{"id":230004,"date":"2020-05-22T16:19:56","date_gmt":"2020-05-22T10:49:56","guid":{"rendered":"https:\/\/www.scconline.com\/blog\/?p=230004"},"modified":"2020-07-14T19:07:28","modified_gmt":"2020-07-14T13:37:28","slug":"personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study","status":"publish","type":"post","link":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/","title":{"rendered":"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study"},"content":{"rendered":"<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">Right to privacy is a multidimensional concept. In the context of personal data, it refers to the specific right of an individual to control the collection, use and disclosure of his personal information. Personal information could be in the form of identity details, personal interests, habits, activities, records of family, education, communication, health, finance, etc. We are living in an era where personal information can be used innovatively for various purposes including state surveillance and revenue generation by businesses. In this context, the following words of Mr Tim Cook, Apple CEO may be noted; \u201c<i>Our own information is being weaponised against us with military efficiency. Every day, billions of dollars change hands and countless decisions are made on the basis of our likes and dislikes, our friends and families, our relationships and conversations, our wishes and fears, our hopes and dreams. These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold.<\/i><a href=\"#_ftn1\"><strong>[1]<\/strong><\/a><i>&#8221; <\/i>You may also recall the statements of Facebook CEO Mr. Mark Zuckerberg, before the United States Senate which were widely discussed across the world. In his statements, he admitted the failure of Facebook to prevent Cambridge Analytica, a data-mining firm affiliated with Donald Trump&#8217;s presidential campaign, from gathering personal information of 87 million users of Facebook to influence elections<a href=\"#_ftn2\"><strong>[2]<\/strong><\/a>. <\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">It is significant to note that there are various techniques like clustering, geotagging and geocoding which enables various other uses of available personal data of an individual without his knowledge. For example, when a picture is posted in the social media platform by an individual, various other connected information like current location, camera\/phone used for the photo, service provider details etc. can be dug out from the photo by using data mining techniques. This information can be used by other businesses to send unsolicited advertisements to the person who posted the photo and he might end up buying something. This should bring the salient realisation that \u2018data\u2019 has the potential to both empower as well as to harm. It is a fact that innovative technologies make personal data easily accessible and communicable. As such, it is of utmost importance to have a robust and effective data protection regime that will strike a balance between innovation and protection of privacy.An effective data protection law should therefore primarily reconcile all the conflicting interests to information.In this regard, we must look at the following facts:-<\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\">Though Indian Constitution doesn\u2019t explicitly guarantee \u2018Right to Privacy\u2019 as a fundamental right, the Supreme Court had ruled in August 2017<a href=\"#_ftn3\"><strong>[3]<\/strong><\/a> that right to privacy is a fundamental right under Article 21 of the Constitution.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">India does not have a data protection Act or a data protection agency as of now in spite of various attempts in that direction by the Government. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">India is nearing towards its first ever Data Protection enactment with introduction of the Personal Data Protection Bill in Parliament during December 2019.<\/span><\/li>\n<\/ul>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">This article is an attempt to examine the Personal Data Protection Bill, 2019<a href=\"#_ftn4\"><strong>[4]<\/strong><\/a> through the prism of right to privacy to study whether the Bill, in any way, dilutes the right to privacy in India.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b><i>Constitutional Jurisprudence on Right to Privacy in India<\/i><\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">The Constitution of India does not explicitly provide right to privacy in its text. Whereas, Indian courts had considered the plea that right to privacy is a fundamental right while considering varied cases of State action against individual privacy. In <i>M. P. Sharma v. Satish Chandra<\/i><a href=\"#_ftn5\"><strong>[5]<\/strong><\/a><i>, <\/i>an eight-Judge Bench of the Supreme Court of India while examining a question whether search warrant issued under Section 96(1)<span class=\"Apple-converted-space\">\u00a0 <\/span>CrPC<a href=\"#_ftn6\"><strong>[6]<\/strong><\/a> is ultra vires Article 19(1)(f), held that right to privacy is not protected by the Constitution of India. Another important judgment worth discussing is the minority\/dissenting judgment of the Supreme Court delivered by<span class=\"Apple-converted-space\">\u00a0 <\/span>K. Subbarao and K.C. Shah, JJ. in <i>Kharak Singh v. State of Uttar Pradesh<\/i><a href=\"#_ftn8\"><strong>[8]<\/strong><\/a>, where they recognised the right to privacy as a fundamental right under Articles 21 and 19(1)(d) of the Constitution of India. In this matter, the Court was considering of the validity of the provisions of the U.P. Police Regulations for daily surveillance. The petitioner was accused of dacoity and was later acquitted. The majority judgment in the matter held that right to privacy do not exist under the Constitution.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">When we examine various decisions of the Supreme Court over so many years after the judgment in <i>Kharak Singh<\/i>, it can be seen that judicial activism has brought right to privacy within the realm of fundamental rights by interpreting Articles 19 and 21. In this regard, it is significant to note the judgment of the Supreme Court of India in the following matters:<\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li3\"><span class=\"s1\"><i>Govind v. State of M.P<\/i><a href=\"#_ftn9\"><strong>[9]<\/strong><\/a>&#8211; The right to privacy was declared by the Supreme Court to encompass and protect the personal intimacies of the home, the family marriage, motherhood, procreation and child rearing, subject to \u201ccompelling state interest\u201d.<\/span><\/li>\n<li class=\"li3\"><span class=\"s3\"><span class=\"s4\"><i>People\u2019s Union for Civil Liberties v. Union of India<\/i><a href=\"#_ftn10\"><strong>[10]<\/strong><\/a><\/span><\/span><span class=\"s1\">&#8211; Supreme Court extended the right to privacy to\u00a0communications while considering the issue of telephone tapping and held that telephone tapping is a serious invasion of an individual&#8217;s privacy. <\/span><\/li>\n<li class=\"li3\"><span class=\"s3\"><span class=\"s4\"><i>Selvi v. State of Karnataka<\/i><a href=\"#_ftn11\"><strong>[11]<\/strong><\/a><\/span><\/span><span class=\"s1\"><b>\u2013<\/b> Supreme Court acknowledged the distinction between bodily\/physical privacy and mental privacy and held that subjecting a person to techniques such as narco-analysis, polygraph examination and the Brain Electrical Activation Profile (BEAP) test without his consent violates the subject\u2019s mental privacy.