Data Privacy Safeguards Are Sine Qua Non For Protecting Privacy Of Citizens Particularly When An App Is Required To Be installed At The Instance Of State: Meghalaya HC

A Division Bench comprising of Chief Justice Biswanath Somadder and Justice HS Thangkhiew made this observation while presiding over a PIL challenging the mandatory imposition of "Corontine App" and "Stay Safe Meghalaya App"— contact tracing apps of the state government.

The two apps were introduced by the Meghalaya Government and all persons who were recommended for home quarantine/ isolation were mandated to download them.

A law student, Jade J. Lyngdoh, had challenged the Government order stating that the Apps may compromise privacy of the citizens due to lack of protection of personal sensitive data.

In its judgment, the Court observed,

"Undoubtedly, data privacy safeguards are sine qua non for the purpose of protecting the privacy of citizens, particularly when an 'APP' such as a CORONTINE APP or a STAY SAFE MEGHALAYA APP is required to be installed by a citizen at the instance of the State."

Significantly, the State Government informed the Court that the Apps have been discontinued.

In light of this submission, the Division Bench observed,

"Although it appears during the course of hearing of the instant matter that these two 'APPS' have been discontinued, it is the bounden duty, nay, an absolute obligation on the part of the concerned authority of the State to preserve, protect and safeguard the private and personal data of its citizens so that someone somewhere does not breach the walls of privacy and utilize the private and personal data of the citizens collected by these two 'APPS' for such purposes other than the specific purpose for which the two 'APPS' were created."

Thus, granting relief to the Petitioner, the High Court directed the concerned department of the State Government to look into the specific allegations raised in the PIL – by causing a thorough inquiry in respect thereof and ensure that any private or personal data collected from the citizens who have used the two 'APPS' are not misused or disseminated in any manner.

Background

Lyngdoh had contended that the impugned Government order dated March 29, 2020, is arbitrary for the following reasons:

1. There exist no protocol/guidelines of the State Government vis-à-vis the collection, processing, storage, sharing and anonymization of the data, while using the aforesaid contact tracing mobile applications.

2. In the absence of any protocol regarding data privacy safeguards of the aforesaid mobile applications, the State Government could not have collaborated with any app developing agencies/ institutes for using the monitoring application, leave alone making it mandatory on the individuals of the State to install/ download the applications.

3. As such, the 'Corontine App' and 'Stay Safe Meghalaya App" used by the State Respondents violates the core principles of data privacy and personal autonomy, including purpose limitation and data minimization.

4. The usage of the aforesaid mobile applications in its present form and its mandatory imposition on the individuals in the absence of any anchoring legislation and privacy policies constitute a disproportionate invasion of the constitutional rights of the public at large, and as such is required to be declared as illegal, unconstitutional and arbitrary.

Case Title: Jade Jeremiah Lyngdoh v. Union of India & Ors.

Click Here To Download Judgment

Read Judgment