Privacy – a fundamental right

Earlier in the supreme court judgment, the privacy of an individual has been granted the fundamental right to be protected. this has been effectively recognized in the country’s attempt to provide a data regulatory framework. As the digital ecosystem expands at a faster rate it’s imperative to have such a regulatory environment to be operated. Moreover, the rising cases of misuse of data also necessitate the long pending reform to be initiated in the country.

The government set up a high level Sri Krishna committee to this task of data protection. The committee came up with an effective recommendation for a country to start looking into such violation for adopting into the policy net. The framework of policy broadens with 3 stakeholders in mind:

  • Individual or data principal
  • Data processors or data fiduciaries or service providers
  • State agency or data protection authority

The recommendation falls highlighting such three players in mind along with falling in the lines of global data policy regulation measures. By following the supreme court’s judgment affirming that privacy is a fundamental right the committee lays emphasis on the individual consent for data processors to have access to the data. New terms like fiduciaries give Indian model of functioning along with the follow up of global standards. It recognizes the service providers and users functions on the basis of trust whereby safeguarding the individual data has been laid of the paramount importance.

Data processors need to take extra protection regarding the user’s data, as they are the custodians of it. So the protective measures cannot be compromised. Time and again the violation of such practices are being increasingly reported in modern forms of communications like social media. The committee lays stringent measures to those companies to operate in a regulatory environment without any commercial gains by data leakage or third party sale of data.

The recommendation calls for data protection authority that attracts the attention of in case of any violation by data processors. It also tends to follow the global regulatory principle that attracts penalization by imposing fine on such companies to the tune of up to 20% of its revenues.

As the committee gives excessive powers to such agencies questions arises for the need to use it responsibly to meet the concern of citizen. It provides an effective check on such firms to disclose any case of data breaches in public. Corresponding which actions has to be taken for mitigation and preventing such cases in future.

The powers to access public data has been granted to this agency in a view to protecting the beneficiary of government services. However, the committee also recommends such powers to be dynamic as it adds a caveat of changing technological space to be addressed to the needs of social practices.