Header image alt text

Naavi.org

Building a Responsible Cyber Society…Since 1998

Currently GDPR and Aadhaar are both hot subjects for discussion amongst professionals whether they are Privacy activists, Information Security professionals or Lawyers.

GDPR is at one end of the spectrum often looked upon by Privacy activists as the ultimate in Privacy Protection legislation. Aadhaar on the other hand is at the other end of the spectrum often looked upon as the greatest villain in Privacy breach in India.

The Supreme Court of India continues to hear the petition of Privacy Activists who are more concerned about the political damage they can create on the Government by attacking Aadhaar than any public good.

There appear to be some foreign technical persons calling themselves “Ethical Hackers” who are camping in India to hack into Aadhaar data and prove that Aadhaar is the epitome of Privacy invasion in India. It is not clear where motivation comes to these persons and whether they are motivated by their commitment to the Privacy of the Indian Citizen or committed to the political advantages that can accrue to Black Money owners in India if the present intentions of the Government to link Aadhaar to Mobile and Bank accounts is frustrated through intervention from the Supreme Court

We the Indians are aware that even Supreme Court is having its own agenda and many times takes decisions which are “TRP oriented”. The Privacy judgement, the Scrapping of Section 66A are examples of decisions where the Court has shown its inclination to come to conclusions based on the public perception that can be created about the “Progressive Views of the Judiciary”.

In this context it is essential for us to examine how does GDPR try to address the issues of Privacy in the context of Public interest, National Security and Journalistic freedom.

Chapter IX of GDPR  refers to “Provisions Related to Specific Data Processing Situations” and sets in the rules regarding processing of personal data in the context of Right to Freedom of Expression and other issues including “Processing of National Identification Number”.

Article 85 of GDPR  leaves it to member states to reconcile by law the right to protection of personal data pursuant to GDPR with the right to freedom of expression and information including processing for journalistic purposes and the purposes of academic, artistic and literary purposes.

Article 86 refers to personal data in official documents held by a public authority or a private body for the purpose of carrying out an activity in the public interest which may be disclosed under a Right to Information kind of law.

As one can appreciate, the canvas to define exclusion under Article 85 and 86 is fairly wide and if we take this as a guide for the Indian context where we are waiting for our own Data Protection law, there is enough scope to consider that our existing laws including the Right to Information Act can be considered as an automatic exclusion to GDPR.

Article 87 is interesting since it directly relates to a situation similar to Aadhaar. It states as under:

Article 87: Processing of the national identification number

Member States may further determine the specific conditions for the processing of a national identification number or any other identifier of general application. In that case the national identification number or any other identifier of general application shall be used only under appropriate safeguards for the rights and freedoms of the data subject pursuant to this Regulation.

This article provides complete rights to member states to over rule GDPR when it comes to processing of national Identification Number or any other identifier of general application. Obviously, “Appropriate safeguards” are prescribed.

This article provides guidelines both to Indian Companies who are often over reacting to the GDPR  by imposing on themselves non existing restrictions on to what extent the local regulations may over ride GDPR and yet it can be considered as “GDPR Compliance”.

If the member states of EU themselves have the freedom to enact laws that may over ride EU, it is obvious that an independent sovereign country like India where in most cases, the GDPR application is through the contracts between the Data Controller in EU and a Data Processor in India, the local laws such as Information Technology Act 2000/8 will have paramount priority over and above GDPR.

I therefore caution Indian Companies that in their eagerness to be GDPR compliant, they should not ignore the need to be ITA 2008 compliant.

We need to build GDPR Compliance within the parameters of ITA 2008 compliance. Fortunately, ITA 2008 is eminently designed for such requirement since Section 43A and definition of “Reasonable Security Practice” accommodates such contracts as defining the security requirements for compliance. The only difference would be that the remedy may have to be sought under ITA 2000/8 read along with international treaties and laws applicable to international contracts. GDPR cannot be super imposed in derogation of these other remedial options.

