooper’s Charter, High Court Rules’ The Guardian (2018) <https://www.theguardian.com/technology/2018/apr/27/snoopers-charter-investigatory-powers-act-rewrite-high-court-rules#:~:text=The%20British%20government%20must%20rewrite,the%20high%20court%20has%20ruled.> accessed 21 August 2020.

[48] Justice K.S. Puttaswamy (Retd) v. Union of India [2018] 1 SCC 809.