Latest news with #SubhashChandraAgarwal
Hans India
30-07-2025
- Politics
- Hans India
Justice Shah is right: Don't threaten investigative journalism with data laws
Any democracy thrives on an informed citizenry. The freedom of speech and expression, enshrined in Article 19(1)(a), is not just the right to speak, but also to seek, receive, and disseminate information. Judicial observations in support of Article 19 and RTI: The Supreme Court in Indian Express Newspapers v. Union of India (1985) and Secretary, Ministry of I&B v. Cricket Association of Bengal (1995) emphasized that freedom of the press and citizens' right to information are essential to democracy. Section 44(3) of the DPDP Act, by making it easier to deny access to information, indirectly curtails this fundamental right. This has deep implications not only for journalists but also for whistle-blowers, civil society watchdogs, researchers and citizens participating in public life. Several courts have reiterated the primacy of the RTI Act in ensuring good governance: In the Central Public Information Officer, Supreme Court of India v. Subhash Chandra Agarwal (2019), the Supreme Court held that even the office of the Chief Justice of India is not beyond the scope of the RTI Act, showing the judiciary's support for transparency. In Girish Ramchandra Deshpande v. Central Information Commissioner (2013), the Supreme Court laid down that personal information can be denied under RTI only if it does not serve any public interest—a standard that may now be diluted. AP Shah writes to Govt: Recently, in a letter addressed to the attorney-general, minister of law and justice, and the minister for electronics and information technology, former Chief Justice of Delhi High Court, A.P. Shah said Section 44(3) of the Digital Personal Data Protection Act, 2023, should be immediately repealed. Shah was the chairman of the group of experts on privacy in 2011-2012 and served as the former Chief Justice of the Delhi High Court from May 2008 to February 2010. Harmonising privacy and transparency: The conflict privacy and the right to know is not a matter of choosing one over the other. Both are fundamental rights. The real challenge lies in harmonizing them, rather than letting one eclipse the other. For a democracy like India, where public trust in institutions is fragile, the RTI Act is not just a tool but a lifeline for participatory governance. Section 44(3), in its current form, threatens to break that lifeline. The government must reconsider the amendment. It should restore the public interest test, clearly define personal data and ensure that the Right to Information remains strong and enforceable, even in a privacy-conscious digital age. Only then can India truly uphold the values enshrined in its Constitution—transparency, accountability, freedom and dignity. The country stands at the constitutional crossroads, where the Right to Privacy and the Right to Information (RTI)—both integral to a democratic society—are increasingly in conflict. Although this is not a new development, the fact is that it has gained sharp focus after the enactment of the Digital Personal Data Protection (DPDP) Act, 2023, especially with its controversial Section 44(3). This provision amends Section 8(1)(j) of the RTI Act, 2005, tipping the delicate balance in favour of privacy, at the cost of transparency and citizen empowerment. Not a shield for opacity: Justice A.P. Shah's letter rightly points out that privacy cannot become a shield for opacity, especially in a country where misuse of power is rampant and the demand for accountability is growing. Similarly, citizens must not be made powerless in the face of expanding state control. While the objective of protecting personal data in the digital age is legitimate and constitutionally backed by the Supreme Court's landmark Puttaswamy judgment (2017), legal experts, retired judges, and civil society groups are sounding the alarm. Justice A P Shah, who was the chairperson of the Expert Committee on Privacy (2011-12) has gone on record urging the government to repeal Section 44(3). This author, in earlier articles, consistently cautioned against the dilution of RTI provisions and examined the advantages and disadvantages of this legal development, as well as the impact of the tension between privacy and information access on India's democratic landscape. Pros of Section 44(3)-A case for privacy: 1. Strengthens Data Protection Section 44(3) of the DPDP Act must be seen in the context of a growing global concern for individual privacy. In the Justice K.S. Puttaswamy v. Union of India (2017) case, the Supreme Court declared that privacy is a fundamental right under Article 21 of the Constitution. The judgment stressed that in a digitally networked world, individuals need constitutional safeguards against the misuse of their personal data. By amending the RTI Act to restrict access to what is deemed 'personal information,' the DPDP Act aligns Indian law with global data protection norms like the General Data Protection Regulation (GDPR) of the European Union. 