The second aspect we need to take note from Article 87 is that even the rigorous GDPR regulation on Privacy provides for an exception of National Identification Number in the EU member countries. Hence the Indian Data Protection Act can also exempt the processing of Aadhaar data from the restrictions.

The Supreme Court should therefore take cognizance of this fact and donot make the mistake that they committed in scrapping of Section  66A of ITA 2008 while ruling on Aadhaar.

Linking of Aadhaar to Bank accounts and to Mobile is a requirement of public interest to prevent Black Money, Benami transactions as well as Terrorism and Crimes and the right of the Government to use the National Identification Number such as Aadhaar for such purposes cannot be curtailed by the Court without taking on the blame that the decision is meant to please the silent majority of anti nationals who advocate that Aadhaar has to be scrapped.

The above support for Aadhaar is however not in derogation of the requirement that there has to be adequate safeguards to secure the Aadhaar usage in a manner that it cannot be misused to commit crimes. It is in this context that the “Virtual Aadhaar” becomes most important as a security measure so that at least in the future “Stored Biometric Attacks” through the Aadhaar user agencies does not occur.

My support for Aadhaar above also does not mean that Aadhaar authorities are taking all steps that are necessary for securing the infrastructure of Aadhaar and that they are not arrogant and not dismissive of the risks.

It is however considered that Aadhaar linking to Financial information and identity of individuals to several activities is essential to build a Safe India and no legal hurdle should be placed to prevent this honest effort of the Government. The security concerns are however real but can be addressed if UIDAI makes full efforts in this regard.

The first thing UIDAI needs to check is the progress of the Virtual Aadhaar implementation. The system should be in trial operation by 1st of April and in mandatory operation by 1st of July.

While some data security organizations in India are busy conducting surveys on our GDPR preparedness, UIDAI itself or other data security organizations should focus also on conducting a survey on our preparedness for implementation of Virtual Aadhaar as an identity to replace Aadhaar identity by Banks and Mobile operators.

Naavi

In the case of Justice Loya’s death due to heart attack, many senior advocates like Mr Dushyant Dave and Indira Jaisingh as well as politicians like Mr Rahul Gandhi are complaining that an enquiry needs to be ordered under the supervision of the Supreme Court. Common Citizens perceive that there is a political conspiracy in this complaint so that they can then hold their gun at the head of Mr Amit Shah and say that he is a suspect and therefore should not be MP etc.

Similarly the Aadhaar case is another case before the Supreme Court where there appears to be a conspiracy to some how derail the intention of the Government to use Aadhaar identity to prevent Black Money Transactions and benami Property holdings. It is very clear to common citizens that the intense opposition to Aadhaar linking to financial information is because it will make it difficult for Black Money holders to keep Benami Bank accounts and Properties.

To sustain their argument, people are complaining that “Aadhaar infringes the fundamental right of Privacy”, “Aadhaar creates a Sureveillance State” etc.

There is no doubt that the Privacy Judgement under the Puttaswamy judgement was expected to help the Anti Aadhaar lobby and hence there was a fight within the Judiciary to fix the bench. Now that the CJI has not allowed it to happen, the politicians are trying to impeach the CJI himself.

All these developments confirm my doubt that there is a serious conspiracy behind this “Aadhaar is un-constitutional” petition led by the Black Money supporters and this is a fight between the honest citizen of India and the Benami property holders. The Privacy arguments are only a cover for ensuring that the Benami property and Black Money owners can enjoy their ill gotten wealth as they were used to in the pre-Modi days.

There was a strange argument presented today as indicated in an affidavit now in the public domain.

According to the afidavit,

1.the  project poses a constitutionally impermissible danger to citizens’ basic civil liberties including their privacy”.

2. “this project is highly imprudent, as it throws open the clear possibility of compromising basic privacy by facilitating real-time and non-real-time surveillance of UID holders by the UID authority and other actors that may gain access to the authentication records held with the said authority or authentication data traffic as the case may be.”