<\/span><\/li>\n<li class=\"li2\"><span class=\"s3\"><span class=\"s4\"><i>Unique Identification Authority of India v. Central Bureau of Investigation<\/i><a href=\"#_ftn12\"><strong>[12]<\/strong><\/a><\/span><\/span><span class=\"s1\"> &#8211; In this case,\u00a0CBI sought access to the database of the Unique Identity Authority of India for investigating\u00a0a criminal offence. The Supreme Court\u00a0in an interim order held that Unique Identity Authority of India\u00a0should not transfer any biometric information of any person who has been allotted an Aadhaar number to any other agency without the written consent of that person.<\/span><\/li>\n<\/ul>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">Then came the most celebrated judgment in <\/span><span class=\"s5\"> <i>K.S. Puttuswamy<\/i><span class=\"Apple-converted-space\">\u00a0 <\/span>v. <i>Union of India<\/i><a href=\"#_ftn13\"><strong>[13]<\/strong><\/a><\/span><span class=\"s1\">, where the issue of privacy was discussed in light of the Unique Identity Scheme. The question before the Court was whether right to privacy is guaranteed under the Constitution, and if it is, the source of such right, given the fact that there is no express provision for privacy in Indian Constitution. The Attorney General for India argued that privacy is not a fundamental right. Ultimately, the Court left the question to be deliberated by a larger Constitutional Bench since the earlier judgments that denied the existence of the right to privacy were given by Benches larger than those which decided the cases where right to privacy was accepted as a fundamental right. Finally, the matter was decided by a Bench of the Supreme Court comprising of nine Judges, holding that there is a fundamental right to privacy in the Constitution of India.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">This judgment marked a departure from the prior jurisprudence in its clear and unambiguous declaration that there is a fundamental right to privacy under the Constitution of India. In the context of this article, this judgment is significant as \u2018right to privacy\u2019 was conceptualised as a right in itself, for the first time. While, in the other cases stated above, right to privacy was used to protect specific interests, such as privacy from night-time police visits in\u00a0<i>Kharak Singh\u00a0case<\/i> or privacy from telephone tapping in\u00a0PUCL matter. This judgment also suggests a<i>\u00a0\u201cmenu\u201d\u00a0<\/i>of tests that can be used to contemplate how the limits and scope of the constitutional right to privacy could be determined in future cases. The test laid down by the Court to identify whether any State action violates the fundamental right to privacy is to check (a) the existence of a \u201claw\u201d, (b) a \u201clegitimate State interest\u201d and (c) the requirement of \u201cproportionality\u201d. The Court also reiterated four sub-tests of proportionality adopted in a 2016 decision in <i>Modern Dental College and Research Centre v. State of Madhya Pradesh<\/i><a href=\"#_ftn14\"><strong>[14]<\/strong><\/a> to decide proportionality of a State action. The tests require: (a) the interference must have a legitimate goal (legitimacy stage), (b) it must constitute a suitable mean of achieving the goal (suitability stage), (c) there must not be any less restrictive but equally effective alternative (necessity stage) and (d) the measure must not have a disproportionate impact on the right holder (balancing stage). As such, State actions restricting the right to privacy would amount to violation of fundamental right if such action do not pass the aforesaid tests<a href=\"#_ftn15\"><strong>[15]<\/strong><\/a>.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b><i>Evolution of Personal Data Protection Law in India<\/i><\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">Over the last two decades, the issue of privacy &#8211; in particular, the collection, processing and sharing of personal data of individuals &#8211; has become increasingly prominent in India. This is the period which saw the advent and flourishing of various internet based businesses in India which are dealing with the collection, organisation, and processing of personal information, whether directly, or as a critical component of their business model. As has been noted by the Supreme Court in <i>Puttaswamy case<\/i>;\u201cUber, the world\u2019s largest taxi company, owns no vehicles. Facebook &#8211; the world\u2019s most popular media owner, creates no content. Alibaba, the most valuable retailer, has no inventory; and \u2018Airbnb\u2019, the world\u2019s largest accommodation provider, owns no real estate<a href=\"#_ftn16\"><strong>[16]<\/strong><\/a>. This period saw various efforts by the Indian Government which is based on the understanding that online service delivery is a powerful vehicle for achieving policy objectives. The implementation of the project for unique biometric identification (Aadhaar), NATGRID<a href=\"#_ftn17\"><strong>[17]<\/strong><\/a>, CCTNS<a href=\"#_ftn18\"><strong>[18]<\/strong><\/a>, e-governance systems and the Aadhaar Act<a href=\"#_ftn19\"><strong>[19]<\/strong><\/a> etc., are some of significant steps of the Government in that direction. In spite of such increased collection of information of citizens by the Government, other institutions and service providers; India is yet to have an omnibus data protection law.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">However, there were attempts from the government, over the last decade towards formulating a data protection law. In 2012, a group of experts constituted by the Planning Commission under the chairmanship of Justice A.P. Shah recommended enactment of the Privacy Act and provided a draft<a href=\"#_ftn20\"><strong>[20]<\/strong><\/a>. Furthermore, the Department of Personnel and Training which was the nodal authority working on a privacy\/data protection legislation, made at least two different drafts, one in 2011 and another in 2014. None of these attempts were successful due to a lack of political will. <\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">Nonetheless, data protection in India was being achieved through provisions under various statutes and rules like the following: <\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\">Constitutional protection in recognition of right to privacy as a fundamental right under Part III of the Constitution in <i>Puttuswamy case<\/i>. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Information Technology Act, 2000 \u2013 (a) Section 43-A &#8211; Entities dealing with sensitive personal data or information are liable for damages for negligence in implementing and maintaining reasonable security practices resulting in wrongful loss or wrongful gain to any person. (b) Section<span class=\"Apple-converted-space\">\u00a0 <\/span>72-A &#8211; disclosure of materials containing personal information of any person by the service providers without the consent of the person or in breach of a lawful contract, is punishable. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\"> Telegraph Act, 1885 \u2013 Sections 5 &amp; 24 regulates interception of messages\u00a0by the Central Government and the State Governments of India.