2. Prevents misuse of personal information The amendment seeks to protect public servants and private individuals from the unnecessary exposure of personal details—such as health records, income data, or family information—that may not have any bearing on their public roles. Misuse of such data can lead to identity theft, harassment or reputational damage. 3. Ensures data sovereignty India is increasingly moving toward a data-sovereign digital framework, where data is not just seen as private but as a national asset. By ensuring that sensitive data does not fall into unauthorized hands, the DPDP Act contributes to this vision. Cons of Section 44(3)-Blow to transparency and accountability: 1. Weakens RTI and citizen empowerment The RTI Act, passed in 2005, has been one of the most transformative laws in India's democratic history. It has empowered ordinary citizens to ask questions of the government and access information that holds public authorities accountable. Over the years, it has been instrumental in exposing scams, corruption, inefficiencies, and arbitrariness. Section 8(1)(j) of the original RTI Act allowed information to be withheld only if it was unrelated to public activity or interest, unless a larger public interest justified its disclosure. However, the amended provision under the DPDP Act omits the balancing test of public interest and allows a blanket denial of personal data. This could include even data on civil servants' performance, misuse of office, or conflict of interest, effectively shielding public functionaries from scrutiny. 2. Threat to investigative journalism Journalists often rely on RTI to gather information on government functioning, irregularities, and decisions affecting the public. Limiting access to information under the cover of 'personal data' will impair the media's ability to investigate, report, and question those in power. This directly undermines Article 19(1)(a) of the Constitution, which guarantees freedom of speech and expression, including the right to know. In S.P. Gupta v. Union of India (1981), the Supreme Court clearly stated that the right to know is derived from the right to free speech, reinforcing the idea that information is the currency of democracy. 3. Vague and overbroad definitions The DPDP Act does not clearly define the boundaries of what constitutes 'personal data' that must be protected, leaving the door open to arbitrary interpretation. For instance, details like travel expenditure of a minister, foreign trips of officials, or performance appraisals can now be termed personal, despite being directly tied to public office. As this author earlier articles pointed out, such legislative ambiguity makes it easier for bureaucrats to stonewall legitimate RTI queries and undermines the very culture of openness that the Act sought to instill. 4. Undermines the public interest doctrine One of the core safeguards in the original RTI Act was the public interest override, where information otherwise exempt could be disclosed if it served a larger public cause. The amendment to Section 8(1)(j) effectively removes this test, thereby shifting the balance of power back to government authorities, weakening public oversight. (The writer is a Former CIC and Advisor, School of Law, Mahindra University, Hyderabad)
Indian Express
25-04-2025
- Politics
- Indian Express
Opinion How an amendment to the Data Protection Act puts the Right to Information at risk
For over a month now, 30-plus civil rights organisations such as the Mazdoor Kisan Shakti Sangathan (MKSS), Common Cause, the National Campaign for People's Right to Information (NCPRI), Satark Nagrik Sangathan (SNS) and the Internet Freedom Foundation (IFF) have been raising an alarm about the dilution of the Right to Information (RTI) Act, 2005 through the amendments introduced in the Digital Personal Data Protection Act, 2023 (DPDPA). The abovementioned dilution is the amendment to Section 8(1)(j) of the RTI Act through Section 44(3) of the DPDPA. Section 8(1)(j) of the RTI Act, as it stands now, exempts disclosure of information if it causes 'an unwarranted invasion of privacy'. A disclosure of personal information that may infringe one's privacy can only be made if 'a larger public interest justifies the disclosure of such information'. Section 44(3) proposes to change this provision to only say 'any information which relates to personal information'. This means there will be a blanket restriction on disclosure of 'any personal information' through the RTI Act. This is a significant departure from jurisprudence on transparency in other jurisdictions that have robust data privacy laws such as the European Union and the UK. The amendment also flies in the face of the Supreme Court's settled principle on the necessity of balancing the right to transparency that flows from Article 19(1)(a) of the Constitution and the right to privacy which has been held to be an inherent part of Article 21 in the case Central Public Information Officer, Supreme Court of India v Subhash Chandra Agarwal. There are many immediate and obvious concerns about the impact of such an amendment. For