Right to Privacy as a Fundamental Right: Evolution and Challenges

ABSTRACT

The right to privacy has slowly become one of the most important rights in India, even though it is not directly written in the Constitution. At first, the Supreme Court refused to accept privacy as a fundamental right in cases like M.P. Sharma v Satish Chandra (1954) and Kharak Singh vs State of Uttar Pradesh (1962). Later, the Court began to recognise limited aspects of privacy in decisions such as Gobind v State of Madhya Pradesh (1975), R. Rajagopal vs State of Tamil Nadu (1994), and People’s Union for Civil Liberties vs Union of India (1997). This gradual shift finally led to the historic judgment in Justice K.S. Puttaswamy (Retd.) vs Union of India (2017), where a nine-judge bench declared privacy a fundamental right under Articles 14, 19, and 21 of the Constitution.

This article studies the development of the right to privacy in India and compares it with international practices in the United States and the United Kingdom. It also looks at modern challenges such as government surveillance, the Aadhaar scheme, gaps in data protection, and the growing importance of the right to be forgotten. At the same time, the article examines how privacy often conflicts with other interests like national security, freedom of the press, and the right to information.

The recognition of privacy as a fundamental right is a major step forward, but many problems remain in ensuring its full protection. Stronger laws and active judicial oversight are needed so that the right to privacy can be effectively safeguarded in the digital age.

INTRODUCTION

Privacy is often understood as the ability of a person to keep their personal life free from outside interference. It allows individuals to make their own choices, control their personal information, and live with dignity. Even though the Constitution of India does not mention the word “privacy” directly, courts have slowly recognised it as an important part of the right to life and personal liberty under Article 21 of the Constitution.

In the early years after independence, the Supreme Court of India did not recognise privacy as a fundamental right. In M.P. Sharma vs Satish Chandra, the Court stated that the Constitution did not protect privacy against state action in cases of search and seizure.^[1] A similar approach was taken in Kharak Singh vs State of Uttar Pradesh, where the majority of judges refused to accept privacy as a separate constitutional right.^[2] However, over time, the judiciary started to change its view, and later cases began to see privacy as an essential part of personal liberty.

This shift in understanding reached its peak in the landmark case of Justice K.S. Puttaswamy (Retd.) vs Union of India in 2017, where a nine-judge bench of the Supreme Court declared privacy to be a fundamental right protected under Articles 14, 19, and 21.^[3] This judgment placed privacy at the centre of constitutional values, linking it closely with dignity, freedom, and autonomy.

At the same time, the growth of technology, government surveillance, and digital platforms has created new risks for personal privacy. This makes it necessary to study not only how privacy has developed in India but also how it is challenged today. This article traces the journey of privacy as a right in India, compares it with international practices, and discusses the challenges and possible solutions for protecting it in the digital era.

EARLY JUDICIAL APPROACH: NO FUNDAMENTAL RIGHT TO PRIVACY

In the first decades after independence, the Supreme Court of India was hesitant to accept privacy as a constitutional right. The Court’s reasoning reflected the belief that the Constitution only protected rights that were expressly written in its text, and since privacy was not mentioned, it could not be claimed as a fundamental right.

The first major case on this issue was M.P. Sharma vs Satish Chandra (1954). Here, the petitioners challenged search and seizure actions by the state, arguing that they violated privacy. The Court rejected this claim, holding that the Constitution of India did not grant a right to privacy similar to the protections under the Fourth Amendment of the United States Constitution.^[4] This decision set the tone for the early years, where privacy was seen as outside the constitutional framework.

The issue came up again in Kharak Singh vs State of Uttar Pradesh (1962). The case involved surveillance by the police, including night visits to the petitioner’s house. The majority judgment held that there was no fundamental right to privacy under the Constitution.^[5] However, an important development was the dissenting opinion of Justice Subba Rao. He argued that privacy was an essential part of personal liberty under Article 21, and constant surveillance violated this freedom.^[6] Though only a dissent, Justice Subba Rao’s view would later influence future decisions as Indian courts began to recognise privacy more positively.

Thus, in the early years, the judicial approach was clear: privacy was not considered a fundamental right. Yet, the seeds of change were planted in the dissenting opinion of Justice Subba Rao, which provided the foundation for the later recognition of privacy as part of liberty and dignity.

GRADUAL RECOGNITION OF PRIVACY 

After the strict approach in M.P. Sharma and Kharak Singh, the Supreme Court slowly began to soften its stand and move towards recognising privacy as part of the right to life and personal liberty. This change was influenced by the idea that the Constitution is a living document, and its interpretation must adapt to protect human dignity and freedom.

The first major step came in Gobind vs State of Madhya Pradesh (1975). The case involved police surveillance of a habitual offender. The Court held that although privacy was not an absolute right, it could be read into Article 21 as part of personal liberty.^[7] The judges emphasised that privacy could be restricted only through reasonable laws that served a compelling state interest. This case marked a turning point, as privacy was now acknowledged, even if cautiously.