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Telegraph Rules, 1951- Rule 419-A prescribes stringent procedures and conditions for issuance of orders for interception of communications.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Rules), 2011 \u2013 Rules provide for protection of personal information by imposing certain obligations on the entities that collect information.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Unlawful Activities Prevention Act, 1967 \u2013 Intercepted communications are\u00a0not admissible as evidence unless the accused is given a copy of the order approving the interception, thus making illegal interceptions inadmissible.\u00a0<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Right to Information Act, 2005\u2013As per Section 8(1((j), information which relates to personal information the disclosure of which has no relationship to any public activity or interest, or which would cause unwarranted invasion of the privacy of the individual, is exempted from disclosure.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\"> Post Office Act, 1898 \u2013 Section 26 regulates interception of postal articles by the Central Government and the State Governments of India.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Code of Criminal Procedure, 1973 \u2013 Section 91 regulates targeted access to stored content.\u00a0<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Wireless Telegraphy Act, 1933 \u2013 As per Section 3, unauthorised establishment, maintenance or operation of wireless communications networks for the purpose of monitoring, intercepting and surveilling\u00a0communications is an offence. <\/span><\/li>\n<\/ul>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">Ultimately, any law is only as good as its enforcement. None of the existing laws mentioned above provides for a statutory redress\u00a0mechanism that an individual can resort to in cases of suspected arbitrary state actions like illegal interception\/surveillance. <\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b>Personal Data Protection Bill, 2019<\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">In <i>Puttuswamy case<\/i><a href=\"#_ftn21\"><strong>[21]<\/strong><\/a>, it was held that informational privacy is a facet of the right to privacy. In the said judgment, there was a further command to the Union Government to examine about bringing a robust regime for data protection, balancing individual interests and legitimate State concerns. The Government responded by setting up a Committee of Experts headed by Justice B.N. Sri Krishna to study various issues relating to data protection in India and suggest a Draft Data Protection Bill. In September 2019, the MeitY<a href=\"#_ftn22\"><strong>[22]<\/strong><\/a> also set up an expert committee under the chairman ship of Shri Kris Gopalakrishnan (Co-founder of Infosys) to provide recommendations on the governance framework for non-personal data. <\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">More than a year after the report was released by the Expert Committee headed by Justice B.N. Sri Krishna, India is now set to have a comprehensive personal data protection law. On 11.12.2019, India\u2019s Minister for Electronics and Information Technology, introduced the Personal Data Protection Bill (PDP Bill) in Lok Sabha as Bill No. 373 of 2019<a href=\"#_ftn23\"><strong>[23]<\/strong><\/a>. A resolution moved by Union Minister Ravi Shankar Prasad was passed by Lok Sabha by a voice vote and the Bill was then referred to a Joint Select Committee consisting of 20 members from Lok Sabha and 10 from Rajya Sabha<a href=\"#_ftn24\"><strong>[24]<\/strong><\/a>. Though the Joint Select Committee was due to report back to the Lok Sabha by the last week of the 2020 Budget Session of Parliament, the report is yet to be submitted. As such, the Bill which was to be tabled for discussions in the Budget Session, in now likely during the monsoon session of Parliament (between July and September); if the ongoing pandemic crisis and lock down settles down by then. So, it is clear that India is just a few legislative steps away from having its first data protection legislation.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b><i>What is there in the Personal Data Protection Bill?<\/i><\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">The PDP Bill contemplates a drastic change in data collection and processing practices in India. So far, both the private sector and the state have operated in a largely unregulated space, where they do not have to worry about checks and balances and processes to protect the privacy interests of the citizens.<span class=\"Apple-converted-space\">\u00a0 <\/span>As per Section 3(28) of the PDP Bill, <i>&#8220;personal data&#8221; means data about or relating to a natural person who is directly or indirectly identifiable, having regard to any characteristic, trait, attribute or any other feature of the identity of such natural person, whether online or offline, or any combination of such features with any other information, and shall include any inference drawn from such data for the purpose of profiling. <\/i>So, identifiability of a natural person is the central idea behind determining what personal data is. <\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">The following are the salient features of the Bill:<\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\">The PDP Bill is meant to improve data handling and data privacy in a way that is similar to the European Union\u2019s GDPR<a href=\"#_ftn25\"><strong>[25]<\/strong><\/a>.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill calls for creation of a Data Protection Authority (DPA) similar to the organisations found among members of the European Union, and defines the categories of sensitive personal data that are to be protected. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill defines \u2018data fiduciary\u2019 and prescribes various obligations for them on how they shall obtain, deal\/process and retain personal data. It makes them accountable for compliance of the obligations in respect of processing of personal data undertaken by it or on its behalf. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">If the PDP Bill comes into force, businesses would have to tell users about their data collection practices and seek customers\u2019 consent. They would have to collect and store evidence of the fact that such notice was given and consent was received. PDP Bill gives consumers the right to withdraw their consent and as such the businesses would have to come up with systems to allow consumers to withdraw their consent.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill gives consumers the right to access, correct, and erase their data after the same is processed for the purpose for which it was meant. As such, the businesses would have to create ways to allow consumers to do so.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill allow consumers to transfer their data, including any inferences made by businesses based on such data, to other businesses. All companies would have to develop ways for allowing the consumers to do this.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill requires all businesses to make organisational changes to protect data better. This include privacy-by-design principles (an approach in which privacy is a key consideration in how the business is organised), security safeguards, and so on.