Privacy 3.0: Unlocking Our Data-Driven Future

by Rahul Matthan

Aadhaar made me wonder whether we are, once again, at one of those crossroads in the evolution of privacy jurisprudence where there is a need to re-examine the laws that currently govern us to see if there might be another, smarter way to protect our personal privacy. To do this I felt I needed to better understand the origins of our current notions of privacy – to see if there is something in its past that will inform its future. This book is the product of that research. It attempts to provide some explanation for how we have come to our current notions of personal space and individual privacy, starting from early human tribes in whose egalitarian social structures privacy was all but non-existent, all the way down to our data-driven present where it seems there is little we can do to conceal our thoughts and actions from those around us.

what does this book have for you?

Kung tribesmen – who were made famous by the movie The Gods Must Be Crazy.

Kung camp was designed to actively discourage privacy.

world’s first copyright law – the Statute of Anne

Warren and Brandeis were by no means the first people to think about the concept of a legal right to privacy.

James Madison, one of the architects of the American Constitution, had tried to articulate something like a right to privacy during his day but found it difficult to express himself in the language

Justice Thomas Cooley, in his Treatise on the Law of Torts, was perhaps the first person to spell it out in language that is used today, saying that ‘the right of one’s person may be said to be a right of complete immunity; the right to be alone’.

Today, data is collected from us in ways we do not fully comprehend.

any business that analysed personal data in order to build a profile of people was, by the very nature of the business, violating the privacy of the people whose data they were processing.

We have already come to believe that the data never lies – so much so that many of our decisions are based wholly on the data that is presented to us. Sometimes that data does lie, either because of input errors or because the analysis of the facts is faulty, but if we have

The earliest data protection law grew out of the report of the HEW Committee in the United States, which recommended the establishment of a Code of Fair Information Practices based on Fair Information Practices Principles

(FIPPS). This Code described how personal data should be handled, stored and managed with the objective of ensuring fairness, privacy and security in the context of new technologies.

the approach that they follow when it comes to matters of data protection is heavily influenced by Lewis Tappan’s original design. This approach continues to affect the manner in which we regulate new technologies such as big data and artificial intelligence.

such a right would make the administration of justice in a country as large as India difficult. This seems to indicate a far greater confidence in the capacity of the state to wield its power fairly and without prejudice to the rights of innocent citizens than one would think was warranted.

in a constitutional democracy, individuals are never completely without recourse. One of the key features of our system of governance is the elaborate checks and balances that have been put in place to ensure that the authority of the state is always kept in check. As a result, even if the state abuses its power to the detriment of individual rights, citizens always have the ability to seek recourse from the independent judiciary against the excesses of the state. Unfortunately, in the case of the right to privacy, it took nearly six decades for the Indian judiciary to finally come up with a comprehensive formulation of the individual’s right to personal privacy.

In India, the Gopalan doctrine, which required that each of the fundamental rights be treated as separate and distinct, had been overruled by the decision in Rustom Cavasji Cooper v. Union of India.6 The judges who decided the Kharak Singh case, with the exception of Justice Subba Rao, had all been following the doctrine that had been laid

whether a statute that allowed the Collector to authorise access to documents that had been placed in the custody of a bank was constitutional or not. The Supreme Court held that the right to privacy embodies within it the right to be protected

if anyone was concerned as to how their data was being used, they could access the National Data Controller Registry and search the database for that controller and find out all the different ways in

reasonably secured against loss, unauthorised access, destruction, use, processing, storage, modification, de-anonymisation, unauthorised disclosure, either accidental or incidental, and all other reasonably foreseeable risks.