This article delves into the intricate relationship between media and privacy is governed by a web of laws and regulations, both at the international and national levels. Media, often regarded as the disseminator of knowledge, entertainment and news serves as a vital bridge connecting individuals to the world.

Privacy, in the other hand, is a fundamental human right, the guardian of our personal boundaries in an increasingly interconnected society. These legal frameworks aim to strike a delicate balance between the freedom of speech and expression and the protection of personal information.

In this comprehensive exploration, we will delve into the various dimensions of media, privacy, the laws that govern them, and the evolving challenges they face in today's interconnected world. Furthermore, it scrutinizes the privacy challenges that individuals encounter in India's digital age and the remedies available to safeguard personal information.

Definition Of Media And Privacy

Definition of media:
The term media is obtained from the Latin term 'medium, which means carrier or mode. Media is a platform for conveying something to the world. Such communication is done by way of newspapers, magazines, radio, the internet, telephone, promotional messages, education, movies, music, and so on.

Definition of privacy:
The term privacy is derived from the Latin term 'privatus, which means restricted, isolated, peculiar, or personal. Simply, privacy it means "right to be let alone". Privacy is an inherent right or birth right of individuals. Every institutions, individual, or group of people has a right to disclose information about themselves to others.

Laws Relating To Media And Privacy

Laws relating to privacy:
The International Arena's protection of the right to privacy:
The Universal Declaration of Human Rights, under Article 12, says that "no one shall be able to arbitrary interfere with his privacy, home, correspondence, home, family, or attack his reputation or honor. Everyone has a right to the protection of laws against such attack or interference". The UDHR helps to protect the privacy rights of individuals from states arbitrary interference.

The International Convent on Civil and Political Rights, under Article 17, says that "unlawful interference or arbitrary interference with his family, privacy, home, or correspondence, not to unlawful attacks on his reputation and honor". India has ratified the same convention because it is mandatory to take the necessary steps to enact laws for its citizens.

The Convention on the Rights of the Child, under Article 16 provides to protect the privacy of the children from arbitrary or unlawful interference, and the state that ratified the convention can take the necessary steps to enact laws to protect the privacy of the minor. Similar to the Juvenile Justice (Care and Protection of the Children) Act, which says that no media shall publish the juvenile's name, school, or address in conflict with the law, the main aim of this act is to provide proper care and protection to the juvenile, so privacy details of the juvenile shall not be published by any media.

Constitutional provisions linked to the right to privacy:

• The right to privacy is also call as a fundamental right under the Indian Constitution.
• Article 19(1)(a) states that freedom of speech and expression, but it along with certain reasonable restrictions under Article 19(2).
• Article 21 states that right to life and personal liberty, which means "no person shall be deprived of his life or personal liberty except according to the procedure established by law". It includes the right to privacy.

Initially, in this case of MP Sharma vs. Satish Chandra, the fundamental right does not include the right to privacy. After some years, the case of Kharak Singh v. State of Uttar Pradesh says that the privacy right is not a fundamental right but includes the right to life and personal liberty. Finally, the case of K.S. Puttusmawy v. Union of India says the privacy right is recognized as a fundamental right under Article 21 of the Right to Life and Personal Liberty of the Constitution.

Landmark judgment of Article 21: Right to Privacy
People's Union for Civil Liberties vs. Union of India in this case is also called a telephone tapping case. The apex court held that telephone tapping is considered a violation of the right to privacy under Article 21 of the Constitution.

Rajagopal v. Union of India The Supreme Court held that the publication of one person's personal information without his or her consent was a violation of privacy under Article 19(2).

Information Technology Act, 2000:
Section 43A of the Information Technology Act was inserted in the 2008 amendment, and it gives "sensitive personal data" that possesses, handles, or deals with any corporate body. They should maintain reasonable security to protect such personal data.

If any negligence arises, the corporate body will be responsible for paying compensation to the affected person. Subsequently, for further clearance of the above amendment, the government presented the IT (Reasonable Security Practices and Procedures and Sensitive Personal Information or Data) Rules, 2011.

Indian Penal Code, 1860:
Section 228A says that no one can publish the details of the rape victim. If anyone publishes the details of a rape victim, the person will be liable for that offense.

Digital Personal Data Protection Act, 2023:
The main aim of this act is to protect the digital personal data of individuals, and this act recognizes the right of individuals to protect their personal data. Such personal data can be used only for lawful purposes.

