Digital Privacy

A Blog By




GAURAV RAJ BHAGAT
ADVOCATE
HIGH COURT, M.P


THE DIGITAL PERSONAL DATA PROTECTION (DPDP) ACT, 2023: STRENGTHENING PRIVACY & SECURITY IN INDIA AND THE ROLE OF ADVOCATES

 

The Digital Personal Data Protection (DPDP) Act, 2023 is India’s first comprehensive legislation regulating the collection, processing, and protection of personal data. It is a direct result of landmark Supreme Court judgments, particularly Justice K.S. Puttaswamy v. Union of India (2017), which recognized privacy as a fundamental right under Article 21 of the Constitution.

 

While the law empowers individuals with data rights and imposes responsibilities on businesses, its enforcement and interpretation require the active involvement of legal professionals. Advocates play a crucial role in protecting citizens from data misuse, ensuring compliance, and challenging privacy violations in courts.

 


1. The Right to Privacy: Foundation of the DPDP Act

 

Hon’ble Supreme Court of India has repeatedly emphasized the importance of privacy and data protection. The DPDP Act aligns with these judgments:

 

a)   K.S. Puttaswamy v. Union of India (2017) – Privacy as a Fundamental Right

 

  • The 9-judge bench of the Supreme Court unanimously held that privacy is an intrinsic part of Article 21 (Right to Life & Personal Liberty).
  • The judgment highlighted the need for a data protection law to regulate both government and private entities.

 

  • It emphasized informed consent, proportionality, and security as core principles of informational privacy.

 


b)   Aadhaar Case (2018) – Limiting Data Collection

 

  • The Supreme Court restricted private companies from demanding Aadhaar details for services, citing privacy risks.

 

  • It ruled that data collection must be necessary, proportionate, and for a legitimate purpose.

 

Impact on the DPDP Act: These rulings shaped provisions related to consent, data processing limitations, and government exemptions under Section 17.


 

2. Rights of Individuals & Legal Remedies – Sections 11 to 15

 

The DPDP Act grants individuals several rights to control their personal data, and advocates play a crucial role in enforcing these rights through legal mechanisms.

 

a)   Right to Access Information (Section 11) – Role of Advocates

 

  • Individuals have the right to know what data is collected and how it is used.

 

  • Advocates can file legal notices under this section if businesses fail to disclose data usage details.


 

b)  Right to Correction & Erasure (Section 12) – Advocates Ensuring Compliance

 

  • Individuals can demand correction or deletion of inaccurate data.

 

  • Legal professionals can file complaints with regulatory bodies or courts if companies refuse to correct or erase data.

 


c)   Right to Consent & Withdrawal (Section 13) – Advocates Challenging Unlawful Data Collection

 

  • Individuals have the right to withdraw consent at any time.

 

  • Advocates can challenge companies misusing personal data without consent in courts and consumer forums.

 


d)  Right to Grievance Redressal (Section 14) – Advocates Representing Clients

 

  • If a company violates privacy rights, individuals can approach the Data Protection Board of India (DPBI).

 

  • Advocates help draft legal complaints, represent clients before the DPBI, and challenge DPBI orders in High Courts or the Supreme Court.


 

e)   Right to Nominate (Section 15) – Digital Succession Rights

 

  • Individuals can nominate a legal heir for managing their data after death.

 

  • Advocates assist in drafting wills, data inheritance clauses, and legal disputes over digital assets.

 


3. Responsibilities of Businesses & Role of Legal Experts – Sections 5 to 9

 

The DPDP Act requires businesses to handle personal data responsibly, and advocates help ensure compliance or challenge violations.

 


a)   Data Collection & Purpose Limitation (Section 5) – Ensuring Transparency

 

  • Companies must only collect necessary data for a legitimate purpose.

 

  • Advocates can file cases under the Consumer Protection Act if companies collect excessive or unnecessary data.

 


b)  Data Security Obligations (Section 6) – Fighting Data Breaches

 

  • Companies must implement strong cybersecurity measures.

 

  • If a data breach occurs, advocates can file lawsuits for compensation under the IT Act, 2000.

 


c)   Data Deletion & Retention (Section 7) – Advocates Helping Consumers Remove Data

 

  • Companies must delete personal data once it is no longer needed.

