The concept of digital privacy jurisprudence has majorly evolved from the judicial precedent laid down by the Hon’ble Supreme Court of India in Justice K. S. Puttaswamy (Retd.) v. Union of India, (2017) 10 SCC 1. It took no time for the judgment to become a key source for demanding clear and citizen-centric legislations from the Parliament for responsible use of digital personal data since digital technologies of communication, data storage and surveillance had become a part of citizens’ everyday life. Parliament acknowledged the inherently transglobal and multijurisdictional nature of digital data and cybersecurity concerns related to the invasion of digital privacy in the 21st century to frame essential safeguards that are required for protecting digital personal data. Maintaining the confidentiality of digital data became a subject matter of discussion at the Union Parliament and Legislative Assembly.
Parliament’s journey continued to enact dedicated legislation for safeguarding confidentiality and protecting the digital personal data of citizens. The serendipity offered by the Hon’ble Supreme Court of India on the Indian Constitution in Puttaswamy case paved way for Parliament to comprehend the varied roles the concept of privacy found under Article 21 played and subsequently the Parliamentary enacted Digital Personal Data Protection Act, 2023 (DPDP Act) and Digital Personal Data Protection (DPDP) Rules, 2025 came into force to protect individuals fundamental rights and lawful digital data processing embracing the “Right To Privacy”. Combined reading of the Act and the Rules legislatively provides a citizen-centric framework for the responsible use of digital personal data. Per se, Indian citizens’ demand for socially important privacy protections and confidentiality of digital data is eventually at ease.
At present, digital data privacy laws and regulations highlighted in the preceding paragraphs enacted by the Indian Parliament are at par with the globally accepted digital data protection legislative regimes. In any event, the Hon’ble Supreme Court of India is urged to enlighten the countrymen with significant expansion of digital data protection legislative schemes beyond Parliamentary limits through constructive interpretation of the statutory provisions expressly mentioned under the DPDP Act and DPDP Rules, 2025. For inviting contrast and comparison, between “STOP. THINK. CONNECT”; a national awareness campaign initiated in the United States of America (U.S.A.), aimed to resolve cyber security threats in the U.S.A. a public awareness campaign program that was introduced to empower citizens to be safeguarded in cyber space by Barack Hussein Obama’s administration with the Department of Homeland Security (DHS); and our own “CYBER JAAGROOTKTA DIWAS”; wafted by the Ministry of Electronics and Information Technology (MeitY), spread headed through Information Security Education and Awareness (ISEA) programme; in collaboration with Indian Computer Emergency Response Team (CERT-In) and the Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs (MHA), had already been initiated to notify citizens that cyber security is a shared responsibility.
By:
Dr Nityash Solanki
Assistant Professor of Law,
Asian Law College