Data Protection Laws In India

We have no dedicated data protection laws in India. Data of individuals and companies require both constitutional as well as statutory protection. The constitutional analysis of data protection in India has still not attracted the attention of either Indian individuals/companies nor of Indian government.

The statutory aspects of data protection in India are scattered under various enactments. The Information Technology Act 2000 (IT Act 2000), which is the cyber law of India, also incorporate few provisions regarding data protection in India. However, till now we have no dedicated statutory and constitutional data privacy laws in India and data protection law in India.

Further, we do not have a dedicated privacy law in India as well. Privacy rights in India are still not recognised although the Supreme Court of India has interpreted Article 21 of Indian constitution as the source of privacy rights in India. Just like data protection, provisions pertaining to privacy laws in India are also scattered in various statutory enactments. Privacy rights and laws in India need to be strengthened keeping in mind the privacy rights in India in the information age.

Another related aspect pertains to data security in India. In the absence of proper data protection, privacy rights and cyber security in India, data security in India is also not adequate. Further, we do not have a dedicated cyber security law in India as well.

Perry4Law and Perry4Law Techno Legal Base (PTLB) believe that data protection requirements are essential part of civil liberties protection in cyberspace. With the growing use of information and communication technology (ICT), data protection requirement has become very important. It would not be wrong to assume privacy and data protection rights as integral part of human rights protection in cyberspace.

Perry4Law and PTLB believe that Indian government must formulate different laws for privacy, data protection and data security. The IT Act 2000 has already committed the mistake of incorporating all cyberspace related aspects at a single place. This has resulted in a chaos and we have no effective law for any aspect of cyberspace.

Perry4Law and PTLB suggest that India government must formulate separate laws for issues like privacy, data security and data protection.