Right to Privacy as a Fundamental Right: Evolution and Challenges

Leave a Comment / Legal Articles / By

Published On: 15th October 2025

Authored By: Pakhi Tandon
Christ (Deemed to be University) Pune Lavasa

Abstract

The right to privacy had been the benchmark of freedom, dignity, and autonomy of Indian constitutionalism. Its fate had hung in the balance for decades: initial Supreme Court decisions like M.P. Sharma v Satish Chandra and Kharak Singh v State of U.P. withhold constitutional protection, but subsequent decisions hesitantly discovered islands of privacy in Articles 19 and 21. The 2017 Puttaswamy judgment shifted the tide by declaring privacy to be an inalienable, enforceable fundamental right under Part III of the Constitution. Privacy has since been a fulcrum of legal struggles in areas from Aadhaar verification to cyberspace surveillance, health technologies, and data protection. This paper maps the historical development of the right to privacy in India, analyses its doctrinal consolidation in Puttaswamy, surveys post-2017 case law and legislation, and charts challenges today. It concludes by proposing a more systematic privacy regime on the pillars of constitutional values, statutory transparency, institutional protection, and judicial oversight.

Introduction

Constitutional idea of privacy as a constitutional right has been Independent India’s most signal constitutional achievement. Privacy is the intersection of liberty, equality, and dignity—the values most consonant with the constitutional imagination of the founding fathers. Privacy safeguards the citizen from abusive state monitoring, unbridled corporate data gathering, and social harm from misuse of technology.

But privacy was never a right in India. The Supreme Court oscillated between denial and reluctant acceptance for decades. It was only in 2017, in the majority judgment of the nine-judge bench in Justice K.S. Puttaswamy v Union of India (“Puttaswamy I”), that privacy was held to be a constitutional right under Part III of the Constitution, as an integral component of Articles 14, 19, and 21. The Court reaffirmed that privacy is the foundation of autonomy, liberty of choice and democratic engagement.[1]

The ruling was merely the first shot, not the last. What the acceptance also brought forth were new questions: How to reconcile privacy with other state interests in security, welfare, and government, what regulation is needed to impose information privacy? How are emerging technologies like biometrics, artificial intelligence, and facial recognition redefining privacy boundaries? And how will institutional protections protect against surveillance system abuse?

This essay seeks to respond to the question posed above in the Indian model of constitutional development, charting the trajectory of legislation and jurisprudence and critically analyzing the issues involved. The argument is structured step by step: step one, charting the trajectory of privacy jurisprudence under the Puttaswamy judgment; step two, charting the pillars of doctrine settled in Puttaswamy; step three, charting post-2017 judicial and legislative development; step four, charting challenges to digital regulation hitherto; and lastly, charting a reform agenda.[2]

Development of Jurisprudence of Privacy Pre-Puttaswamy

Indian right of privacy developed through a series of judicial rulings that have stood the test of time now for over half a century. Its trajectory continues on the wide trajectory of constitutional law—toward purposive, expansive rights-interpretation of Part III from literalist textualism.

Rejection in the first instance: M.P. Sharma (1954) and Kharak Singh (1962)

The door to privacy violations was opened for the first time in M.P. Sharma v Satish Chandra (1954), where eight judges had weighed search and seizure against privacy. The Court believed that the Constitution had not enshrined privacy as such in explicit words, as the U.S. Fourth Amendment had. It therefore believed that such searches under the law were not violative of a fundamental right. That textual approach closed the door to privacy claims then.[3]

In Kharak Singh v State of Uttar Pradesh (1962), the Court applied police surveillance under the Uttar Pradesh Police Regulations on the test of constitutionality. A six-judge bench overruled midnight domiciliary visits against “personal liberty” under Article 21 but declined to declare a right of privacy a fundamental right. “The right of privacy is not enshrined in our Constitution,” ruled Justice Ayyangar. The Court’s ruling had a loophole, however: some elements of privacy, such as protection against intrusive domiciliary visits, could be ensured under personal liberty.[4]

They together drew a limiting line of thought: privacy was not a separate constitutional right, though some aspects of it can be enveloped by Article 21 from time to time.

Doctrinal Growth: Gobind v State of Madhya Pradesh (1975)

The trend was turned on its head by Gobind v State of Madhya Pradesh (1975). The case involved the surveillance of a recidivist under the Madhya Pradesh Police Regulations. Justice Mathew, in the court’s view, grudgingly admitted that privacy is a fundamental right of personal liberty but reasonable restriction. He famously held the view that “the right to privacy will have to go through a process of case-by-case development.”[5]

Where Gobind had not succeeded on a general statement, it had been an interesting doctrinal shift: privacy could be inferred from Articles 19 and 21, but would be context-dependent.

Consolidation: Malak Singh (1981), Rajagopal (1994), PUCL (1997)

Later cases further broadened privacy protections.