3. it is quite easy to know the location and type of transaction every time such authentication takes place using a scanner for fingerprints or iris and the records of these in the UID / “Aadhaar” database.

4.  it is not dissimilar to knowing the place from where a person made a call using his / her mobile phone. Just as the mobile phone connects to a tower from where the phone signals are sent to other towers and the servers of the mobile phone companies, biometric scanners also have SIMs and IP Addresses to locate the place from the transaction took place and its nature. Any administrator of the UIDAI server or any employee or other person with access
to transaction data, with a little help from the servers (Authentication User Agents and Authentication Server Agents, as they are called in UIDAI literature), through which authentication request is sent to the UIDAI, will be able to track the transaction and the person carrying out the same.

5. that UIDAI recommends that each point of service device i.e. the device from which an authentication request emanates, register itself with the UIDAI and acquire for itself a unique device id, which shall then be passed to the UIDAI along with the request for every authentication transaction. I state herein that the said method of uniquely identifying every device and being able to map every authentication transaction to be emanating from a unique registered device, further makes the task of tracking down the exact location and place from which an authentication request emanates easier.

6. a centralized database has the problem that once hacked all data can be lost. Specifically, consider if the Army personnel use this as an authentication mechanism before getting their salaries. The location from which they authenticate can be found as it will be done via a scanner which has an IP address / is on a mobile internet. From the tower to which the scanner connects via its SIM card, its location can be found. This data will be available in the
logs of the Aadhaar system. Any compromise of the Aadhaar system means that the hackers can know the exact location of each army personnel of the country at the time when they take their salary. This can be a big risk to national security, and this is just one example as to why it is, in my opinion, imprudent to use such a system.

I am sorry to say that the above arguments are contrived and cannot be considered as valid arguments to oppose Aadhaar.

My doubts arise from the following.

  1. “Privacy” is a loosely used fig leaf to cover the need for “Secrecy” by the anti-Aadhaar lobby. Just as we say “Your freedom to extend arms ends at the tip if the nose of the neighbor”, the “Right to Privacy” of one person ends with the “Right to Security” of the other person. Though the Supreme Court says that Right to Privacy is a “Fundamental Right”, it can only be a right with a lower priority to “Right to Security”.

If Security is not available to a nation, it cannot sustain democracy and protect the Right to Privacy where it is required. Aadhaar is only an identity that holds certain information of the citizens so that the State can know who its citizens are and whether they pose any threat to the security of the nation. (which includes prevention of looting of public money with duplicate employment records or ration card records). National security is therefore paramount and even the “Right of Privacy” has to voluntarily yield to the “Right to Security”.

It is therefore wrong to call Aadhaar as posing a “Constitutionally impermissible danger” to citizens”. As a citizen of India I abhor those who hide their identity and hold benami properties, black money, Bitcoins etc. The Supreme Court has to uphold my “Right to Know exercised through the Government” as much as the “Right to remain secret” which others want the Court to protect.

It would be a challenge for the Supreme Court to demonstrate if it is with the honest citizens of India or it sides with the dishonest citizens of India under some technicalities of protecting the Right to Privacy.

2. The charge that “Other actors” may gain access to the authentication records or data traffic to facilitate “Surveillance” is a speculation. In fact this is true of any activity of a Citizen. If some body is reading this article on the web, it is possible for the ISP to track the activity along with the location from which the person is accessing the web. What is special therefore to blame Aadhaar except to mislead the Court because the petitioner may think the Judge does not know technology so that any claim even if false can be pressed.

3.  If the records of the  finger print scanners can be accessed, it is possible to trace the location of the transaction is no rocket science.

4. As the petitioner himself agrees, this is not dissimilar to the Tower data of a mobile call which if properly analyzed, can trace a person within say 3-5 meters. This does not require Aadhaar at all.

Google earth can have a high resolution image which can identify a person moving around on the street from far above the sky. A person with a google glass can scan the credentials of a passer by instantly. An RFID scanner can scan your credit card even when it is inside your pocket.

