Before he steps down as chief justice of India, Dipak Misra is slated to deliver one of the most crucial judgments of his eventful career. The bench he heads will pass verdict on the clutch of petitions that have challenged the constitutional validity of Aadhaar. It will be a defining moment for him, the Supreme Court and a country still struggling to embrace the digital era and the revolution it is spawning. In a sign of the technologically-driven era we are in, the Supreme Court has already delivered a historic answer to a crucial digital-age question: privacy is a fundamental legal right. That earlier stand could influence the way it deals with the legality of Aadhaar, the biometric identification system and its attendant controversies. Digital technologies are increasingly driving revolutionary changes affecting governments, industries, public institutions and individuals. The digital disruption and the issues it raises are not only technological or economic but also legal. In India, the Information Technology Act is the legal umbrella for protection in the digital age but even that falls into the cracks.
Indeed, the superfast technological changes in our lives and our interaction with services, officialdom and digital media begs for a regulatory framework that provides the right environment for technological innovation to grow. The IT Act is the primary law in India dealing with cybercrime and electronic commerce but the birth of the information society gives rise to the question of how laws will adapt and develop in rapidly-changing conditions. New concepts are emerging, demanding new areas of law. The issue of information rights has now become a universal debating point which will present huge demands and challenges for our courts and legal systems. The key issue is whether restrictions on the use of new technologies are necessary to safeguard fundamental rights and human dignity. In India, we are seeing the unchecked rise of digitally endowed fake news and the damage it can cause to institutions and individuals. Banking systems and ATMs are increasingly prone to technological burglary, while corporate rivalry and hacking of computer systems brings its own legal ramifications. Today’s global battles are being fought in cyberspace, along with pilotless drones directed from thousands of miles away, with no clear international law to protect victims.
In India, the Modi government’s decision to create digital lockers for citizens by mandatorily using Aadhaar numbers has been challenged in the Supreme Court. In his petition, Sudhir Yadav appealed against the move, citing the Supreme Court directions for not making the Aadhaar number mandatory for availing of benefits from the government. In Parliament, tech entrepreneur and BJP MP Rajeev Chandrasekhar has pointed out that the IT Act, with its limited data protection and privacy-related provisions, does not provide for an all-encompassing, comprehensive legal framework for privacy and data security. He pointed to “some glaring gaps in the existing privacy in the current legal data privacy protection framework as envisaged under the IT Act”.
Section 43A of the IT Act, he added, only covers narrowly-defined body corporates engaged in commercial or professional activities. Thus, government agencies and non-profit organisations are excluded from the ambit of this section. This is a big hole, he concluded, given that the government is a significant if not the biggest custodian of data relating to citizens. Similarly, the new trend of online contracts and agreements comes with its own set of legal issues. The transforming nature of the digital era poses innumerable challenges to a diversity of areas from copyright laws to pornography, misuse of social media to data protection, intellectual property rights and, of course, privacy. In a borderless and global entity like the internet, regulation is increasingly landing in uncharted legal terrain.