Promises and Illusions of Data Protection in Indian Law
International Data Privacy Law, 2011: 47-69, Vol. 1, No. 1
33 Pages Posted: 23 Aug 2012
Date Written: March 22, 2011
The size and economic importance of India has caused its data protection and privacy rules to come under increasing scrutiny. In recent years, the Indian government has enacted disparate pieces of legislation dealing with data protection in areas such as information technology, credit information, and access to public sector information. Protection through the courts has also expanded. However, India still lacks a comprehensive legal framework for data protection, and much of the legislation fails to protect the rights of individuals as much as it promises (or pretends) to do.
This paper analysed Indian law as it was to the end of 2010. Basic principles of data protection are often not sufficiently implemented into Indian legal provisions, or are so implemented only in relation to one sector. Some of the legal structures that have been constructed ostensibly to protect individual rights (such as credit information) may actually have the result of increased surveillance of individuals, and some exist only on paper, without regulations or administrative measures to give them effect. India also lacks a system of genuinely independent data protection regulators, or a wide enough range of remedies.
India has made progress in data protection in the last few years, but still lacks a satisfactory legal framework for data protection. However, its legal structure is evolving, and the precise points at which it is still lacking need to be understood so that they can be remedied.
Keywords: India, data protection, privacy, consumer protection, constitutional rights
Suggested Citation: Suggested Citation