In Malak Singh v State of Punjab (1981), the Court reaffirmed that the monitoring cannot be permitted to infringe upon the constitutional right of privacy and liberty and construed the police regulations strictly.[6]

A landmark was achieved in R. Rajagopal v State of Tamil Nadu (1994), the “Auto Shankar case,” where the Court, in a celebrated judgment, held that right of privacy is within the meaning of Article 21. The Court felt that privacy of home life, procreation, education, and marital life could be guarded by the individual and publication of the same without his consent would constitute invasion of privacy—save where it is regarding the official acts of the public functionaries in the performance of their official duties while acting in their official capacity in discharge of their official duties.[7]

In People’s Union for Civil Liberties (PUCL) v Union of India (1997), telephone tapping under Section 5(2) of the Telegraph Act was sought on constitutional lines. Telephone conversation was seen as part of the right of privacy and was tap-able on grounds permitting necessity and proportionality.[8]

Fragmentation and Ambiguity

By the late 1990s, privacy had been partially embraced by judicial interpretation. Uncertainty still lingered. While Rajagopal and PUCL openly invoked privacy interests, on the one hand, still in the background of their minds was the specter of M.P. Sharma and Kharak Singh. The Supreme Court itself continued to be divided, lower courts acknowledging privacy issues without necessarily overruling the earlier larger-bench precedents. That doctrial tension was eventually unleashed in the constitutional challenge to the Aadhaar scheme, which forced the Court to relitigate the question in Puttaswamy.[9] 

The Landmark Recognition: Justice K.S. Puttaswamy v Union of India (2017)

The sixty-year-old enigma was laid to rest in Justice K.S. Puttaswamy (Retd.) v Union of India (2017)[10], wherein a nine-judge bench was set to determine the issue whether privacy is a right or not in light of the Constitution. The reference had been made on the basis of writ petitions against the Aadhaar scheme, being biometric identification for welfare benefits. The Union government had contended that privacy is not a constitutional right and had taken support from M.P. Sharma and Kharak Singh.

Unanimous Recognition

The Court brought the matter to an authoritative conclusion in a resounding majority by deciding that privacy is a firmly established constitutional right under Part III of the Constitution. Nine judges handed down individual concurring judgments, leaving a rich legacy of constitutional law.

Chief Justice J.S. Khehar and Justice D.Y. Chandrachud (for the majority) considered privacy as a constitutional right of life and freedom of the person under Article 21 and as a component of freedom under Article 19 and of equality under Article 14. Privacy, in their understanding, is not a class element but something that is at the very core of human dignity.

Conceptual Foundations

The Court’s argument was based on three conceptual pillars:

  • Privacy as dignity: Privacy protects liberty of the person, freedom of choice, and dignity. Lose it, and no one is free to choose about family, marriage, sex, or identity.
  • Privacy as liberty: The Court decided that liberty under Article 21 encompasses spatial privacy (freedom from invasion of homes), informational privacy (control over information), and decisional privacy (freedom in personal decisions).
  • Privacy as equality: The Court interpreted privacy and non-discrimination on the grounds that minority groups such as LGBTQ+ require privacy so that they may have autonomy and identity. This is the precursor argument for Navtej Singh Johar v Union of India (2018) de-criminalizing homosexuality.

Overruling of Precedent

The Court went to the extent of overruling M.P. Sharma and Kharak Singh to the point of removing privacy from the list of fundamental rights. This ended decades of doctrinal uncertainty.[11]

Tests for Limiting Privacy

The Court elaborated that as with all rights, the right to privacy is not absolute but is qualified by restrictions that should satisfy a three-test requirement:

  • Legality: Prohibition is required to be statutory in origin.
  • Necessity: The restriction must be aimed at a reasonable state interest.
  • Proportionality: The restriction should be proportionate, i.e., the least restrictive to achieve the objective.

It has now been used in Aadhaar and surveillance matters.

 Implications of Puttaswamy

The ruling transformed constitutional jurisprudence. It:

  • Raised privacy to the level of a natural right.
  • Anchored it in dignity, liberty, and equality.
  • Set the foundation for further development into the likes of sexuality, reproductive rights, and privacy.
  • Apply proportionality as an intrinsic principle to balance privacy against other interests. 

Post-Puttaswamy Jurisprudence

The embrace of privacy failed to stifle the controversies, but unleashed floodgates of new constitutional litigation.

Aadhaar Case (Puttaswamy II, 2018)

The largest challenge hitherto was the constitutionality of the Aadhaar scheme, which was determined by a five-judge bench in Justice K.S. Puttaswamy v Union of India (2018). The Court declared Aadhaar to be constitutionally valid, founded on the reasoning that the scheme was in the interest of the legitimate government interest of convenience of delivery of welfare. It declared certain provisions, i.e., the compulsory making of Aadhaar linking of bank accounts and handsets, to be disproportionate.[12]

The Aadhaar ruling indicates the conflict between governance for welfare and protection of privacy: in safeguarding privacy, the Court adopted mass collection of biometrics on terms that protection be contingent. Critics lament that it compromised protection of privacy by coming close to public interest.