example, past successes through RTI investigations to ascertain businesses that may have profited from public sector procurement or verifying beneficiaries could be impossible after the amendment is enforced. However, there is an unusual twist to the story. While the DPDPA envisions protecting the privacy of those in power, the applicants who seek information through the process must be utterly transparent with the powers that be. Section 6(1) of the RTI Act provides a statutory right to citizens to file RTI request applications in electronic form. In 2023, the Supreme Court held that this means that all states, Courts and Union Territories must have an RTI web portal. In 2025, the states of Sikkim, Nagaland and Manipur made their RTI web portals. However, the web portals are so designed that they seek mandatory disclosure of Aadhar card, or other identity proof. While Bihar and Odisha have had RTI web portals since before the Supreme Court's Order; they also make Aadhaar card or identity proof disclosure mandatory on their websites. For anyone who has visited the Wikipedia page for 'Attacks on RTI Activists in India', this is a cause for immediate concern. However, the concern becomes amplified in light of an Office Memorandum (OM) issued by the Department of Personnel and Training (DoPT) under the Ministry of Personnel, Public Grievances and Pensions on June 20, 2017, stating: 'the personal information details like Aadhar no. should not be asked for while handling applications.' To make matters worse, the Central Information Commission ('CIC') observed in Vishwas Bhambhurkar v Public Information Officer that 'denial of information for lack of Aadhaar card will be a serious breach of right, which was guaranteed by the RTI Act and amounts to the harassment of the applicant'. In light of the CIC's judgment and the DoPT's OM, mandating Aadhaar cards for RTI applications is a serious breach of privacy. This has not stopped the developers of the RTI web portals of Nagaland, Manipur, Sikkim, Bihar or Odisha from indulging in this practice. Among the five, Sikkim stands out as the only website designed by the National Informatics Centre, Sikkim. A body directly affiliated with the Ministry of Electronics and Information Technology should have even less of a reason to plead ignorance of a seven-year-old OM from another central ministry in relation to this issue. One would be hard pressed to find a good reason for any of the state governments to plead ignorance on an OM specifically issued with instructions on the process of filing RTI applications, while making a web portal for filing the applications. However, the most unusual of the privacy concerns arise from the RTI web portal for Punjab. The state of Punjab mandates that a user must share their device location in order to be able to log into the RTI web portal. This mandatory sharing of location could very well violate the fundamental right to privacy recognised by the Supreme Court in K Puttaswamy v Union of India. In Puttaswamy, the Supreme Court has clearly stated that 'any infringement on privacy of an individual must pass the three-fold test of legality, necessity and proportionality'. It is difficult to imagine that a demand for device location data passes the proportionality test, specially paired with the 'take it or leave it' manner in which it is provided. It certainly is concerning that disclosure of device location is made mandatory to avail a statutory right. The Punjab RTI web portal's privacy policy is also a significant departure from the other RTI web portals in the country. The portal reserves the right to gather certain information about the user, such as 'IP addresses, domain name, browser type, operating system, the date and time of the visit, etc.' The website does claim however, that it does not process this data unless an attempt to damage the site has been detected. Most peculiarly, the government also states that access to this data can be provided to 'regulators, law enforcement or any third party' at government's complete discretion. The silver lining here is that the issue of unwarranted invasions of privacy on RTI web portals is limited to Punjab, Odisha, Bihar, Nagaland, Sikkim and Manipur. However, it is worth noting that nearly every RTI web portal in the country is incomplete in its onboarding of all public authorities. Which means that certain authorities can only be contacted through physical applications, submitted in person or by post. Hence, demands for identity proofs by PIOs (public information officers) could largely be undocumented in these cases. This demand for identity proof practice may even be entirely undetectable, unless a wide-scale inspection of the practice is addressed by State and Central Information Commissions in the annual reports. As of date, the Annual reports published by the CIC and the SICs are entirely silent on this issue. The hope is that someday governments at the centre and the state will be uniform in the applicability of transparency laws and in upholding the privacy of applicants exercising their fundamental and statutory rights.
