India, hailed as the “world’s largest democracy,” is now witnessing a steady erosion of its democratic values. Colonial-era laws such as sedition and the Unlawful Activities (Prevention) Act (“UAPA”) are being alarmingly misused to curb dissent, while electoral practices are increasingly becoming unfree and unfair. Although the use of UAPA and sedition is not new, their application has intensified, especially after the 2019 amendment to the UAPA. The amendment allowed the Central Government to arbitrarily decide who is a terrorist and what is an act of terrorism. This can also be done merely on the basis of a person’s writing. Additionally, the increasing frequency of internet shutdowns, content takedowns, and opaque digital censorship further narrows civic space and undermines accountability. This shift is pushing India closer to an illiberal democracy—if not an outright authoritarian regime. Against this backdrop, one might reasonably ask: why would such a government enact a data protection law aimed at safeguarding privacy? While the Supreme Court’s judgment in K.S. Puttaswamy v. Union of India ([2017] 10 S.C.R. 569) provided the judicial impetus for privacy protection, the broader political and institutional motivations behind the Digital Personal Data Protection Act, 2023 (Data Protection Act, 2023) are far more complex. This article explores how the government is weaponizing privacy to expand surveillance and evade accountability, leveraging the Data Protection Act, 2023, to strengthen state control at the expense of individual rights.
India’s Data Protection Act: A Shield for Privacy or a Tool for State Surveillance? (Medha Garg – Tech Policy Press)
Related articles