Sexual Privacy and LGBTQ+ Rights

In Navtej Singh Johar v Union of India (2018), the Court de-criminalised homosexuality under Section 377 IPC along the lines of principles of particularly Puttaswamy. The decision claimed that privacy encompasses sexual orientation and private lives, and criminalisation was against dignity and equality.[13]

Reproductive Autonomy and Body Autonomy

In Suchita Srivastava v Chandigarh Administration (2009), privacy had already been granted to the extent that reproductive choice was involved. After Puttaswamy, the courts went on to firmly establish reproductive autonomy. In X v NCT of Delhi (2022) of the Supreme Court, unmarried women were granted a right of abortion on equal terms, making decisions on grounds partly in privacy and decisional autonomy.[14]

Technology and Surveillance Examples

The 2021 Pegasus spyware leak resulted in suspected unconstitutional surveillance petitions. The Supreme Court directed a committee investigation, observing that the privacy of the citizens cannot be circumvented by state-indiscriminate surveillance.[^11] We do not yet know what the committee report includes, but the case reflects the absence of privacy protection during the digital age era.[15]

Likewise, the police and the welfare agencies’ use of the facial recognition technology has been raised on grounds of proportionality and bulk surveillance.

Legal Framework on Privacy and Data Protection

Information Technology Act, 2000 and Rules

Prior to Puttaswamy, privacy was generally safeguarded by law. Section 43A of the IT Act had held corporations liable for processing sensitive personal data in a negligent way, and the IT Rules, 2011, had made consensus-based processing of data mandatory. The above provisions were in their nascent stage and only against corporate players.[16]

Committee Reports and Draft Bills

The Justice A.P. Shah Committee in the year 2012 had suggested notice principles, choice, purpose limitation, and accountability as protection of privacy. Post Puttaswamy, the government set up the Justice B.N. Srikrishna Committee, which has suggested a draft Personal Data Protection Bill (2018). The Bill suggested principles such as data fiduciaries, consent, purpose limitation, and data protection authority.[17]

Digital Personal Data Protection Act, 2023

Following a series of drafts, Parliament enacted the Digital Personal Data Protection Act, 2023 (DPDPA). The Act gives rights to the individuals in relation to personal data, burdens a responsibility on the data fiduciaries, and creates a Data Protection Board. The Act has however been the subject of criticism on:

  • Government-wide blanket exemptions from the data protection legislation.
  • There is no independence of the Data Protection Board either.
  • Limited protection from state surveillance.

While the DPDPA is better, its exceptions override the constitutionally entrenched notion of privacy. [18]

Contemporary Challenges

Despite judicial and legislative advancements, privacy in India is confronted with a series of challenges.

Surveillance State

There isn’t any piece of surveillance-specific legislation in India. Colonial laws like the Telegraph Act and the Indian Telegraph Rules deal with all the agencies. Bulk interception, bulk interception, and spyware use are surrounded by secrecy and obscurity. This turns the test of proportionality in Puttaswamy on its head.

Aadhaar and Welfare Governance

Compulsory Aadhaar registration of welfare schemes continues to drive exclusionary problems. Non-verification on biometric reasons injures marginalised groups, denying them dignity and rights. Balance of welfare effectiveness and privacy remains to be addressed.

Big Tech and Data Colonisation

Private sector firms are collecting personal data in bulk by way of Digtal media. Unless DPDPA is enforced, individuals are not able to control personal data. Algorithmic profiling, ad targeting, and AI decision-making are challenges to informational privacy.

Pandemic and Health Technologies

Uses such as Aarogya Setu during the COVID-19 outbreak were harvesting location and sensitive health information. Unclear legislative protection caused mission creep and abuse. Public health-privacy balance remains a symptom of deeper governance issues.

New Technologies

New threats are presented by artificial intelligence, facial recognition, and biometric repositories. Algorithmic policing and predictive policing threaten more surveillance and discrimination. Privacy jurisprudence needs to evolve to counter such threats.

Way Forward:

Safeguarding Privacy To enable India to make privacy a lived reality in the Puttaswamy sense, it must do the following:

  • Comprehensive Surveillance Law: Supplant colonial law with a modern law that has judicial oversight, transparency, and accountability to surveillance.
  • Reinforce DPDPA: Curtail government exceptions, protect Data Protection Board independence, and implement best practice like GDPR.
  • Institutional Safeguards: Enforce independent and free data commissions and privacy commissioners.
  • Technological Measures: Enforce privacy-by-design, encryption, and anonymisation on government and private platforms.
  • Judicial Scrutiny: Courts need to apply strict proportionality in reviewing state action against privacy.
  • Public Education: Promote privacy literacy in an empowering way empowering citizens to be capable of exercising their rights.