Later, in R. Rajagopal vs State of Tamil Nadu (1994), also known as the “Auto Shankar” case, the Court took a stronger position. It ruled that the right to privacy includes the right to be left alone and protects individuals from unauthorised publication of their private lives without consent, unless it is necessary for public interest.^[8] This case highlighted the balance between privacy and freedom of the press, recognising that while the media has a duty to inform, it cannot invade the dignity of individuals.

Further progress came in People’s Union for Civil Liberties (PUCL) vs Union of India (1997). The case challenged the practice of telephone tapping. The Court held that such tapping is a violation of privacy unless carried out according to a legal procedure established by law.^[9] The judgment stressed that unrestricted surveillance could not be allowed in a democracy.

These cases collectively show a shift from rejecting privacy outright to cautiously affirming it as an important right. By the late 1990s, privacy had become part of Indian constitutional law, though still subject to restrictions in the interest of the state or public order.

THE LANDMARK PUTTASWAMY JUDGMENT (2017)

The most important development in Indian privacy law came with Justice K.S. Puttaswamy (Retd.) vs Union of India (2017). This case arose when the validity of the Aadhaar scheme, which required citizens to share biometric data, was challenged before the Supreme Court. The petitioners argued that compulsory collection of personal information violated the right to privacy.

The case was referred to a nine-judge bench because earlier rulings in M.P. Sharma and Kharak Singh had denied the existence of privacy as a fundamental right. In a unanimous decision, the Court held that privacy is protected as a fundamental right under Articles 14, 19, and 21 of the Constitution.^[10] The bench overruled the earlier judgments and declared privacy to be an essential part of dignity, liberty, and autonomy.

The judges in Puttaswamy went beyond simply recognising privacy. They explained its different dimensions, including bodily privacy, decisional autonomy, and informational privacy.^[11] The Court made it clear that privacy is not an absolute right and can be restricted, but only by laws that are just, fair, and proportionate to the aim they seek to achieve. This proportionality test ensures that the state cannot limit privacy arbitrarily in the name of national security or public interest.

The judgment also drew heavily on international law and comparative jurisprudence. References were made to the United States, United Kingdom, South Africa, and the European Union, showing that India’s recognition of privacy was in line with global democratic values. Importantly, the Court highlighted that privacy is essential in the digital age, where vast amounts of personal data are collected by both the state and private companies.

The Puttaswamy judgment is rightly seen as a constitutional milestone. It settled decades of uncertainty and placed privacy at the core of Indian constitutional rights. However, the decision also opened up new debates about how privacy should be balanced against competing concerns such as national security, technological development, and economic growth.

COMPARATIVE PERSPECTIVES: USA & UK

The Indian Supreme Court in Puttaswamy relied on experiences from other countries to strengthen its reasoning. Both the United States and the United Kingdom have played a major role in shaping global discussions on the right to privacy, though their approaches differ.

In the United States, privacy has been largely developed through judicial interpretation of the Constitution. The Supreme Court first recognised privacy in Griswold vs Connecticut (1965), where it struck down a law banning contraceptives for married couples. The Court held that certain “zones of privacy” could be derived from the guarantees of the Bill of Rights.^[12] This reasoning was later expanded in Roe vs Wade (1973), which held that a woman’s decision to terminate a pregnancy fell within the sphere of privacy protected by the Constitution.^[13] Although later cases have modified Roe, the principle that privacy is linked to personal autonomy remains central to American constitutional law.

In the United Kingdom, privacy protection has developed mainly through legislation and the influence of the European Convention on Human Rights (ECHR). Article 8 of the ECHR provides for the right to respect for private and family life, subject to lawful restrictions for interests such as national security and public safety. This provision became enforceable in the UK after the Human Rights Act 1998 incorporated the ECHR into domestic law.^[14] Courts in the UK have since applied Article 8 to cases involving surveillance, media intrusion, and misuse of personal data. A well-known example is Campbell vs MGN Ltd (2004), where the House of Lords held that the publication of private medical details of model Naomi Campbell violated her right to privacy.^[15]

These comparative examples influenced Indian jurisprudence, particularly in Puttaswamy. The Indian Supreme Court’s recognition of privacy as central to dignity and autonomy echoes both the American focus on personal decision-making and the European emphasis on protection against state and private interference. At the same time, the Indian position is unique, as it ties privacy not only to liberty but also to equality and fraternity under the Constitution.

CONTEMPORARY CHALLENGES IN INDIA

Even after the Puttaswamy judgment firmly recognised the right to privacy, India faces many practical challenges in ensuring its protection. These challenges arise because privacy often clashes with state interests, technological developments, and social realities.

