Right to Privacy: Scope of Article 21 (WhatsApp Policy)

Right to Privacy: Article 21 Scope (WhatsApp Privacy Policy)

This article on ‘Right to Privacy: Scope of Article 21 (with Landmark Cases)’ was written by an intern at Legal Upanishad.


In the contemporary world, the privacy of an individual has become crucial. Privacy is concerned with the body and individual freedom, integrity, speech, data, consent, movement, and thoughts. There are several cases of breach of privacy where an individual’s personal information is collected and misused. Breach of privacy includes instances like phone tapping, privacy breaches in the health sector and by state, the breach in case of sexual identity, disclosure of personal data, etc. Various conventions have recognized the importance of the privacy and dignity of a human being. This article will focus on what is right to privacy, the scope of Article 21 under the Indian Constitution, and some important issues.

The Universal Declaration of Human Rights sets forth the fundamental human rights that need to be protected. Article 3 of the declaration lays down that “every individual has the right to life, liberty, and security” and Article 12 states that “no one shall be subjected to arbitrary interference with his/her privacy, family, home or correspondence, nor to attack upon his honor and reputation. Everyone has the right to the protection of the law under such interference or attacks.”

However, this universal declaration is not binding to the member countries as it is not a treaty, moreover, it has led to the rise of some other international agreements which are legally binding on the countries that ratify them.

Right to Privacy (Article 21)

Under Article 21 of the Indian Constitution, except according to a procedure established by law, no person shall be deprived of his life or personal liberty. Article 21 is divided into two parts, the right to life and the right to personal liberty.

– Right to Life

The right to life is the most precious fundamental right under the Indian constitution. It includes all the aspects of life without which a person cannot live a valuable life and the right to privacy is one of them.

– Right to Personal Liberty

This right, subject to reasonable restrictions, is meaningful for the development and growth of an individual’s personality. Supreme Court is the guardian of fundamental rights and the court must protect them. The fundamental right under Article 32, the right to constitutional remedy, plays a major role in safeguarding the life and liberty of a person. This Article provides different writs that can be used as a tool in violating fundamental rights.

Landmark Cases on Right to Privacy

Kharak Singh v. State of Uttar Pradesh ([1964] 1 SCR 332, AIR 1963 SC 1295)

The question of privacy arose in the case of Kharak Singh v. State of Uttar Pradesh where it was claimed that the right of the police to make domiciliary visits to habitual criminals or persons who are likely to become one infringes the right to life of a human. The apex court held that the interference by the police violates the personal liberty and right to life of a person under Article 21. However, the majority upheld that the right to privacy is not a fundamental right under the Indian constitution and therefore, there is no violation.

Justice K.S. Puttuswamy v. Union of India (Writ Petition (Civil) No. 494 of 2012, (2017) 10 SCC 1)

In 2017, in the case of Puttuswamy v. Union of India, a constitution bench (9 judge bench) of the Supreme Court declared that the right to privacy is a fundamental right under the Indian Constitution. This case involved the issue of the government’s Aadhaar scheme which made it mandatory for individuals to link their biometric ID with various government schemes. The apex court affirmed that there is no need to separately insert the right to privacy under part III and it is a part of Articles 14, 19, and 21 of the constitution.

The court recognized it as a natural and inalienable right and will be legally protected if violated. However, it was also stated that like all other fundamental rights, the right to privacy will be subjected to reasonable restrictions, which means that it will not be absolute.

WhatsApp Privacy Policy

In 2021, there was a rise in the privacy issue regarding WhatsApp’s new privacy policy. WhatsApp updated its privacy policy and the users were asked to either accept it by 8th February or leave the platform if they don’t accept it. This means that users won’t be able to use WhatsApp if they don’t agree to it. According to this policy, WhatsApp will share user data with Facebook. The government of India ordered WhatsApp to withdraw its new privacy policy, stating that this update compromises and harms the privacy and data security of the Indian citizens and also terribly interferes with their rights.

Measures were taken by the Ministry of Electronics and IT to question WhatsApp about its new privacy policy. The Ministry warned WhatsApp and sent a set of 14 questions on ways in which it collects data, the consent it obtains from domestic users, and whether they were different from other countries users.

Along with this, the ministry also asked the company whether it conducted any profiling and what was its nature. WhatsApp came up with its response and clarified that the app is end-to-end encrypted, it cannot access the chats and location of an individual and it doesn’t share any private data with Facebook. The new update will only affect the business conversations. These businesses can set up an online Facebook store and communicate with their customers through WhatsApp, such as by answering questions and sending information. Further, the shopping activities of the users will be shared with Facebook to personalize their ads and recommendations on Facebook and Instagram.

Right to Privacy: Scope of Article 21 (WhatsApp Policy)
Right to Privacy: Scope of Article 21 (WhatsApp Policy)

It is intriguing to know that the accept-the-terms-or-leave-the-platform condition doesn’t apply to its European users and therefore, this let down the rights and interests of the Indian users. However, it is important to recognize that Europe has strong data laws, and the citizens are protected by the same. Europe’s General Data Protection Regulation (GDPR) gives users the power to control their personal information shared on online platforms. The users can access and erase their information, along with this they can also withdraw their consent from WhatsApp for the processing of their data.

In India, no law regulates the use of personal data of the users. The IT Act of 2000 does deal with data protection, but the provisions do not effectively regulate privacy. The Information Technology Rules, 2011 are restricted to sensitive data like medical history, sexual history, biometric information, etc.

The Personal Data Protection Bill was introduced in the parliament to protect the personal data of individuals; however, it has not been passed yet. This supports that there is no control over the processing of personal data by tech companies. This bill also contains provisions for non-personal data, therefore, the joint committee of parliament recommended replacing its name with the Data Protection Bill, 2021, and, the Data Protection Act once passed. The bill is based on the Justice BN Srikrishna Committee’s report.

Some major recommendations made by the committee are as follows:

  1. If any personal data is misused or disclosed, then the law will have control over its processing.
  2. Penalties in case of violation of the data protection law.
  3. Setting up a Data Protection Authority.
  4. Provisions for the withdrawal of consent.
  5. Provisions for cross-border personal data transfer.
  6. The law will not have a retrospective effect.


The new privacy policy of WhatsApp is a wake-up call for the Indian government to pass the Data Protection Bill urgently to protect the privacy of its citizens. It was easy for the European users to protect their privacy as their data protection law is sufficient and strong. Privacy is an important matter to be concerned about. The right to privacy is a fundamental right guaranteed by the Indian constitution and it is necessary to protect its dignity by passing suitable laws. Every human’s right is to have privacy for any type of activity (assuming it shall be legal) he/she performs.

In this digital era, an individual’s privacy is exposed to social media, spy cameras, hackers, etc., and therefore it has become precious and sensitive data that should not be left unregulated. Hence, a state needs to seriously understand this issue and make laws accordingly subject to reasonable restrictions.