Right to Privacy as a Fundamental Right: Evolution and Challenges

ABSTRACT

“The jurisprudential journey of the right to privacy in India reflects an evolution from judicial scepticism to constitutional entrenchment. Though absent in explicit constitutional text, privacy has been progressively recognised as integral to Articles 14, 19, and 21. This paper examines the historical development beginning with M.P. Sharma v. Satish Chandra (1954) and Kharak Singh v. State of Uttar Pradesh (1962), through intermediate milestones such as Gobind v. State of Madhya Pradesh (1975), R. Rajagopal v. State of Tamil Nadu (1994), and People’s Union for Civil Liberties v. Union of India (1997), culminating in the watershed Justice K.S. Puttaswamy v. Union of India (2017). It then evaluates contemporary challenges such as state surveillance, Aadhaar, big data, and artificial intelligence, alongside legislative attempts through the Digital Personal Data Protection Act, 2023. Comparative perspectives from the United States, United Kingdom, and European Union further illuminate privacy’s normative dimensions. The conclusion argues that privacy must remain dynamic, continuously recalibrated against security imperatives and technological change, secured through judicial vigilance and legislative foresight.”

INTRODUCTION

“Privacy constitutes the core of individual autonomy, dignity, and liberty, without which the existence of meaningful democracy becomes fragile. In India, the recognition of privacy as a fundamental right has been neither immediate nor uncontested; rather, it is the outcome of a gradual and complex constitutional evolution. The Indian Constitution does not explicitly enshrine a right to privacy. However, the transformative interpretative approach of the judiciary, particularly under Article 21, has elevated privacy to a constitutional pedestal. The recognition of privacy in Puttaswamy (2017) is not merely a legal pronouncement but a constitutional watershed that aligns India with international human rights jurisprudence.”

“This research paper critically examines the evolution of the right to privacy, its constitutional foundations, and the judicial journey that transformed it into an indispensable aspect of fundamental rights. It further interrogates contemporary challenges, particularly in the digital age, wherein surveillance technologies, datafication, and algorithmic governance threaten to reduce privacy into a fragile entitlement. The paper adopts a doctrinal and analytical approach to underscore the need for a balanced framework that secures privacy without undermining state security imperatives.”

HISTORICAL BACKGROUND

1. P. Sharma v. Satish Chandra (1954)[1]

The earliest confrontation with privacy in India emerged in M.P. Sharma v. Satish Chandra, wherein an eight-judge bench of “the Supreme Court categorically denied the existence of a constitutional right to privacy.” The Court, “while adjudicating upon search and seizure under Article 20(3), held that the Indian Constitution did not recognize privacy as a fundamental right in the manner of the Fourth Amendment to the U.S. Constitution.” The reasoning underscored a textualist interpretation, declining to expand constitutional provisions beyond their express ambit.

2. Kharak Singh v. State of Uttar Pradesh (1962)[2]

“The second major case, Kharak Singh v. State of Uttar Pradesh, concerned police surveillance of a suspect. The majority, while striking down domiciliary visits as unconstitutional under Article 21, declined to acknowledge a broader right to privacy. Justice Subba Rao, in his powerful dissent, however, articulated privacy as a core facet of personal liberty, observing that liberty would be meaningless if the sanctity of one’s home and private life was not secured. This dissent later became a guiding beacon in privacy jurisprudence.”

GRADUAL RECOGNITION: TOWARDS A DOCTRINAL FOUNDATION

1. Gobind v. State of Madhya Pradesh (1975)[3]

“The jurisprudential turning point appeared in Gobind v. State of Madhya Pradesh, wherein the Court cautiously recognized privacy as implicit in Article 21, subject to reasonable restrictions on compelling state interests. The Court, influenced by American constitutional law, adopted a cautious “case-by-case development” of privacy, thereby planting the seeds for its future evolution.”

2. Rajagopal v. State of Tamil Nadu (1994)[4]

“In R. Rajagopal v. State of Tamil Nadu, also known as the “Auto Shankar case,” the Supreme Court recognized the right of individuals to safeguard the privacy of their life story from unauthorized publication. The Court emphasized that privacy is integral to Article 21, protecting individuals from unwarranted state and non-state intrusion.”