 

  • Advocates can file petitions before consumer forums and courts if companies retain personal data unlawfully.

 


d)  Reporting Data Breaches (Section 9) – Holding Companies Accountable

 

  • Organizations must report data breaches immediately.

 

  • Legal experts help victims seek damages for data leaks affecting financial or personal security.

 


4. Government Exemptions & Advocates Fighting for Privacy – Section 17

 

The DPDP Act grants broad exemptions to the government, allowing data processing without consent for national security and public interest. However, advocates play a vital role in challenging unconstitutional surveillance.

 


a)   National Security & Law Enforcement Access

 

  • Section 17 allows the government to collect personal data without consent for reasons such as:
    • National security
    • Public order
    • Criminal investigations

🔹 Legal Concerns:

  • Advocates can file Public Interest Litigations (PILs) challenging mass surveillance programs like:
    • Aadhaar data tracking
    • Facial recognition databases
    • Pegasus spyware scandal

🔹 Supreme Court Precedent:

  • In Puttaswamy (2017), the Court ruled that privacy can only be restricted if there is a valid law, a legitimate aim, and proportionality.

 Role of Advocates:

  • Lawyers can challenge excessive government surveillance before the Supreme Court or High Courts.
  • They can demand greater transparency and judicial oversight for data collection by intelligence agencies.

 


5. Penalties & Legal Recourse – Section 25

The DPDP Act introduces heavy fines for privacy violations, and advocates help individuals and businesses navigate legal actions.

Violation

Penalty (up to )

Role of Advocates

Failure to prevent data breaches

250 crore

Filing compensation claims for affected users

Processing personal data without consent

200 crore

Challenging unlawful data processing

Failure to report a data breach

150 crore

Ensuring compliance & legal action

Sending spam messages without consent

50 crore

Representing consumers in legal disputes

 

6. Conclusion: Advocates as Guardians of Digital Privacy

The Digital Personal Data Protection Act, 2023 is a significant step toward safeguarding privacy in India. However, its effective implementation depends on legal professionals who can ensure compliance, challenge violations, and fight for individual rights.

 

Key Roles of Advocates in Data Protection:

(i)          Filing cases against privacy violations.

 

(ii)       Representing clients before the Data Protection Board of India (DPBI).

(iii)     Challenging excessive government surveillance.

(iv)      Assisting businesses in compliance to avoid penalties.

(v)        Seeking compensation for victims of data breaches.

 

As digital privacy laws evolve, advocates must stay at the forefront, educating citizens, shaping legal interpretations, and holding violators accountable.

 

 

Comments

Post a Comment

Popular posts from this blog

Digital Speech Controversies & Legal Implications

Image
    A Blog by                                                      GAURAV RAJ BHAGAT   Advocate   High Court, M.P  1. Understanding Digital Speech In today’s interconnected world, digital speech refers to the expression of thoughts, opinions, beliefs, and emotions through digital platforms like social media (Instagram, X/Twitter, Facebook), blogs, forums, and messaging apps. It is a modern extension of the constitutional right to freedom of speech and expression. Digital speech plays a vital role in shaping public opinion, promoting activism, and enabling free discourse. However, when unregulated or misused, it can also trigger legal challenges, hate speech allegations, and even criminal liability. 2. Overview of Recent Digital Speech Controversies in India India has witnessed multiple high-profile cases involving digital sp...
Read more

MAJOR PROBLEMS FACED BY RESIDENTS IN COLONIES IN BHOPAL: SOLUTIONS

Image
           Visit www.intellisollegal.co.in            For instant Advise Call 9131010035 A BLOG BY GAURAV RAJ BHAGAT ADVOCATE HIGH M.P To know more about the Writer Click here  Bhopal, the capital city of Madhya Pradesh, has seen significant urban growth in recent years. As a result, many residential colonies in the city face a variety of challenges that impact the quality of life for their residents. Some of the major problems commonly faced: INFRASTRUCTURE ISSUES (a)    (a)          Poor Road Conditions: Many colonies suffer from poorly maintained       roads with potholes and uneven surfaces, which can lead to accidents and vehicle damage.   (b)    Inadequate Drainage Systems: Inefficient drainage systems often result in waterlogging during the monsoon season, causing inconvenience and potential health hazards.   (c)  ...
Read more