Today in India, the right to privacy faces serious challenges from the internet and telecommunications. On the one hand, the increased use of these technologies allows individuals to become more visible, accessible, and interconnected. On the other, these same forces allow governments, corporations, and other entities unrestricted access into the lives of the public. In India, individuals are plagued with spam messages and unsolicited marketing calls/text messages, risk fraud and phishing attacks as they transact online, have personal information gathered, used, and sold without permission or knowledge, risk having ISPs retain user data and history, and risk having governments monitor online behavior and communications.
Furthermore, online privacy is threatened as the user often does not have control over the information that they generate and the line between what is personal information, what is private information, and what is public information is often fuzzy. This has created a situation where, for example, information displayed on social networking sites can be used as evidence against an individual, and employees can look into an individual's Facebook profile as part of the process for deciding whether to hire or promote a person.
Information that is private, but perhaps not personal (i.e. does not identify the individual) is afforded no protection. Countries around the world have taken steps to address privacy issues that arise from the internet, including adopting legislation implementing principles such as do not track, the right to be forgotten, breach notification and data retention policies. This chapter will explore what legislation and protections India has in place to protect individuals' communications and online behavior, what case law has added to the understanding of communication and internet privacy, how these policies and legislation are being implemented, and what the international best practices are.