• Section 8(5): The data fiduciary has a duty to provide the proper, reasonable security to protect data privacy from breach. (The data fiduciary defined in Section 2(i) means a person who processes the personal data)
• Section 8(6): If data privacy was breached, the data fiduciary has a duty to intimate the same to the board and the affected data subject. (The data principle defined under Section 2(j) means a person to whom personal data is disclosed)
• Section 9: The data fiduciary, before processing the child's or disabled person's personal data, must receive proper consent from the verified lawful guardian of the child's parent or legal guardian.
• Section 10: The central government notifies that data fiduciary or any class of data fiduciary as a significant data fiduciary found on the assessment. The significant fiduciary has the power to appoint the data auditor to carry out the data audit. The periodic personal data protection assessment process comprises a description of the data principles' rights and the purpose of processing the assessment, personal data, and management of risks to the data principles' rights.

Laws relating to media
Press Council of India Act, 1978:
The Press Council of India is an autonomous body that regulates the print media in India. It ensures the freedom of the press and maintains professional standards for journalists.

Power to censure: Section 14
If any complaint is raised with the council, the council gives the newspaper, journalist, or concerned person the opportunity to be heard and make an inquiry under the grounds of the act. The council would not entertain any case if there was not sufficient ground for the hold.

Article 19(1)(a) does not mention freedom of the press. The Supreme Court in Romesh Thapper v. State of Madras stated that freedom of speech and expression includes freedom of the press.

In Brij Bhushan and Another v. The State of Delhi, the Supreme Court held that the imposition of pre-censorship on a journal is a restriction on the liberty of the press. The Supreme Court first recognized the right to privacy.

In Kharak Singh v. State of Uttar Pradesh, Article 21 was not referred to, but in the subsequent case of Rajagopal v. State of Tamil Nadu, it was directly linked to Article 21. When there is a conflict between the right to privacy of individuals and the right to know of citizens, at that point, the right to know will prevail as it serves the larger public interest.

In State of U.P. v. Raj Narain, the right of the citizen to know is defended by the court. A public servant visiting a lady friend and getting drunk with her. It should not be a news item, as it does not fulfill the public purpose.

Cable Television Networks (Regulation) Act, 1995:
This law regulates cable television networks in India. It provides guidelines for the operation and licensing of cable TV networks and prohibits the transmission of certain content that may be harmful or offensive.

Cinematograph Act, 1952:
This act regulates the certification of films for public exhibition in India. The Central Board of Film Certification (CBFC) is responsible for certifying films and ensuring that they comply with certain guidelines.

Information Technology Act, 2000:
This act deals with electronic commerce and electronic records, including digital signatures and cybercrimes. It has provisions related to the regulation of online content and the liability of intermediaries like social media platforms.

Advertising Standards:
The Advertising Standards Council of India (ASCI) is a self-regulatory organization that monitors and regulates advertising content in India. It ensures that advertisements are truthful, not misleading, and do not offend public sensibilities.

Defamation Laws:
Indian law recognizes both civil and criminal defamation. Defamation laws protect individuals and organizations from false and damaging statements made through various media. Shreya Singal v. Union of India states that comments in electronic form also include freedom of speech and expression.

National Security Laws:
India has several laws, such as the Official Secrets Act, that deal with national security and espionage. These laws have implications for media reporting on sensitive matters.

Intellectual Property Laws:
Copyright, trademark, and patent laws protect the intellectual property in media content.

Privacy Challenges In India

Web tracking:
It is a practice by which operators of websites and third parties collect, store, and share information about visitors' activities on the World Wide Web.

User activities include websites visited, watched videos, interactions on social networks, online shopping, and online transactions. Websites like Netflix, Instagram, and YouTube collect information about what shows users watch, which helps them suggest more shows that they might like. Search engines like Google will keep a record of what users search for, which could help them suggest more relevant searches in the future. Law enforcement agencies may use web tracking to spy on people and avoid crimes.

• Controversy
  Web browsing is linked to a user's personal information, like user location, preferences, locations, purchases, and more, which can be revealed just by what page a user visits. This allows us to draw conclusions about the user and analyze patterns of activity. The use of web tracking can be controversial, and when it is done without the knowledge of a user, it may be considered a breach of browser security.
   
• Prevention
  On mobile, the most advanced method is to use the mobile browser Firefox Focus, which mitigates web tracking.

Internet Protocol (IP) Addresses
All websites receive and track the IP address of a visitor's computer. Companies need to match data over time to associate the address and name with the IP address.

HTTP cookies
An HTTP cookie is data stored on a user's computer that assists in automated access to web features or other state information required in complex websites. Generally, websites have not made the user explicitly aware of the cookies. It can violate privacy.

• Controversy
  It may lead to the theft of users' information and put them at risk. Information was easily accessible to the third party.
   
•  Prevention
  Cookies have a 'deny' option, and we can select it. By doing so, we can protect our data from third parties.

Firefox doesn't have a cookie system.