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill provides for data localisation requiring businesses to store certain categories of date only in Indian servers. In this regard, it establish a three-tiered structure as follows: &#8211;<\/span><\/li>\n<\/ul>\n<ol class=\"ol1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\"><b>Personal data:\u00a0<\/b>Localisation or data transfer restrictions do not apply to personal data that is not considered \u201csensitive\u201d or \u201ccritical.\u201d\u00a0 This type of personal data may be stored entirely outside of India and no transfer restrictions would apply.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\"><b>Sensitive personal data:\u00a0<\/b>\u201csensitive personal data\u2019 may be transferred outside of India, but such data shall continue to be stored in India. Sensitive personal data includes \u201cspecial categories of personal data\u201d including data relating to health, religion, sex life, political beliefs, biometric, genetic, finance etc.\u00a0Notably, passwords have been removed from the definition.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\"><b>Critical personal data:<\/b>\u00a0The Bill permits the Government to define certain personal data as \u201ccritical personal data\u201d which can\u2019t be transferred outside India.\u00a0 However, the Bill permits transfers to countries or organisations deemed to provide an adequate level of protection (where the State\u2019s security or strategic interests will not be prejudiced).<\/span><\/li>\n<\/ol>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\">The PDP Bill provides for a right to be forgotten which enables a data principal to restrict or prevent the continuing disclosure of his personal data by a data fiduciary where such disclosure (a) has served the purpose for which it was collected or is no longer necessary for the purpose; (b) was made with the consent of the data principal and such consent has since been withdrawn; or (c) was made contrary to the provisions of this Act or any other law for the time being in force. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill requires data fiduciaries to inform the DPA by notice about the breach of any personal data processed by them where such breach is likely to cause harm to any data principal.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Under the Bill, \u201csignificant data fiduciaries\u201d will have extra duties, such as carrying out data audits and appointing data protection officers. The Bill empowers the Central Government to declare any social media intermediary (who enables interaction between 2 or more individuals like Facebook) with users above such threshold as may be notified, as a significant data fiduciary:<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill gives enormous powers to the Central Government to exempt any agency of Government from the application of the Act<a href=\"#_ftn26\"><strong>[26]<\/strong><\/a>. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Under Section 91 of the PDP Bill, the Government can access any personal data anonymised or non-personal data from the data fiduciaries and processors. So, the Government can require business to share valuable non-personal data (such as aggregate mobility data collected by apps like Google maps or Uber) with the Government. The Bill is silent on whether businesses will be compensated for their loss. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Penalties for not complying &#8211; The PDP Bill gives the DPA the power to fine any business that does not comply with the bill or the regulations made by either the DPA or the Government. The maximum amount of penalties that can be imposed is 150 million Indian rupees (about $2.1 million), or 4 per cent of the global turnover of the firm in the preceding financial year.<\/span><\/li>\n<\/ul>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b><i>Whether Personal Data Protection Bill, 2019 dilutes the Right to Privacy?<\/i><\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">The Expert Committee on Data Protection had rightly stated in their report that \u201c<i>a data protection law, to be meaningful should, in principle, apply to the State. It would indeed be odd if a law enacted to give effect to a fundamental right to privacy does not serve to protect persons from privacy harms caused by processing of personal data by the State.<\/i>\u201d<a href=\"#_ftn27\"><strong>[27]<\/strong><\/a> This stand of the Expert Committee is clearly visible in their recommendations and in the draft of the Bill proposed by them. Whereas, the PDP Bill as introduced in<span class=\"Apple-converted-space\">\u00a0 <\/span>Parliament was altered substantially from the Expert Committee\u2019s draft on various counts, particularly on its applicability to the state. One of the serious criticisms against the PDP Bill is that it invades the citizens\u2019 fundamental right to privacy. This criticism was raised considering the extensive grounds in the Bill permitting the Central government to exempt any government agency from the requirements of the Bill.\u00a0<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">The following are certain facts which leads to an inference that the PDP Bill, 2019 dilutes the fundamental right to privacy: <\/span><\/p>\n<ul class=\"ul1\" style=\"text-align: justify;\">\n<li class=\"li2\"><span class=\"s1\">The PDP Bill gives India\u2019s Central Government the power to issue reasoned orders exempting any government agency from the bill\u2019s requirements on grounds related to security and sovereignty of the State and public order<a href=\"#_ftn28\"><strong>[28]<\/strong><\/a>. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The Expert Committee\u2019s draft Bill allowed exemption in the interests of national security, when the same is authorised by a law enacted by Parliament; provided that it satisfy the internationally recognised principles of necessity and proportionality<a href=\"#_ftn29\"><strong>[29]<\/strong><\/a>. Whereas, under Section 35 of the PDP Bill; a simple executive order of the Central Government authorising any government agency to process personal data can allow them to conduct surveillance without any clear safeguards. When the Expert Committee recommended such exemptions to be made only with laws, the alteration as aforesaid is to be considered as a deliberate attempt to dilute the right to privacy.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">These blanket exemptions fail to meet the standards laid out by the Supreme Court in <i>Puttaswamy case,\u00a0<\/i>where it ruled that measures restricting the right to privacy must (1) be backed by law, (2) serve a legitimate aim, (3) be proportionate to the objective of the law, and (4) have procedural safeguards against abuse. The PDP Bill seems to expand the scope of exemptions while simultaneously diluting important safeguards when compared to the draft Bill proposed by the Justice Srikrishna Committee. While national interests may in some cases override individual interest in privacy, it is critical, as the Justice Srikrishna Committee noted, \u201c<i>to ensure that the pillars of the data protection framework are not shaken by a vague and nebulous national security exception.