Key Words; Data Protection, Indian Constitution, Information Technology Act, Indian Penal Code.

ThisdescriptivestudyusesDoctrinalMethodtoobtaintheneededdata.Adoctrinalresearch study is one that has been conducted on a legal theory by means of applying reasoning capability to the analysis of current statutory provisions and cases. Doctrinal refers toa fundamental tenent or principal . This implies that the legal universe would be governed by legal tenents found in legal philosophy. In order to evaluate them and get to a reliable conclusion, it follows that doctrinal legal study would entail delving deeper into the legal principals and notions from a variety of sources , including cases, precedents, statutes. Most often the starting point in any research is doctrinal that is library based and then we move forward to other methodologies.

The concept of Data Protection[1] is not a new concept . Government of India recently envisaged theideaofDigitalIndia,butitisabigchallengetoprotectpersonaldataofpeopleinsuchlarge populatedcountry. The judiciary has recognizedthe RighttoPrivacy as anInstinctrightimplicit inArticle21of IndianConstitution.AutoShankarCaseandPuttaswamyareoneofthecasesin which Hon’ble Supreme Court has recognized the Right To Privacy as Fundamental right. Right to Privacy is co extensively related with Data Protection. In present time we are depend on online apps from buying clothes to ordering food, groceries and medicines . The life have becomes easier due tointroduction of technology but it can become a danger tous as number ofpeoplearevictimofbreachofdataprotection.A renownedpizzacompanynamedDomino’s is the victimof a massive databreachthat exposedorder details of 18crore people , whichis a huge number . The strange thing is that big companies like Facebook, Air India , Unacademy could not handle people’s data safely. The largest data breach according to World Economic Forum’s Global Risk Report is Aadhaar leak case² , which exposed the data of nearly 1.1 billion Indian People.

India has witnessed significant shifts in ranking in respect of data breach over the past few years. According to a report by  Surfshark[2] in2022,Indiarankedas7^thonthelistofcountries with most breached data. However , in 2023, India reached to 5^th position, with 5.3 million leaked accounts.

  In Q1 2023, Europe was the sole region which witnessed significant quarter over quarter growth, with an increasing number of breaches from 9.9millionto17.5million. Asia is the second most affected region , which results in 10.6 million breaches.

Globally[3] around 299.8 million accounts breachedin2023.The United States ranked1^st with almost 100 million breach accounts, marking rapid growth from the previous year. Russia followed by second place , while France, Spain, and India secured their position at 5^th .

Privacy and Data protection are not defined any where but the scope of these terms have been coveredundermanyIndianlegislations.Thelawsrelatingtotheprivacyanddataprotectionare as follows;

According to Article 21 of Indian Constitution, ‘’ No person shall be deprived of his life or personal liberty except according to procedure established by law. ‘’The Hon’ble Supreme Court of India recognized right to privacy as fundamental right in the year 2017 in Puttoswamy case.

         In the case of M.P. Sharma v. Satish Chandra, SC observed that though the recertain exceptions to right to privacy but conducting search and seizure by police at midnight is a violation right to privacy enshrined under Article 21 of the constitution.

   Kharak Singh v. State of U.P.? , it was concluded by SC that expression life is not only restricted tobodilyrestraintbutsomethingmorethanmereanimalexistence.Inthiscasethepetitioner named kharak singh was framed with the offence of dacoity , but was acquittedas there were not sufficient evidence against him. U. P. Police started conducting police surveillance against the accused in order to keep an eye upon him. SC held that domiciliary visits of police officers upon the house of petitioner were an invasion on his personal liberty .

From time to time SC emphasized that right to live is not confined to physical existence but it includes within its   ambit the right to live with human dignity and it covers all the aspects data protection is one of them  .As right to privacy is a fundamental right, the victim of breach of privacy or data privacy have the option to move to SCor High court under article 32 and 226 respectively.

InformationTechnologyAct,2000?;Thisactspecificallycoverscybercrimes, frauds.It’s provisions covers the cyber crime which is linked with privacy and data protection . The most important provisions relating to cyber frauds are as follows;

Computer or any electronic device without this or her consent to cause injury[4] to that person,

Fine which may extend to 5 lacks or with both.

Section66E;This section provides that any person who intentionally captures the pictures of a person and transmits or publishes the image of such person without his consent is an offence under this provision , for which the imprisonment provide is 3 years or fine up to rs. 2 lacks or both.

Section 67A; It relates to the offence of publishing or transmitting any material consist of sexuality through electronic means, which objectionable and shall be punishable with an imprisonment which may extend to five years and a fine which may extend to rupees ten lacks , and upon the second conviction, the imprisonment may extend to seven years and a fine which may extend to rupees ten lacks.

Copyright Act 1857;  This act was enacted to protect the intellectual rights of a true owner. Theactmainlypreservetheliterary,dramatic,musical,andartisticworksoftheauthorduring his life time and sixty years after his death . If any person copies the work of the author for some commercial purposes without his consent is liable to be prosecuted under this act.

This case is popularly known as Adhaar case, a nine constitutional judge bench of SC of India in the year 2017 declared right to privacy a fundamental right under article 21 which right to life and personal liberty . Right to privacy includes protection of data, the leakage of someone’s data or accessing any electronic items without his permission is violation of right to privacy.

Justice Sri Krishna Committee?;The cases are rising day by day , so the government of India through it’s Ministry of Electronics and Information Technology, appointed a committee of ten members under the leadership of SC retired judge , justice B.R. Krishna to provide a detailed report on the passing of new data privacy laws to curb cyber crimes. Digital Personal Data Protection Act , 2023 is the result of this committee.[5]

,there are number of digital financial services apps such as google pay, paytm, Bharat pay is one of them which experienced massive data breach resulting in disclosure of around 37,000 users. The leaked information includes user names, password, UPI ID, mobile numbers and email ids .

In present scenario the people are compelled to provide information in every sphere from taking admission in an educational institutions to ordering items from digital apps, in such a situation there is always threat to personal details of the people .Privacy¹²isasimportantasthe oxygenforthehumanbeing.Dataprotectionhasbecomeabigissueineverycountryandwith the passing of time this can become worse. It has become normal to see cyber fraud cases in news everyday. With the increasing number of sharing information on online platforms , it is essential to protect the data from being misused. It is the duty of government to implement

Strict laws to resolve the issue of cyber data breach¹³ and to protect privacy of it’s citizens.