While all these are acceptable to the Anti Aadhaar lobby, Aadhaar alone seems to be unacceptable because it is the Modi Government which can take the data if it wants.

This is a purely political opposition to the current Government and not based on any logical consideration. If one is concerned about privacy, we need to stop using mobile and live in a cocoon.

Why do such persons want any benefits of being a Citizen?. Let them not have a Bank account. Let them not have ration cards. Let them live as a hermit lives.

It is dishonest of these persons to ask for all the privileges of being a citizen of India including being protected from a terrorist attack or a Cyber crime attack but they themselves should be out of gaze of any law enforcement authority.

Supreme Court should recognize the inherent dishonesty of these anti-Aadhaar lobby and call the bluff.

5. The registration of the Access devices involved in Aadhaar authentication is a critical security requirement and I donot know how security specialists can oppose this feature. In fact, I am of the opinion that these devices should be made in India by an authority like BEL which manufactures EVMs and made as a tamper proof hardware that will self destruct if any attempt to tamper them is made.  Registration per-se is not some thing that can be objected to.

The petitioner repeatedly qualifies that the security can be compromised with “little help” from insiders. Yes every system can be compromised if an insider provides the “little help”.  What we need is to design the security systems with the knowledge of this possibility.

6. The reference to the army personnel being at risk because he draws his salary with aadhaar authentication is funny. Will the enemy target a specific soldier who is in the administrative office drawing salary?. If he has to be tracked, is it not better to intercept the radio messages or personal mobiles than looking for Aadhaar data?

Overall the petition and the affidavit to my mind appear a weak attempt to mislead the Supreme Court. If we follow the questions made by the judges during the proceedings, it appears that they are more aware than what the petitioners think about the ulterior motive of Aadhaar baiters and would not fall for their tricks.

The above argument does not mean that we are not advocating better security for Aadhaar. Yes better security is required. There has to be checks and balances for preventing misuse. But the security specialists are not helping the Government to fortify the security and at the same time UIDAI is not able to win over a large part of security professionals so that they provide positive suggestions.

There could be many reasons why security professionals are not on the side of UIDAI and we have highlighted it several times in this site. But now it is like war time.

All good intentioned citizens need to fight the anti-Aadhaar lobby which is trying to get Aadhaar being rendered impotent. We can forget the arrogance of UIDAI and defeat the nefarious designs of the Black Market community of India. We can then continue to argue with UIDAI about how the security can be improved.

Naavi

 

The 4 judges who held an unprecedented press conference which many agreed has tarnished the image of Judiciary in India stated that their “Irreconcilable disagreement with the CJI” was based on the allocation of cases to different benches which was arbitrary and overlooked the “Seniority” of the judges. Since the judges have appealed to the nation to “Protect Democracy”, I as a citizen need to make out some points.

The Justice Loya death case appears to be the most disturbing case as far as the advocates such as Indira Jaisingh and Dushyant Dave are concerned and since Justice Gogoi seems to agree, we can accept that the four judges want this case to be heard before them and not under some other “Junior” judge.

It is another issue why these judges want this case only before them and donot trust the other judge. One interpretation of this is that by admitting the case, they could have embarrassed Mr Amit Shah to say that there is potentially a “Murder” charge being investigated by the Court which could consider him as a “Suspect” and when the CJI frustrated this plan, they lost their cool and held the press conference.

Additionally, it appears that the other most sensitive case now before the Supreme Court is the Aadhaar case where the “Constitutional Validity” of the system is in question. The intention of the Supreme Court was some what evident when during an earlier hearing, the Government brought an argument that “Privacy is not a fundamental right”, it jumped to constitute a 9 member bench under the previous CJI Justice Kehar and quickly brought out a 547 page judgement for a single line order “Privacy is a fundamental right under article 21 of the Indian constitution”. This defeated the argument of the Government and strengthened the argument for scrapping aadhaar. if done, the opposition can use it for embarrassing the Government much more than the GST issue.