One of the biggest concerns is state surveillance. Programs such as Aadhaar, which collect biometric and demographic data of residents, have raised questions about excessive state control over personal information. Although the Supreme Court upheld Aadhaar’s validity in K.S. Puttaswamy (Aadhaar-5J) (2018), it also restricted its use, stressing that data collection must have safeguards against misuse.^[16] Similarly, the increasing use of facial recognition technology by police forces has sparked fears of mass surveillance without adequate legal oversight.^[17]

Another challenge is data protection. India has a rapidly growing digital economy, but until recently there was no comprehensive law regulating how personal data is collected, stored, or shared by private companies. The Information Technology Act 2000 and its rules provided limited safeguards, but they were inadequate in the age of social media and artificial intelligence. This gap led to frequent data breaches and misuse of sensitive information.^[18]

There are also social challenges. Many people in India are not fully aware of their privacy rights, especially in rural areas. The cultural emphasis on community sometimes reduces the value placed on individual autonomy, making privacy appear as a privilege of the urban elite rather than a universal right.^[19]

Finally, there is the issue of balancing privacy with security and governance. Governments often argue that surveillance is necessary for fighting terrorism, ensuring law and order, and improving welfare delivery. The tension between individual rights and collective security continues to be at the heart of the privacy debate in India.^[20]

Thus, while the recognition of privacy as a fundamental right is a significant step forward, the real challenge lies in developing laws, institutions, and awareness to make this right meaningful in practice.

CONCLUSION AND WAY FORWARD

The recognition of the right to privacy as a fundamental right in Justice K.S. Puttaswamy (Retd.) vs Union of India marked a turning point in Indian constitutional law. It gave constitutional status to the dignity and autonomy of individuals. However, recognition alone is not enough. The rapid growth of digital technologies, extensive use of data by governments and corporations, and weak regulatory frameworks have created fresh challenges to privacy.

Indian privacy law is still evolving. The Information Technology Act 2000 provides some protections, but it is outdated in the age of social media, artificial intelligence, and large-scale data collection. The Digital Personal Data Protection Act 2023 is an important step, but questions remain about state surveillance, enforcement mechanisms, and accountability.^[21]Unless privacy protections are matched with strong institutional safeguards, the right risks being reduced to a mere promise on paper.

The way forward lies in three broad measures. First, clearer legislation is needed that balances privacy with legitimate state interests through narrow, well-defined exceptions. Second, independent regulatory bodies must be empowered to oversee both public and private actors. Third, public awareness is vital. A right can only be effectively protected when citizens know its scope and demand accountability for its violation.

Privacy will always exist in tension with competing interests like national security, transparency, and freedom of expression. The challenge for lawmakers and courts is to ensure that these interests are pursued without eroding the core of individual liberty. A democratic society cannot survive if its citizens are constantly watched, profiled, or silenced. The future of privacy in India depends on maintaining this delicate balance, where the individual is never lost in the name of collective goals.

REFERENCES

^[1] M.P. Sharma vs Satish Chandra, AIR 1954 SC 300.

^[2] Kharak Singh vs State of Uttar Pradesh, AIR 1963 SC 1295.

^[3] Justice K.S. Puttaswamy (Retd.) vs Union of India, (2017) 10 SCC 1.

^[4] M.P. Sharma vs Satish Chandra, AIR 1954 SC 300.

^[5] Kharak Singh vs State of Uttar Pradesh, AIR 1963 SC 1295 (majority opinion).

^[6] ibid (Subba Rao J, dissenting).

^[7] Gobind vs State of Madhya Pradesh, AIR 1975 SC 1378.

^[8] R. Rajagopal vs State of Tamil Nadu, (1994) 6 SCC 632.

^[9] People’s Union for Civil Liberties (PUCL) vs Union of India, (1997) 1 SCC 301.

^[10] Justice K.S. Puttaswamy (Retd.) vs Union of India, (2017) 10 SCC 1.

^[11] ibid (per Chandrachud J).

^[12] Griswold vs Connecticut, 381 US 479 (1965).

^[13] Roe vs Wade, 410 US 113 (1973).

^[14] Human Rights Act 1998, s 1, sch 1, art 8.

^[15] Campbell vs MGN Ltd [2004] UKHL 22, [2004] 2 AC 457.

^[16] K.S. Puttaswamy (Aadhaar-5J) vs Union of India (2018) 10 SCC 1.

^[17] Internet Freedom Foundation, ‘Project Panoptic’ (IFF, 2021) https://panoptic.in accessed 19 August 2025.

^[18] Apar Gupta, ‘The Urgency of India’s Data Protection Law’ (2019) 54(2) Economic and Political Weekly 12.

^[19] Usha Ramanathan, ‘Aadhaar: From Welfare to Surveillance’ (2014) 49(28) Economic & Political Weekly 53.

^[20] Gautam Bhatia, Offend, Shock, or Disturb: Free Speech under the Indian Constitution (Oxford University Press 2016) 219–221.

^[21]  Digital Personal Data Protection Act 2023 (India).