Unlike many countries that have passed laws to protect citizens’ privacy, the Indian state is collecting more and more information about private individuals under various pretexts and restricting their right to access their own information
Does a serving employee of a premier intelligence agency have the right to inspect his own biodata which that agency handed over to another public authority? Then again, does a former employee of that agency have the right to access his own service records under the Right to Information (RTI) Act? The agency in question is the National Technical Research Organisation (NTRO) which the RTI Act does not cover unless the information sought relates to allegations of human rights violations and corruption. The Central Information Commission (CIC) recently denied an NTRO employee access to his biodata but ordered NTRO to supply copies of his appraisal reports.
In the first case, the applicant did not seek information from NTRO at all. NTRO had supplied a copy of his biodata to the Comptroller and Auditor General (CAG) which was conducting a special audit of its financial transactions, under court orders. The applicant sought inspection of the documents held by the CAG. The applicant had inside information, supported by media reports, that his biodata had allegedly been doctored. He wanted to correct the erroneous information — a reasonable expectation by any standard. Under the RTI Act, any information that intelligence and security agencies like the NTRO give to the Central government also cannot be disclosed to a citizen unless they relate to allegations of human rights violations and corruption. Parliament added these exceptions specifically to make such agencies accountable for serious wrongdoing.
The NTRO employee argued that the CAG being a constitutional authority was not part of the Central government, so he had a right to see his biodata. In the Constitution, the provisions relating to the CAG are placed separate from the chapter which explains how the Central Government will be constituted and function. The CAG’s powers and duties are determined by an Act of Parliament and not by any executive order of the Central government. The CAG is not established, owned or controlled by the Central government. Clearly, the CAG is an authority independent of the Central government. The CIC, however, rejected this argument and upheld the order of the CAG’s Public Information Officer, denying access to the applicant’s biodata. The CIC held that the Central CAG is a public authority under the Central government and that it has no duty to disclose the applicant’s biodata. So, the CIC has ended up creating newer grounds to deny access to information. This is not legally permissible as the power to expand or shorten the list of exemptions belongs to Parliament, not the CIC.
In the second case, the CIC held that NTRO’s refusal to give copies of his performance appraisal reports may result in the violation of his human rights to life, survival and future job prospects. The CIC did not take into account several Supreme Court judgments which hold that service-related grievances cannot be treated as instances of violation of human rights.
The reasoning of the CIC in both cases is unconvincing to say the least. These cases raise a larger issue connected with a right that has gained constitutional recognition in Europe, Latin America and Africa — to know what data about oneself is held by a government or private agency and what uses it is put to. Many countries have passed data protection laws guaranteeing people access to their personal data and the right to correct errors, if any.
In India however, governments seem keen to collect more and more information about private citizens under various pretexts — national security, better delivery of public services through UID/Aadhaar and the National Population Register, without creating a legal framework for people to access their personal information as a matter of right. Last October, a committee chaired by Justice A.P. Shah handed over a comprehensive report to the Central government recommending a framework for a right to privacy and data protection Bill. The government seems to have put the report in cold storage. There is an urgent need to launch public consultations for enacting a comprehensive data protection law so that people like the NTRO employee get justice.
(Maja Daruwala is director and Venkatesh Nayak, coordinator, Access to Information Programme of the Commonwealth Human Rights Initiative, New Delhi.)