The Lack of Pro - Privacy Legislations in India and the Growing Threat of Identity Theft: A brief Introduction

In the digital age, privacy and data security have emerged as critical concerns for individuals, organizations, and governments worldwide. In India, the lack of comprehensive privacy laws and the easy access to government-issued ID cards by online criminals present significant challenges. These issues are compounded by the Indian government’s efforts to monitor its citizens through various legal frameworks, highlighting the urgent need for an ombudsman or consumer court to address these concerns and provide speedy justice.

The Current State of Privacy Laws in India

India’s legal framework for privacy is fragmented and lacks a unified approach. The Constitution of India, under Article 21, guarantees the right to privacy as a fundamental right. This was reinforced by the landmark judgment in the case of Justice K.S. Puttaswamy (Retd.) v. Union of India[1], where the Supreme Court of India affirmed that privacy is intrinsic to life and personal liberty. However, the implementation of privacy rights in India is far from comprehensive. The primary legislation governing data protection is the Information Technology Act, 2000 (hereinafter referred as the IT Act), and its subsequent amendments. The IT Act includes provisions related to cybercrimes and electronic commerce but does not adequately address issues of personal data protection and privacy.

Lack of a Comprehensive Data Protection Law

The Digital Personal Data Protection Act, 2023, was introduced to address these gaps, aiming to create a framework for the protection of personal data and establish a Data Protection Authority of India. However, the bill in it’s infancy has faced criticism for its various provisions, including broad exemptions for government agencies, which undermine the very purpose of protecting personal data.

[1] (2017) 10 SCC 1.