3. People’s Union for Civil Liberties (PUCL) v. Union of India (1997)[5]

“In PUCL v. Union of India, concerning telephone tapping, the Court reiterated privacy as part of the right to life and personal liberty. The Court laid down procedural safeguards to regulate state surveillance, holding that telephone tapping constituted an infringement of privacy unless conducted under law and with adequate safeguards.”

THE CONSTITUTIONAL WATERSHED: JUSTICE K.S. PUTTASWAMY V. UNION OF INDIA (2017)

“The jurisprudential culmination occurred in Justice K.S. Puttaswamy v. Union of India,[6] where a nine-judge bench unanimously held that privacy is a fundamental right, intrinsic to Articles 14, 19, and 21. The judgment explicitly overruled M.P. Sharma and Kharak Singh to the extent they denied privacy. Justice Chandrachud, writing for the majority, observed that privacy is intrinsic to human dignity and forms the foundation of liberty.”

“The Court underscored that privacy is not an elitist right but a universal entitlement, encompassing decisional autonomy, bodily integrity, informational control, and spatial freedom. Importantly, the judgment located privacy within the transformative constitutional vision of dignity, liberty, and fraternity, thus elevating it beyond textual interpretation into the realm of constitutional morality.”

CONSTITUTIONAL AND PHILOSOPHICAL FOUNDATIONS

“The right to privacy, though absent from the express constitutional text, emanates from the overarching constitutional philosophy of liberty, dignity, and equality.” Article 21 provides that no person shall be deprived of life or personal liberty except according to procedure established by law. Judicial interpretation has consistently broadened this provision, recognising that “life” extends beyond mere animal existence to encompass conditions that make life meaningful. Privacy, in this sense, secures the sanctity of personal choices, bodily integrity, and informational control.[7]

“Article 14 complements this by ensuring protection against arbitrary state action. An invasion of privacy without just cause constitutes arbitrariness, and therefore, a violation of equality before law. Similarly, Article 19 freedoms—expression, association, movement, and profession—become illusory without privacy, which allows individuals to form opinions, relationships, and choices without coercive interference.

At a deeper level, privacy reflects constitutional morality, which obliges the State to respect dignity and autonomy as intrinsic values. Philosophically, it is grounded in Kantian ethics of treating individuals as ends in themselves, and in liberal theories that place autonomy at the heart of human flourishing. Thus, privacy emerges not as a derivative entitlement but as a structural guarantee indispensable to democratic citizenship.”

CONTEMPORARY CHALLENGES IN THE DIGITAL AGE

1. STATE SURVEILLANCE AND NATIONAL SECURITY

Post-Puttaswamy, the Aadhaar scheme tested the boundaries of privacy. While the Supreme Court upheld Aadhaar in Puttaswamy (Aadhaar case) (2018),[8] “it struck down provisions mandating linkage for private services. Nonetheless, mass surveillance through technology, interception, and metadata collection continues to threaten privacy.”

2. DATAFICATION AND BIG TECH

Private corporations collect vast amounts of personal data, often without informed consent. “The monetisation of data and opaque algorithms create a risk of commodifying privacy. The absence of robust data protection laws until 2023 exacerbated these vulnerabilities.”

3. ARTIFICIAL INTELLIGENCE AND ALGORITHMIC GOVERNANCE

“The rise of AI, predictive policing, and facial recognition technologies pose unprecedented threats. Privacy today extends beyond physical intrusion into the realm of informational self-determination.”

4. BALANCING PRIVACY AND PUBLIC INTERESTS

The state often invokes national security, public order, and welfare imperatives to curtail privacy. The judiciary’s role remains critical in balancing these competing interests through the test of proportionality.[9]

COMPARATIVE CONSTITUTIONALISM

1. UNITED STATES

“The U.S. recognizes privacy through the Fourth Amendment and the doctrine of substantive due process. Cases such as Griswold v. Connecticut and Roe v. Wade[10] established decisional autonomy, though subject to varying interpretations over time.”

2. UNITED KINGDOM

“The UK, lacking a written constitution, protects privacy through the Human Rights Act, 1998,[11] which incorporates Article 8 of the European Convention on Human Rights.”

3. EUROPEAN UNION

“The EU represents the most advanced privacy regime, with the General Data Protection Regulation (GDPR)[12] ensuring strong safeguards, data minimisation, and rights of access, erasure, and portability.”