Besides the opposition wanted to preserve their “Benami” properties which Modi was threatening to identify by making it mandatory to link property registration with Aadhaar. I feel this was more critical than the Justice Loya’s case.

The opposition felt that if the bench hearing Aadhaar can be managed by pliable jduges, they could get Aadhaar scrapped and it would be the biggest coup before 2019 elections.
Unfortunately, it appears that Justice Dipak Mishra is again frustrating them by denying an opportunity for these judges to be on the bench which can scrap Aadhaar. CJI perhaps feels that these judges may have a conflict of interest with their relationship with Mr D Raja, Mrs Indira Jaisingh, Mr Dushyant Dave etc., as regards the Aadhaar case and hence cannot be on the bench hearing any case in which there would be a strong anti-Government sentiment.

We must appreciate the vision of the CJI in this regard.

If these judges with conflict are not involved in the Aadhaar case, it would be better since the case can be decided purely on merits and not on preconceived notions of the senior judges.

Aadhaar is therefore the key to what appears to be an unprecedented move of the 4 senior judges to take on the CJI to the extent that media already started talking of his possible impeachment. They are now disappointed that the coup attempt has failed at least for the time being.

In one of the online surveys 69% respondents held them wrong and in a way “Impeached them in public perception”. This is the people’s verdict they wanted during the press conference and they should respect it.

I anticipate that out of the four at least one of them may decide to resign to uphold the principles that he wanted to demonstrate by the uprising to protect democracy. Will it be Mr Chelameshwar? or some body else?… we need to wait and observe.

Naavi

The Four judges of Supreme Court who recently held a press conference appealed to the public through the media with a request ‘please take care of the institution and take care of the nation’. The judges namely Justices Chelamaeshwar, Rajan Gogoi, Madan B Lokur and Jurien Joseph were complaining that the Chief Justice as “Master of the Roaster” is actually behaving as a “Master” and he should not do so. They said that their efforts to make him allocate sensitive cases only amongst the top 5 judges were not being heeded and some cases are being allocated to the junior judges.

The revolting judges agreed that this was an unprecedented situation and they wanted to go through this exercise as otherwise history would accuse them of having sold their souls.

The conference itself was held very clumsily. The judges did not have the press release nor a proper statement to be handed out to the press. There were favoured lawyers who were in the crowd of the journalists and Mr Shekar Gupta a veteran journalist was even invited to sit on the dais.  Immediately after the press meeting, the CPI party leader Daniel Raja, a known opposition party leader was seen shaking hands with Justice Chelameshwar giving a political colour to the entire episode.

The judges came out as completely inexperienced in not only the manner in which they conducted the press conference but also the manner in which they were fumbling for words during the interaction.

Justice Chelameshwar said that what they wanted to share was a letter they had written to the CJI a copy of which would be shared and that is all they wanted to say. Gagoi confirmed that there is nothing more to say beyond the letter but inadvertently admitted that the admission of the case in the Justice Loya’s death was a reason for this press meet.

Mr Dushyant Dave has been the advocate strongly advocating that the Justice Loya case should not be heard by a specific judge and it should be heard only by one of these four judges as if they would give a decision in his favour only.

Another advocate Mrs Kamini Jaiswal who is bitterly against Mr Amit Shah indicated in her subsequent statements that the possibility of Mr Amit Shah not being convicted was the reason behind this revolt. It was as if Teesta Setlwad was speaking through Kamini Jaiswal.

Yet another advocate Indira Jaising has also been vocal with similar views indicating that the politics of “Anti Amit Shah” forces were truly pushing the judges into a corner with the press conference.

It appears that these three advocates are either directly or indirectly responsible for the current mess in the Judicial system and are unmindful of the damage that they have done to the Indian judiciary for their own personal gains.

It was not surprising that Congress followed up with its own Press Conference though it was also as indecisive as the Judges press conference. It appeared as if Mr K.S.Tulsi had strongly opposed Congress getting into this controversy but Kapil Sibal and P Chidambaram pushed through the conference.  Rahul Gandhi in his usual style spoke a rehearsed sentence and ran away without taking questions.