<\/i>\u201d<a href=\"#_ftn30\"><strong>[30]<\/strong><\/a><\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Limited powers of Data Protection Authority in comparison with the Central Government &#8211; In comparison with the last version of the Personal Data Protection Bill, 2018 prepared by the Committee of Experts led by Justice Srikrishna, we witness an abrogation of powers of the Data Protection Authority (Authority), to be created, in this Bill. The powers and functions that were originally intended to be performed by the Authority have now been allocated to the Central Government. For example: (i) In the 2018 Bill, the Authority had the power to notify further categories of sensitive personal data. Under the present Bill, the Central Government in consultation with the sectoral regulators has been conferred the power to do so. (ii) Under the 2018 Bill, the Authority had the sole power to determine and notify significant data fiduciaries, however, under the present Bill, the Central Government has in consultation with the Authority been given the power to notify social media intermediaries as significant data fiduciaries. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">As per the PDP Bill, the \u201cprocedure, safeguards and oversight mechanism to be followed\u201d for surveillance will be prescribed in the rules to be made by the Government. It is trite law that if discretionary powers are given to the executive branch of the government, it must be accompanied by clear and specific guidelines for the executive to exercise the power<a href=\"#_ftn31\"><strong>[31]<\/strong><\/a>. This cardinal rule is ignored by the PDP Bill.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">When we look at the GDPR on which the PDP Bill is largely based, it can be seen that GDPR offers European Union (EU) member States similar escape clauses. Whereas, they are tightly regulated by other EU directives. Without these safeguards, India\u2019s Bill potentially gives India\u2019s Central Government the power to access individual data over and above the existing Indian laws.\u00a0<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill provides for the government-mandated sharing of privately collected and developed non-personal data. Section 91(2) of the Bill states that the Government may direct any data fiduciary or data processor to provide any personal data anonymised or other non-personal data to enable better targeting of delivery of services or formulation of evidence-based policies by the Central Government. Firstly, it is inconceivable why a law on personal data protection deals with non-personal data at all. Secondly, this provision does not indicate the manner in which the Government will use such data and does not specify whether businesses mandated to share such data will be compensated. As such, under this provision, the Central Government has the power to expropriate intellectual property and this is likely to have deleterious effects on the incentives for innovation in the long run.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">Furthermore, as per Section 3(2) of the PDP Bill, anonymised data is data that has undergone an \u201cirreversible process of transforming or converting personal data to a form in which a data principal cannot be identified\u201d. In this regard, it may be noted that irreversible anonymisation is impossible as per the available research findings<a href=\"#_ftn32\"><strong>[32]<\/strong><\/a>. As such, in the absence of provisions in the Bill prescribing standards for anonymisation and penalties for breach; the State\u2019s right to access anonymised personal data is an invasion of right to privacy over personal data. It is concerning that the Data Protection Bill has specifically carved out an exception for the Central Government to frame policies for the digital economy and seems to indicate that the government plans to freely use any and all anonymised and\/or non-personal data that rests with any data fiduciary that falls under the ambit of the Bill to support the digital economy including for its growth, security, integrity, and prevention of misuse. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill allow exemptions for small businesses that look after customers\u2019 personal information manually. Under the Bill proposed by the Expert Committee, such businesses needed to meet three conditions, based on annual turnover; whether they shared personal data; and how much personal data they processed. But under the PDP Bill, the new Data Protection Authority decides which small businesses qualify for exemption and the Bill does not prescribe any qualification to be eligible for the exemption.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The Expert Committee\u2019s draft provided for exemption for prevention, detection, investigation and prosecution of contraventions of law (Section 43). It further made it clear that in order to invoke the exemption, the law enforcement agencies must be authorised by law. This requirement for authorisation by law is not explicit in the PDP Bill.<\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">As per Section 14 of the PDP Bill, the Government can process personal data without consent for some \u201creasonable purposes\u201d which include whistleblowing. The section further empowers the Government to determine by way of regulation as to whether the requirement of notice to data principal is required or not. This could result in systematic harassment of whistleblowers who may expose scams or irregularities. <\/span><\/li>\n<li class=\"li2\"><span class=\"s1\">The PDP Bill prescribes certain provisions on data breach like mandatory reporting of breach and penalty for contravention. Whereas, the Bill empower the Central Government to exempt the same for government agencies. In this context, let us go back to early 2018, when,<span class=\"Apple-converted-space\">\u00a0 <\/span>news broke that access to the country\u2019s UIDAI database was found being advertised in Whatsapp for a sum of 300 Rupees. Considering the fact that information of the country\u2019s 1.3 billion citizens is available in Aadhaar database, this was considered the largest data breach in the world<a href=\"#_ftn33\"><strong>[33]<\/strong><\/a>.\u00a0<\/span><\/li>\n<\/ul>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">These sweeping powers given to the Government under the Bill opens up a possibility of mass surveillance which goes against the fundamental right of privacy. As such, the PDP Bill in more than one way fails to qualify the tests prescribed in <i>Puttaswamy<\/i> judgment to identify violation of constitutional right to privacy.<\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\"><b><i>Conclusion<\/i><\/b><\/span><\/p>\n<p class=\"p2\" style=\"text-align: justify;\"><span class=\"s1\">While, the Data Protection Bill is a welcome step in establishing a data protection regime, it is fraught with various provisions that dilute the fundamental right to privacy. The Bill lacks many necessary safeguards that are needed to protect the right to privacy. Not only is this problematic since the proposed framework is unlikely to protect privacy adequately, but the PDP Bill also significantly, dilutes right to privacy and increases State power to surveillance without creating adequate checks and balances. This is likely to have deleterious consequences for the stated objective of protecting informational privacy. There is a need to see the privacy of the citizens as the primary end goal of a data protection legislation. It is perhaps this clarity of vision\u00a0that may help the policymakers in resolving the competing interests of the State\u2019s welfare and surveillance agendas, the private sector\u2019s gargantuan appetite for personal data, the need for community data to facilitate bottom-up innovation, and the ability of individuals to exercise their right to privacy.