Conclusion

The categorical recognition of privacy as a constitutional right in Puttaswamy is a constitutional milestone, as was the extension of equality and liberty in the past. Recognition is not sufficient. With the advent of digital technology, enormously enhancing surveillance and access to information, privacy is unprecedentedly under attack by state power and corporate power.

India’s task is to make privacy a living reality rather than an abstract possibility by strong law, empathetic institutions, and watchful courts. A constitutional democracy that guarantees dignity and freedom cannot be smug on privacy. It is not just an individual’s right, but the lifeblood of democratic society.

References

[1] “Manupatra Academy” <https://www.manupatracademy.com/legalpost/manu-sc-1044-2017>

[2] Supreme Court Observer, “Right to Privacy: Court in Review – Supreme Court Observer” (Supreme Court Observer, October 9, 2023) <https://www.scobserver.in/journal/right-to-privacy-court-in-review/>

[3] “M.P. Sharma & Ors. vs. Satish Chandra and Ors.” <https://privacylibrary.ccgnlud.org/case/saroj-rani-vs-sudarshan-kumar-chadha>

[4] Columbia Global Freedom of Expression, “Kharak Singh v. State of Uttar Pradesh – Global Freedom of Expression” (Global Freedom of Expression, November 4, 2023) <https://globalfreedomofexpression.columbia.edu/cases/singh-v-uttar-pradesh/?utm

[5] Basu A and Adamas University, Kolkata, India, “Case Comment: Govind v State of Madhya Pradesh,” vol 3 (2022) journal-article

[6] “Malak Singh & Ors. vs. State of Punjab and Haryana & Ors” <https://privacylibrary.ccgnlud.org/case/malak-singh-ors-vs-state-of-punjab-and-haryana-ors>

[7] Columbia Global Freedom of Expression, “R. Rajagopal v. State of Tamil Nadu – Global Freedom of Expression” (Global Freedom of Expression, September 5, 2023) <https://globalfreedomofexpression.columbia.edu/cases/r-rajagopal-v-state-of-t-n/>

[8] “The Legality and Oversight of Telephone Tapping Orders: A Landmark Judicial Decision, PUCL VS UOI,1996 | Legal Service India – Law Articles – Legal Resources” <https://www.legalserviceindia.com/legal/legal/article-13828-the-legality-and-oversight-of-telephone-tapping-orders-a-landmark-judicial-decision-pucl-vs-uoi-1996.html?utm

[9]  Supreme Court Observer, “Right to Privacy: Court in Review – Supreme Court Observer” (Supreme Court Observer, October 9, 2023) <https://www.scobserver.in/journal/right-to-privacy-court-in-review/>

[10] “Manupatra Academy” <https://www.manupatracademy.com/legalpost/manu-sc-1044-2017>

[11] “Manupatra Academy” <https://www.manupatracademy.com/legalpost/manu-sc-1044-2017>

[12] Supreme Court Observer, “Constitutionality of Aadhaar Act: Judgment Summary – Supreme Court Observer” (Supreme Court Observer, June 20, 2023) <https://www.scobserver.in/reports/constitutionality-of-aadhaar-justice-k-s-puttaswamy-union-of-india-judgment-in-plain-english/>

[13] “Navtej Singh Johar v. Union of India – Global Freedom of Expression” (Global Freedom of Expression, November 4, 2023) <https://globalfreedomofexpression.columbia.edu/cases/navtej-singh-johar-v-union-india/>

[14] “Suchita Srivastava vs. Chandigarh Administration” <https://privacylibrary.ccgnlud.org/case/suchita-srivastava-vs-chandigarh-administration#:~:text=Case%20Brief&text=The%20Supreme%20Court%20stayed%20the,of%20her%20right%20to%20privacy.>

[15] “Pegasus Spyware Probe – Supreme Court Observer” (Supreme Court Observer, July 16, 2025) <https://www.scobserver.in/cases/manohar-lal-sharma-v-union-of-india-pegasus-spyware-probe-case-background>

[16] Government of India, THE INFORMATION TECHNOLOGY ACT, 2000 (2000) <https://www.indiacode.nic.in/bitstream/123456789/13116/1/it_act_2000_updated.pdf>

[17] “Key Recommendations of the Shah Committee” (Lexology, November 30, 2012) <https://www.lexology.com/library/detail.aspx?g=55bf7134-cda6-4d04-9869-beea92364d59>

[18] Parliament, “THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023” (2023) <https://prsindia.org/files/bills_acts/bills_parliament/2023/Digital_Personal_Data_Protection_Act,_2023.pdf>

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe
Subscribe
Scroll to Top