With the Meeting of D Raja with Chlemeshwar and the Congress press conference, it was clear that the Four Revolting Judges were playing the tune of the political parties. However much they may try to whitewash their intentions, the perception with the public is clear that this was a political agenda playing out through the four judges.

It appeared that these four judges wanted to say more but were restraining themselves. Finally the charges made by the four judges appeared hollow and self defeating. Had they been more forthright, they would have atleast sounded more convincing.

Since then, several legal luminaries are expressing their views on the points raised. A large number of advocates are on the side of the Four revolting Judges while a large number of past judges are holding  the view that conducting of the press conference was wrong.

If we ignore the perceptions and focus more on the problem they have highlighted, then solution is not difficult to find.

The accusation is that while the CJI is considered as having a discretion to constitute benches and allocate cases to any of them, he should do so only with the consultation of the 5 senior most judges who form the collegium.

While the Judges 2-5 in seniority who held the Press Conference hold that CJI is only the “First amongst equals ” and not more important than any of them, they consider that other judges of the supreme court who are 6-25 in seniority are lesser mortals who are not equal to the first five.

This does not seem to be a logical l argument and has to be rejected.

Either all the judges have the privileges attached to their seniority in which case the CJI as the senior most has higher privileges that includes the management of the roaster, or they should agree that all judges of the Supreme Court are equally competent to handle any legal matter before them without fear or favour and with the legal expertise required.

Expecting that the rule of “First amongst Equals” applies only to the first five and not to all the 25 judges of the Court indicates a self serving argument.

If we admit that the roaster allocation had some “Motive” behind it as implied by these four judges, we can also imply a “Motive” behind the accusation of the four revolting judges. If CJI wants to avoid handing over some sensitive cases to any of these four and wants to give it some other judge down the line which is a departure from the procedure indicates a “Bad motive”, then the demand that such cases should be handed over only to them and not to anybody else also indicates a “Bad Motive” on the part of the four judges.

If we leave aside these perceptions since these judges are not transparent about their motives and want to hide behind the respect they enjoy as judges of the highest court of the land, let us accept that the only grievance is that the allocations are being done not in accordance with the established procedures of the past where all the five senior most judges worked together as a collegium and distributed sensitive cases only amongst themselves so that none was unhappy but the current CJI is trying to break this tradition.

Perhaps this is making these judges insecure and their friend lawyers also more insecure because they were perhaps existing in the system more by the strength of their relationship with the judges rather than their ability to fight a case on the merits.

The solution for this is not in asking the media and the public to adjudicate since what “We the people ” may say will not be palatable either to these judges nor to their favoured lawyers. Nevertheless since they have sought our advise, let us provide them the advise.

The problem is about allocation of cases to the 25 judges of the Supreme Court in an equitable manner that justice is done to the petitioners. The criteria of seniority is only relevant as a demonstration of the expertise of a judge and not otherwise. Each judge may however carry a badge of domain expertise based on the type of cases in the past where he would have examined a particular domain in depth and thereby gained an expertise. There cannot be any expertise based on qualifications since the College qualifications of all the judges are at least 3 decades old and has no relevance today. For example, Mr Chelameshwar being a student of Physics in his college does not make him a domain expert in a case involving Noise pollution or Electric outage etc.

Either the judges have to declare their top three areas of interest/specialization based on their own self introspection or based on the cases they might have handled in their career  and have to be tagged with the domain of expertise which were required to resolve them.

Assigning a “Domain Expertise Tag” to every judgement released by a judge in all the Courts is a process that has to be introduced now so that after a decade or so, it becomes a reliable barometer to tag a Judge with his area of domain expertise. Criteria for this needs to be developed and adopted.

In the meantime, an adhoc measure can be adopted where each judge of the Supreme Court is asked to declare three areas of interest that is used as his “Specialization Tag”.