Photographs on the Internet
Nowadays many people have digital cameras and post their photographs online. "Facial Recognition and Privacy Law", much of it explaining how "privacy law, in its current form, is of no help to those unwillingly tagged." Any individual can be unwillingly tagged in a photo and displayed in a manner that might violate them personally in some way, and by the time Facebook gets to take down the photo, many people will have already had the chance to view, share, or distribute it.

Search engines
Search engines also can retain user information, such as location and time spent using the search engine, for up to ninety days. Most search engine operators use the data to get a sense of which needs must be met in certain areas of their field. Eg. Yahoo, Google

Misuse of Hidden Cameras and Microphones
The use of hidden cameras and microphones for investigative reporting can raise ethical questions. While these tools can expose corruption and wrongdoing, their misuse can infringe on the privacy of individuals who are not engaged in any illegal activities.

Data Privacy and Hacking
In the era of digitalized world, media organizations can access and publish personal data without consent. Hacking into personal accounts obtain private information for news stories can violate privacy laws and ethical standards.

Consent and the Right to Be Forgotten
Media organizations should consider obtaining consent when publishing personal information. In some cases, individuals may request that certain information about them be removed from public records or media archives, which raises questions about the "right to be forgotten.

Remedies
Under the Information Technology Act, 2000 (IT):

• Section 65 of the act: Obstructive with the document saved in a computer: Fine of Rs.2 lakhs or imprisonment of 3 years or both.
• Section 66 of the act: Offences related to the computer and any other act mentioned in section 43: Fine of Rs.5 Lakhs or imprisonment of 3 years or both.
• Section 66B of the act: Receiving the theft computer source: Fine of Rs.1 Lakhs or imprisonment of 3 years or fine or both.
• Section 66C of the act: Identify was theft by someone: Fine of Rs.1 Lakhs or imprisonment of 3 years or both.
• Section 66D of the act: Cheating by personation using computer sources- Fine of Rs.1 Lakhs or imprisonment of 3 years or both.
• Section 66E of the act: Violation of Privacy: Fine of Rs.2 Lakhs or imprisonment of 3 years or both.
• Section 66F of the act: Cyber Terrorism: Life Imprisonment.
• Section 67C of the act: Failure to protect or preserve the information about intermediaries: Fine and imprisonment for 3 years.
• Section 72A of the act: Disclosure of any information, intentionally and knowingly, without the consent of such person is considered a breach of the contract: Fine of Rs.5 Lakhs or imprisonment of 3 years or both.

Under The Digital Personal Data Protection Act, 2023(DPDP)
It includes an updated laws and penalty for breach of privacy.

The data protection broad was introduced under this act. Under the section 33(1) board has power to provided proper l to the breach of the provisions, the penalty giving way of monetary. Penalty was given depend upon the nature, gravity of the data privacy breach.

• The data fiduciary has a duty to provide proper reasonable security to protect data privacy under sub-section (5) of section 8. If the data fiduciary breaches this duty, they are liable for a fine that may extend to Rs. 250 crores.
   
• The data fiduciary has a duty to intimate any privacy breach to the board and the data principal under sub-section (6) of section 8. Failure to do so may result in a fine of Rs. 200 crores.
   
• The data fiduciary has additional obligations in the case of children's personal data under section 9. If a breach occurs, they may be liable for a fine that may extend to Rs. 200 crores.
   
• The significant data fiduciary has additional obligations under section 10. If there's a breach, they could be liable for a fine that may extend to Rs. 150 crores.
   
• The data principal has certain duties under section 15. Violating these duties could result in a fine of up to Rs. 10 thousand.
   
• If a voluntary undertaking is accepted by the board under section 32, but the person breaches any term, they will be liable to face the consequences specified in section 28.
   
• In case of any violation of the provisions of the DPDP Act, 2023, the person may be liable for a fine that may extend to Rs. 50 crores.

Conclusions
Our digital footprints expand and technology advances, make new challenges to privacy emerge from web tracking and data breaches to the misuse of hidden cameras microphones, the threats to our personal privacy and multifaceted. It is imperative that we continue to adapt and evolve our legal and ethical frameworks to address these challenges effectively.

To ensure the continued protection of privacy in the digital age, several developments are essentials. First and foremost, there must be increased awareness and education our privacy rights and responsible media practices. Media organizations should embrace transparency and obtain consent when handling personal information. Additionally, robust data protection laws and stringent penalties for privacy breaches should serve as deterrents.

So Much Data But Not Much Protection
By making more and more strict laws it will make more effective to protect the individuals privacy.

Written By:

• Sandeep Harish B, I year of LL.M (International Law and Organisations) at University of Madras.
• Kaviya A, I year of LL.M(International Law and Organisations) at University of Madras.