<\/span><\/p>\n<hr \/>\n<p class=\"p1\"><span class=\"s1\" style=\"color: #008000;\">*BA LLB (Hons.), LLM \u2013 Currently working as Manager-Legal with Hindustan Petroleum Corporation Limited at Zonal Administrative Office, Chennai<\/span><\/p>\n<p class=\"p1\"><span class=\"s2\"><strong><a href=\"#_ftnref1\">[1]<\/a><\/strong> <a href=\"https:\/\/www.cnbc.com\/2018\/10\/24\/apples-tim-cook-warns-silicon-valley-it-would-be-destructive-to-block-strong-privacy-laws.html\">https:\/\/www.cnbc.com\/2018\/10\/24\/apples-tim-cook-warns-silicon-valley-it-would-be-destructive-to-block-strong-privacy-laws.html<\/a><\/span><span class=\"s1\">, last accessed on 02.05.2020 at 2:20 p.m.<\/span><\/p>\n<p><strong><a href=\"#_ftnref2\">[2]<\/a><\/strong> <span class=\"s1\"><i>Facebook CEO Mark Zuckerberg testifies before US Congress: Highlights<\/i>, The Economic Times (11\/04\/2018) available at <a href=\"https:\/\/economictimes.indiatimes.com\/tech\/internet\/facebook-ceo-mark-zuckerberg-testifies-before-us-congress-highlights\/articleshow\/63704337.cms?from=mdr\"><span class=\"s2\">https:\/\/economictimes.indiatimes.com\/tech\/internet\/facebook-ceo-mark-zuckerberg-testifies-before-us-congress-highlights\/articleshow\/63704337.cms?from=mdr<\/span><\/a>, last accessed on 02.05.2020 at 2:36 p.m.<\/span><\/p>\n<p><a href=\"#_ftnref3\"><strong>[3]<\/strong><\/a> <span class=\"s1\">Justice K.S. Puttuswamy<span class=\"Apple-converted-space\">\u00a0 <\/span>v. Union of India , <a href=\"http:\/\/www.scconline.com\/DocumentLink\/vz3km7n2\">(2017) 10 SCC 641<\/a><\/span><\/p>\n<p><a href=\"#_ftnref4\"><strong>[4]<\/strong><\/a><span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/A3yGRo3e\">Personal Data Protection Bill, 2019<\/a><\/span><\/p>\n<p><a href=\"#_ftnref5\"><strong>[5]<\/strong><\/a> <span class=\"s1\">M.P Sharma<span class=\"Apple-converted-space\">\u00a0 <\/span>v. Satish Chandra, <a href=\"http:\/\/www.scconline.com\/DocumentLink\/68mt5dT9\">1954 SCR 1077<\/a>\u00a0<\/span><\/p>\n<p><strong><a href=\"#_ftnref6\">[6]<\/a><\/strong> <span class=\"s1\">The Code of Criminal Procedure (Act V of 1898) was in force at the relevant point of time.<\/span><\/p>\n<p><a href=\"#_ftnref7\"><strong>[7]<\/strong><\/a> <span class=\"s1\">When this matter was decided, Right to Property was a fundamental right under Article 19(1)(f) of the Constitution which was later omitted by the 44<\/span><span class=\"s2\"><sup>th<\/sup><\/span><span class=\"s1\"> Amendment to Constitution in 1978.<\/span><\/p>\n<p><a href=\"#_ftnref8\"><strong>[8]<\/strong><\/a> <span class=\"s1\">Kharak Singh v. State of Uttar Pradesh, <a href=\"http:\/\/www.scconline.com\/DocumentLink\/FD3qAsEl\">1964 SCR (1) 332<\/a>.\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref9\"><strong>[9]<\/strong><\/a> <span class=\"s1\">Govind v. State of Madhya Pradesh, <a href=\"http:\/\/www.scconline.com\/DocumentLink\/e429yiwY\">(1975) 2 SCC 148<\/a>.\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref10\"><strong>[10]<\/strong><\/a> <span class=\"s1\">People\u2019s Union for Civil Liberties v. Union of India, <a href=\"http:\/\/www.scconline.com\/DocumentLink\/2E89q2fb\">(1997) 1 SCC 301<\/a>.\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref11\"><strong>[11]<\/strong><\/a> <span class=\"s1\">Selvi<span class=\"Apple-converted-space\">\u00a0 <\/span>v. State of Karnataka , <a href=\"http:\/\/www.scconline.com\/DocumentLink\/GOIb9dz6\">(2010) 7 SCC 263<\/a>\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref12\"><strong>[12]<\/strong><\/a> <span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/vyrX081N\">(2017) 7 SCC 157<\/a>\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref13\"><strong>[13]<\/strong><\/a> <span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/vz3km7n2\">(2017) 10 SCC 641<\/a>.<\/span><\/p>\n<p><a href=\"#_ftnref14\"><strong>[14]<\/strong><\/a> <span class=\"s1\">Modern Dental College and Research Centre v. State of Madhya Pradesh, <a href=\"http:\/\/www.scconline.com\/DocumentLink\/SCqkYD9T\">(2016) 7 SCC 353<\/a><\/span><\/p>\n<p><a href=\"#_ftnref15\"><strong>[15]<\/strong><\/a> <span class=\"s1\">IndraStra Global, <i>An Analysis of Puttaswamy: The Supreme Court\u2019s Privacy Verdict,<\/i> available at <a href=\"https:\/\/medium.com\/indrastra\/an-analysis-of-puttaswamy-the-supreme-courts-privacy-verdict-53d97d0b3fc6\"><span class=\"s2\">https:\/\/medium.com\/indrastra\/an-analysis-of-puttaswamy-the-supreme-courts-privacy-verdict-53d97d0b3fc6<\/span><\/a>, last accessed on 02.05.2020 at 5:00 P.M.<\/span><\/p>\n<p><a href=\"#_ftnref16\"><strong>[16]<\/strong><\/a> <span class=\"s1\">Tom Goodwin, \u2018The Battle is for Customer Interface\u2018, TechCrunch (3 March 2015), available at: <a href=\"https:\/\/techcrunch.com\/2015\/03\/03\/in-the-age-of-disintermediation-the-battle-is-all-for-the-customer-interface\/\"><span class=\"s2\">https:\/\/techcrunch.com\/2015\/03\/03\/in-the-age-of-disintermediation-the-battle-is-all-for-the-customer-interface\/<\/span><\/a>, last accessed on 29 April 2020.<\/span><\/p>\n<p><a href=\"#_ftnref17\"><strong>[17]<\/strong><\/a> National Intelligence Grid.<\/p>\n<p><a href=\"#_ftnref18\"><strong>[18]<\/strong><\/a> <span class=\"s1\">Crime and Criminal Tracking Network and Systems.<\/span><\/p>\n<p><a href=\"#_ftnref19\"><strong>[19]<\/strong><\/a> <span class=\"s1\">Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016<\/span><\/p>\n<p><a href=\"#_ftnref20\"><strong>[20]<\/strong><\/a> <span class=\"s1\">Report of the Group of Experts on Privacy Constituted by Planning Commission of India under the Chairmanship of Justice A.P Shah, Former Chief Justice, Delhi High Court, available at <a href=\"https:\/\/www.dsci.in\/content\/report-group-experts-privacyconstituted-planning-commission-india\"><span class=\"s2\">https:\/\/www.dsci.in\/content\/report-group-experts-privacyconstituted-planning-commission-india<\/span><\/a>, last accessed on 02.05.2020 at 5:30 p.m.<\/span><\/p>\n<p><a href=\"#_ftnref21\"><strong>[21]<\/strong><\/a> <span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/vz3km7n2\">(2017) 10 SCC 641<\/a>.<\/span><\/p>\n<p><a href=\"#_ftnref22\"><strong>[22]<\/strong><\/a> <span class=\"s1\">Ministry of Electronics and Information Technology, Government of India.<\/span><\/p>\n<p><a href=\"#_ftnref23\"><strong>[23]<\/strong><\/a> <span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/A3yGRo3e\">Personal Data Protection Bill, 2019<span class=\"Apple-converted-space\">\u00a0<\/span><\/a><\/span><\/p>\n<p><a href=\"#_ftnref24\"><strong>[24]<\/strong><\/a> <span class=\"s1\">Anurag Vaishnav, \u201c<i>The Personal Data Protection Bill, 2019: All you need to know<\/i>\u201d, available at <a href=\"https:\/\/www.prsindia.org\/theprsblog\/personal-data-protection-bill-2019-all-you-need-know\"><span class=\"s2\">https:\/\/www.prsindia.org\/theprsblog\/personal-data-protection-bill-2019-all-you-need-know<\/span><\/a>, last accessed on 28.04.2020 at 3:00 p.m.<\/span><\/p>\n<p><a href=\"#_ftnref25\"><strong>[25]<\/strong><\/a> <span class=\"s1\">General Data Protection Regulation \u2013 Regulation (EU) 2016\/679 of the European Parliament and of the on data protection and privacy in the European Union and the European Economic Area.