LEGISLATIVE DEVELOPMENTS IN INDIA

“The recognition of privacy as a fundamental right by the Supreme Court in Justice K.S. Puttaswamy v. Union of India (2017) created an imperative for legislative action, particularly in regulating the collection, processing, and dissemination of personal data. Prior to this landmark judgment, India lacked a comprehensive statutory framework safeguarding informational privacy, relying instead on fragmented provisions across diverse statutes.”

“The earliest legislative recognition can be traced to the Indian Telegraph Act, 1885, which regulated interception of communications but offered only limited safeguards against state intrusion. With the growth of digital communications, the Information Technology Act, 2000 introduced specific provisions on data protection. Section 43A mandated compensation for failure to protect sensitive personal data, while Section 72 criminalised unauthorised disclosure of information. However, the framework remained skeletal, heavily reliant on executive rules rather than parliamentary deliberation, and insufficient in addressing contemporary challenges such as surveillance capitalism or state-sponsored data collection.

The Puttaswamy judgment intensified demands for a comprehensive privacy statute, leading to the formulation of the Personal Data Protection Bill, 2019, which drew heavily from the European Union’s GDPR. The Bill sought to establish a Data Protection Authority, define obligations of data fiduciaries, and recognise rights of data principals. Nevertheless, the draft legislation faced criticism for excessive state exemptions and potential dilution of privacy safeguards in the name of national security.

After several iterations and committee deliberations, Parliament enacted the Digital Personal Data Protection Act, 2023,[13] marking a watershed moment in India’s legislative trajectory. The Act codifies principles of consent, purpose limitation, and data minimisation, while recognising the right of individuals to correct, erase, and access their personal data. It introduces penalties for data breaches and establishes a regulatory framework for grievance redressal. Yet, the statute has not escaped critique—particularly for broad exemptions granted to government agencies and the absence of a robust independent regulator with adequate autonomy.

Beyond data-specific statutes, privacy concerns intersect with other legislative developments. The Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016, upheld with restrictions by the Supreme Court, reflects the tension between welfare administration and privacy protection. Similarly, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 sparked debates over encryption, traceability, and surveillance.”

In sum, “legislative development in India demonstrates a gradual shift from fragmented sectoral regulation towards comprehensive statutory recognition of privacy. However, the efficacy of these frameworks will depend on robust institutional enforcement and the judiciary’s continued vigilance in harmonising privacy with competing state interests.”

CONCLUSION

The recognition of privacy as a fundamental right in Puttaswamy represents a transformative moment in Indian constitutional law, aligning the nation with global human rights jurisprudence. Yet, “the real challenge lies in operationalising this right amidst rapid technological advancements, state imperatives of security, and corporate interests in data monetisation. Privacy, as the Court rightly observed, is not a static right but a dynamic entitlement that must evolve with changing societal and technological contexts.”

“A robust framework requires not only legislative safeguards but also a vigilant judiciary committed to upholding constitutional morality. Privacy today extends beyond the individual to encompass collective rights in a digital society, demanding accountability from both state and non-state actors. As India advances towards becoming a digital economy, the preservation of privacy as a fundamental right remains imperative to ensuring that liberty and dignity continue to animate the constitutional order.”

REFERENCES

[1] M.P. Sharma v. Satish Chandra, AIR 1954 SC 300.

[2] Kharak Singh v. State of Uttar Pradesh, AIR 1963 SC 1295.

[3] Gobind v. State of Madhya Pradesh, (1975) 2 SCC 148.

[4] R. Rajagopal v. State of Tamil Nadu, (1994) 6 SCC 632.

[5] People’s Union for Civil Liberties (PUCL) v. Union of India, (1997) 1 SCC 301.

[6] Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1.

[7] Gautam Bhatia, Offend, Shock, or Disturb: Free Speech under the Indian Constitution (Oxford University Press 2016) 197–202.

[8] Justice K.S. Puttaswamy v. Union of India (Aadhaar case), (2019) 1 SCC 1.

[9] Nandan Kamath, ‘Data Protection and Indian Constitutionalism’ (2020) 5 Indian Law Review 233.

[10] Griswold v. Connecticut, 381 US 479 (1965).

[11] Human Rights Act 1998, c 42 (UK).

[12] Regulation (EU) 2016/679 (General Data Protection Regulation).

[13] The Digital Personal Data Protection Act, 2023 (India).