Every judge will automatically have a seniority tag also. Using these two tags along with a “Random Allocation Tag”, it is possible for the Chief Justice to select a Judge or a Bench of multiple judges for assigning any case.

For this purpose, the CJI may categorize a case as “Requiring a specific domain expertise”. He can use is “First amongst equals” privilege to do so. Similarly, he can decide on whether the case requires a single judge or more judges to be in the bench.  Having decided these two parameters out of his privilege of being the CJI, he can proceed to allocate cases in the following manner. CJI can also determine the workload of a judge and determine if he has to be part of the selection for a given case or not.

a) In case of single member allocations, the choice can be completely randomized, such as picking up a judge out of the 25 (or lesser numbers if some is over burdened with cases at present). It is possible to do this by computerized allocation with priority criteria for domain expertise and seniority to be set to zero.

b) In cases where two  judges are there in a bench, one of the selections can be made on domain expertise criteria and the other on random basis.

c) In cases there there are three or more members in the bench, one member may be selected on seniority basis, second on domain expertise basis and the third randomly.

In larger benches the criteria can be repeated for the balance vacancies to be filled up.

This process leaves enough scope for the CJI to exercise his privilege and also provide opportunities for the senior members to be part of the important cases where there are at least 3 members. The single member benches which are prone to manipulation by friendly advocates would be randomized so that no advocate would gain an unfair advantage with a petitioner saying “I Know this Judge, Come to me”.

If the Supreme Court wants a software to be developed for the purpose, I am sure that there would be many software professionals who would be willing to develop it for free as their contribution to protect the institution which is the concern of these four revolting judges.

Naavi

At a time when India is debating a new law on Data Protection, an interesting question has been raised  before the Supreme Court about the “Right of Privacy” and whether it extends beyond death. The recent judgement of a 9 member bench of Supreme Court referred to as “Puttaswamy Judgement” was hailed as a “Land mark” judgement because it held that “Privacy is a Fundamental Right”.

At Naavi.org, we have discussed the Privacy Judgement in detail. In conclusion, we discussed the need for a proper definition of Privacy before we worry about how to protect privacy. (Refer: “The Privacy Judgement… Conclusion.. Need for Definition of Privacy” )

According to us, it was a failure of the Puttaswamy judgement that it did not define Privacy as a Right and only went about beating around the bush on the “Protection of the unknown and undefined right called Privacy”.

How can we protect a Right without defining the Right itself?

It is not prudent to make a law for protecting a concept which itself is not properly understood and defined. If we attempt to do it, then it will provide endless scope for litigation and will not help honest citizens.

Criminals will however take full advantage of such ambiguous law and ensure that they thrive at the cost of honest citizens.

The mistake committed by the 9 member bench to declare Privacy as a Fundamental Right without a definition of Privacy has now opened the question as to whether the “Right of Privacy” extends after the death of a person.

I hope this lacuna will be corrected in the Data Protection Law that the Government is trying to develop.

Background

It must be recognized that the current issue, namely “Whether the Right of Privacy extends beyond death” has arisen because there is a need to access and verify finger print data of late J.Jayalalitha,  available with UIDAI as well as the Jail authorities in Karnataka to decide on an allegation that her finger print was affixed on a document when she was in a state of health where she was either already dead or was unconscious.

There was a reasonable ground to believe foul play since during the entire period of her hospitalization, access to her was not permitted to any body other than a small group of people. Even prominent political leaders including Mr Rahul Gandhi and Venkiah Naidu came to the hospital and returned without even looking at the patient.

The prima facie perception which the citizens carried at that time was that the hospital and the Sasikala faction of AIADMK were in collusion and did not declare the true condition of her health. Even the current dispensation of the TN Government did not know her true state of health.

During such a state of doubtful health, she was supposed to have affixed her thumb impression on one of the documents which has now been questioned.  It was a reasonable doubt in the minds of the public that the thumb impression was not willingly placed by a person in understanding of the document on which it was placed and hence it was a “Forgery” and a “Fraud”. The fraud is on the citizens of India both those who like/d or dislike/d Ms Jayalalitha.