\u00a0<\/span><\/p>\n<p><a href=\"#_ftnref26\"><strong>[26]<\/strong><\/a> <span class=\"s1\">Chapter VIII of the Personal Data Protection Bill provides exemptions.<\/span><\/p>\n<p><a href=\"#_ftnref27\"><strong>[27]<\/strong><\/a> <span class=\"s1\">Justice B.N. Srikrishna Committee of Experts, \u201c<a href=\"http:\/\/www.scconline.com\/DocumentLink\/rBf9pTty\">Report of the Committee on Data Protection &#8211;<i>A Free and Fair Digital Economy Protecting Privacy, Empowering Indians<\/i><\/a>\u201d submitted to Ministry of Electronics and Information Technology, (July, 2018); Pg. 114<\/span><\/p>\n<p><a href=\"#_ftnref28\"><strong>[28]<\/strong><\/a> <span class=\"s1\">Section 35 of the Personal Data Protection Bill, 2019 (pending)<\/span><\/p>\n<p><a href=\"#_ftnref29\"><strong>[29]<\/strong><\/a> <span class=\"s1\"><a href=\"http:\/\/www.scconline.com\/DocumentLink\/A3yGRo3e\">Personal Data Protection Bill, 2019<\/a>,<span class=\"Apple-converted-space\">\u00a0 <\/span>, page. 156.<\/span><\/p>\n<p><a href=\"#_ftnref30\"><strong>[30]<\/strong><\/a> Krishnaveer Singh, Does the Data Protection Bill threaten the right to privacy?; National Herald (2\/1\/2020) available at <a href=\"https:\/\/www.nationalheraldindia.com\/opinion\/does-the-data-protection-bill-threaten-the-right-to-privacy\">https:\/\/www.nationalheraldindia.com\/opinion\/does-the-data-protection-bill-threaten-the-right-to-privacy<\/a>, last accessed on 02.05.2020 .<\/p>\n<p><a href=\"#_ftnref31\"><strong>[31]<\/strong><\/a> <span class=\"s1\">Anirudh Burman &amp; Suyash Rai, <i>What Is in India\u2019s Sweeping Personal Data Protection Bill?, available at <\/i><a href=\"https:\/\/carnegieindia.org\"><span class=\"s2\">https:\/\/carnegieindia.org<\/span><\/a>, last accessed on 02.05.2020 at 7:00 p.m.<\/span><\/p>\n<p><a href=\"#_ftnref32\"><strong>[32]<\/strong><\/a> <span class=\"s1\">\u201c<a href=\"https:\/\/ec.europa.eu\/justice\/article-29\/documentation\/opinion-recommendation\/files\/2014\/wp216_en.pdf\">Opinion of Anonymization Techniques<\/a>\u201d adopted by Data Protection Working Committee, European Commission, available at <a href=\"https:\/\/ec.europa.eu\/justice\/article-29\/documentation\/opinion-recommendation\/files\/2014\/%2520wp216_en.pdf\"><span class=\"s2\">https:\/\/ec.europa.eu\/justice\/article-29\/documentation\/opinion-recommendation\/files\/2014\/ wp216_en.pdf<\/span><\/a>, last accessed on 02.05.2020.<\/span><\/p>\n<p><a href=\"#_ftnref33\"><strong>[33]<\/strong><\/a> <span class=\"s1\">State of Privacy India, available at <a href=\"https:\/\/privacyinternational.org\/state-privacy\/1002\/state-privacy-india\"><span class=\"s2\">https:\/\/privacyinternational.org\/state-privacy\/1002\/state-privacy-india<\/span><\/a>, last accessed on 02.05.2020 at 9:00 p.m.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>by Renjith Mathew*<\/p>\n","protected":false},"author":8808,"featured_media":146761,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[42503,1191],"tags":[34217,41540,41541,39459],"class_list":["post-230004","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-legal-analysis","category-op-ed","tag-constitutional-jurisprudence","tag-fundamental-right-to-privacy","tag-k-s-puttaswamy-case","tag-personal-data-protection-bill-2019"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.4 (Yoast SEO v26.4) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study | SCC Times<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study\" \/>\n<meta property=\"og:description\" content=\"by Renjith Mathew*\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/\" \/>\n<meta property=\"og:site_name\" content=\"SCC Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/scc.online\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-22T10:49:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-14T13:37:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1330\" \/>\n\t<meta property=\"og:image:height\" content=\"887\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Bhumika Indulia\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bhumika Indulia\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"27 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/\",\"url\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/\",\"name\":\"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study | SCC Times\",\"isPartOf\":{\"@id\":\"https:\/\/www.scconline.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg\",\"datePublished\":\"2020-05-22T10:49:56+00:00\",\"dateModified\":\"2020-07-14T13:37:28+00:00\",\"author\":{\"@id\":\"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/919ec47cc1b871b362af05740398033a\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage\",\"url\":\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg\",\"contentUrl\":\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg\",\"width\":1330,\"height\":887},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.scconline.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.scconline.com\/blog\/#website\",\"url\":\"https:\/\/www.scconline.com\/blog\/\",\"name\":\"SCC Times\",\"description\":\"Bringing you the Best Analytical Legal News\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.scconline.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/919ec47cc1b871b362af05740398033a\",\"name\":\"Bhumika Indulia\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/04\/Me-150x150.jpg\",\"contentUrl\":\"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/04\/Me-150x150.jpg\",\"caption\":\"Bhumika Indulia\"},\"url\":\"https:\/\/www.scconline.com\/blog\/post\/author\/editor_1\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study | SCC Times","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/","og_locale":"en_US","og_type":"article","og_title":"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study","og_description":"by Renjith Mathew*","og_url":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/","og_site_name":"SCC Times","article_publisher":"https:\/\/www.facebook.com\/scc.online\/","article_published_time":"2020-05-22T10:49:56+00:00","article_modified_time":"2020-07-14T13:37:28+00:00","og_image":[{"width":1330,"height":887,"url":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg","type":"image\/jpeg"}],"author":"Bhumika Indulia","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Bhumika Indulia","Est. reading time":"27 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/","url":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/","name":"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study | SCC Times","isPartOf":{"@id":"https:\/\/www.scconline.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage"},"image":{"@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage"},"thumbnailUrl":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg","datePublished":"2020-05-22T10:49:56+00:00","dateModified":"2020-07-14T13:37:28+00:00","author":{"@id":"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/919ec47cc1b871b362af05740398033a"},"breadcrumb":{"@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#primaryimage","url":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg","contentUrl":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg","width":1330,"height":887},{"@type":"BreadcrumbList","@id":"https:\/\/www.scconline.com\/blog\/post\/2020\/05\/22\/personal-data-protection-bill-2019-examined-through-the-prism-of-fundamental-right-to-privacy-a-critical-study\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.scconline.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Personal Data Protection Bill, 2019 \u2013Examined through the Prism of\u00a0 Fundamental Right to Privacy \u2013 A Critical Study"}]},{"@type":"WebSite","@id":"https:\/\/www.scconline.com\/blog\/#website","url":"https:\/\/www.scconline.com\/blog\/","name":"SCC Times","description":"Bringing you the Best Analytical Legal News","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.scconline.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/919ec47cc1b871b362af05740398033a","name":"Bhumika Indulia","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.scconline.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/04\/Me-150x150.jpg","contentUrl":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/04\/Me-150x150.jpg","caption":"Bhumika Indulia"},"url":"https:\/\/www.scconline.com\/blog\/post\/author\/editor_1\/"}]}},"jetpack_featured_media_url":"https:\/\/www.scconline.com\/blog\/wp-content\/uploads\/2017\/08\/data-protection.jpg","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":249813,"url":"https:\/\/www.scconline.com\/blog\/post\/2021\/06\/15\/protection-of-personal-data\/","url_meta":{"origin":230004,"position":0},"title":"Protection of personal data: A legal perspective","author":"Editor","date":"June 15, 2021","format":false,"excerpt":"by Gurleen Kaur\u2020","rel":"","context":"In &quot;Op Eds&quot;","block_context":{"text":"Op Eds","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/legal-analysis\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/06\/MicrosoftTeams-image-5-3.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/06\/MicrosoftTeams-image-5-3.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/06\/MicrosoftTeams-image-5-3.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/06\/MicrosoftTeams-image-5-3.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/06\/MicrosoftTeams-image-5-3.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":264616,"url":"https:\/\/www.scconline.com\/blog\/post\/2022\/03\/28\/personal-data-protection-bill\/","url_meta":{"origin":230004,"position":1},"title":"Civil Remedies for Data Protection: A Critical Analysis of the Tortious Provision in Personal Data Protection Bill, 2019","author":"Editor","date":"March 28, 2022","format":false,"excerpt":"by Kumar Aryan*","rel":"","context":"In &quot;Op Eds&quot;","block_context":{"text":"Op Eds","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/legal-analysis\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/Data-Protection.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/Data-Protection.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/Data-Protection.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/Data-Protection.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/Data-Protection.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":225268,"url":"https:\/\/www.scconline.com\/blog\/post\/2020\/02\/06\/evolution-of-data-privacy\/","url_meta":{"origin":230004,"position":2},"title":"Evolution of Data Privacy","author":"Bhumika Indulia","date":"February 6, 2020","format":false,"excerpt":"Bhumesh Verma, Managing Partner, Sayantan Dey, Legal and Compliance Professional and Ujjwal Agrawal, Student Researcher Corp Comm Legal Cite as: (2020) PL (CL) February 74","rel":"","context":"In &quot;OP. ED.&quot;","block_context":{"text":"OP. ED.","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2018\/03\/Corp-Comm-Legal-1.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2018\/03\/Corp-Comm-Legal-1.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2018\/03\/Corp-Comm-Legal-1.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2018\/03\/Corp-Comm-Legal-1.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2018\/03\/Corp-Comm-Legal-1.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":334964,"url":"https:\/\/www.scconline.com\/blog\/post\/2024\/11\/13\/unravelling-consent-under-the-digital-personal-data-protection-act-2023-a-barrier-to-data-principal-rights\/","url_meta":{"origin":230004,"position":3},"title":"Unravelling \u201cConsent\u201d under the Digital Personal Data Protection Act, 2023 \u2014 A Barrier to Data Principal Rights","author":"Bhumika Indulia","date":"November 13, 2024","format":false,"excerpt":"by Gaurav Thote*","rel":"","context":"In &quot;Op Eds&quot;","block_context":{"text":"Op Eds","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/legal-analysis\/"},"img":{"alt_text":"Digital Personal Data Protection Act 2023","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2024\/11\/Digital-Personal-Data-Protection-Act-2023.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2024\/11\/Digital-Personal-Data-Protection-Act-2023.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2024\/11\/Digital-Personal-Data-Protection-Act-2023.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2024\/11\/Digital-Personal-Data-Protection-Act-2023.webp?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":264614,"url":"https:\/\/www.scconline.com\/blog\/post\/2022\/03\/28\/cloud\/","url_meta":{"origin":230004,"position":4},"title":"CLOUD with a Silver Lining","author":"Editor","date":"March 28, 2022","format":false,"excerpt":"by Vivek Prasad*","rel":"","context":"In &quot;Op Eds&quot;","block_context":{"text":"Op Eds","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/legal-analysis\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/CLOUD.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/CLOUD.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/CLOUD.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/CLOUD.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2022\/03\/CLOUD.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":255060,"url":"https:\/\/www.scconline.com\/blog\/post\/2021\/10\/01\/right-to-digital-privacy\/","url_meta":{"origin":230004,"position":5},"title":"Right to Digital Privacy:\u00a0 A Critical and Comparative Analysis of the Draft Data Protection Bill and Role of Government Autonomy in Using Persuasive Technology to Affect Democracy","author":"Editor","date":"October 1, 2021","format":false,"excerpt":"by Shivani Dewalla\u2020","rel":"","context":"In &quot;Op Eds&quot;","block_context":{"text":"Op Eds","link":"https:\/\/www.scconline.com\/blog\/post\/category\/op-ed\/legal-analysis\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/10\/MicrosoftTeams-image-101.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/10\/MicrosoftTeams-image-101.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/10\/MicrosoftTeams-image-101.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/10\/MicrosoftTeams-image-101.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/www.scconline.com\/blog\/wp-content\/uploads\/2021\/10\/MicrosoftTeams-image-101.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/posts\/230004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/users\/8808"}],"replies":[{"embeddable":true,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/comments?post=230004"}],"version-history":[{"count":0,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/posts\/230004\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/media\/146761"}],"wp:attachment":[{"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/media?parent=230004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/categories?post=230004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.scconline.com\/blog\/wp-json\/wp\/v2\/tags?post=230004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}