Now the honourable Supreme Court has intervened on a petition before the High Court and stayed a request for verification of the genuineness of the thumb impression.

Unfortunately, by granting a stay, The Supreme Court has intervened in a case where Criminal Conspiracy has to be investigated and the only persons who could benefit from this stay are people who want to hide the actual events that surrounded the mysterious death.

Even the UIDAI has wrongly taken a view that it cannot submit the copy of the thumb impression to help in the judicial process and in the process supporting an attempt to protect the secrecy of the doubtful death rather than bringing out the truth.

By trying to protect this questionable request not to grant access to the finger print and proceed with the investigation whether it was genuine or not under the garbs of a discussion of Privacy the Supreme Court will be further muddying the waters to an extent that people will question the integrity of the Supreme Court. Let us not forget that some of the Judges who will sit in judgement in this case may be persons who could have acted as Jayalalitha’s advocates in her days in power.

What is Right to Privacy

It is necessary for us to first define the “Right of Privacy”. As a fundamental right, Privacy can only be a Right that a Citizen can exercise against the democratic state committed to a constitution. If one “Fundamental Right” is considered the “Right that extends beyond death”, every other Fundamental Right can also extend beyond death.

If we define Privacy as a “Right to Life and Liberty” there is no logic in extending it to a dead person who does not have life or liberty.

Privacy cannot be equated to “Right of Secrecy”.

In a situation where the person has died, “The right to privacy of the dead person” cannot be extended as “Right to secrecy of the people around not to provide truthful information” or “Right to protect the deceased from loss of reputation”.

There is no doubt that the Supreme Court has powers to give any judgement and no body can  question their wisdom if they say Privacy extends beyond death. They may even quote some international practices and justify whatever they decide.

But if they do, it cannot be seen as anything other than an attempt to protect the secrets surrounding the death of Ms Jayalalitha and to protect those who could be implicated for causing her wrongful death and compounding it with fabrication of documents with her alleged finger print. Hence whatever judgement they come to will be seen with a sense of suspicion and distrust.

The feeling that ” I have a sense of Privacy” is a “State of Mind” and not a “State of Physical location”.

Let’s think……

When a person is in the Mumbai local, does he have a sense of loss of privacy because of the proximity of the next person? When a person is all alone in a deserted street in the night, does he enjoy our right of privacy?….

If a human desires to have other people around him in certain circumstances and does not mind them being too close physically, Privacy cannot be a matter that is determined by the physical proximity of the person or Right to access his body or private physical space.

Right to “Peaceful state of mind” is a creation of the person himself and not that of the environment. Hence Privacy cannot be equated to anything physical but can only be a state of mind of a person. If a person feels that he is alone, he will have a sense of privacy even in a crowd. If not, he will not feel “Privacy” even if he is in a graveyard.

Being a “Mental State”, Privacy can only be an experience of a “Living Person” and not a dead person. The Right to protect the information about a dead person can only be a “Right to be protected against defamation after death” and not a “Right to protect Privacy”. Right to be protected against defamation is fine but in the current case, it is not the reputation of Jayalalitha at stake and it is the reputation of the people who were around her at that time which is at stake. This cannot and should not be linked to the Right to Privacy of Jayalalitha living or dead.

It would therefore be appropriate if the stay is vacated forthwith and the UIDAI also directed to assist the judicial process.

I would like to point out that if the Supreme Court makes an exception to this case because they may consider that Ms Jayalalitha dead or alive is a special person, then in every other property case where a dead person’s finger print has been affixed on a document after his death, the perpetrators of the crime will claim protection under “Privacy”. There are many past cases where forensics have proved that such property documents were fraudulent and in future there will be no scope for preventing such frauds.

I hope  Supreme Court will be intelligent and honest enough to understand the consequences of holding the Right of Privacy as subsisting after the death of a person and come to the right decision.

Naavi