India's Constitution recognizes privacy as a fundamental right in Article 21 . Since there was no legislation pertaining to data protection at first, there were claims of violations of private rights. To address these issues, Indian courts have nevertheless issued precedent-setting rulings and guidelines. It is crucial to examine these legal developments to determine the level of protection afforded to citizens' right to privacy.

Even though the Indian legal system has acknowledged the right to privacy and taken action to stop data theft and misuse, more can be done to improve data protection. In the current digital era, ongoing efforts are required to guarantee that the privacy rights of Indian citizens are completely protected.
The goal of this article is to examine the legal aspects of data privacy in the digital age, covering both recent and seminal case laws that have influenced the field's development.

Introduction
Data protection laws are required to protect the right to privacy. The goal of these laws is to lessen the invasion of privacy that results from the distribution, gathering, and storage of personal data. Information that can be used to identify a person is referred to as personal data, regardless of whether it is gathered by the government or an organization.

Since inception, people have acknowledged privacy as an essential component of human rights.

To live a dignified life, privacy is essential. The ease with which data can be accessed and shared through technological advancements raises the possibility of misuse. Attacks by cybercriminals such as spam, hacking, and phishing is common. Tight data protection regulations are required to stop these kinds of attacks.

The gathering, storing, and use of personal data has become essential to modern life in the digital age. There are benefits and drawbacks to our growing reliance on technology, especially when it comes to data privacy. The safeguarding of a person's private data against unlawful access, use, or disclosure is known as data privacy. The increasing exchange and digital storage of personal data has made it imperative to tackle the legal issues related to data privacy.

The Right to Privacy and its Evolution:

A fundamental human right, privacy gives people or groups the ability to remain anonymous and to keep their information private. According to Article 12 of the UDHR , it is acknowledged globally. Individuals are shielded from interference with their family, friends, privacy, honor, and reputation by this article. Treaties pertaining to international human rights also recognize privacy as a basic right.

Over the past few decades, the idea of the right to privacy has undergone significant change. The right to privacy was acknowledged as a fundamental human right when the United Nations General Assembly adopted the Universal Declaration of Human Rights in 1948. However, the significance of data privacy did not really become apparent until the advent of the digital era.

Concerns about the protection of personal information arose because of people sharing an unprecedented amount of information with each other after the internet and electronic devices became widely used.

Legal Framework for Data Privacy:

To tackle the issues surrounding data privacy in the digital realm, numerous nations have passed laws that govern the gathering, archiving, and utilization of personal information. The GDPR , which the European Union (EU) implemented in 2018, is among the most notable instances. Organizations must adhere to strict guidelines set forth by the GDPR for the protection of personal data. These guidelines include obtaining consent, protecting data security, and granting individuals the right to be forgotten.

The Supreme Court of India first upheld the right to privacy in several instances, including M.P. Sharma v. Satish Chandra and Kharak Singh v. State of UP . But it was not until the case of Justice K.S. Puttaswamy (Retd.) v. UOI in 2017 that the Supreme Court of India unanimously ruled privacy is fundamental right.

India passed the Personal Data Protection Bill, 2019 (PDPB), which is presently being reviewed by the Indian Parliament, to regulate data privacy. The purpose of the PDPB is to safeguard personal information and provide a thorough framework for its handling, archiving, and transmission. The bill delineates fundamental principles that include informed consent, the right to be forgotten, and the creation of an enforcement body known as the Data Protection Authority.

Case Laws:

• Google Spain SL versus the Spanish Agency for Data Protection
  The European Union's Court of Justice (CJEU) acknowledged the right to be forgotten in this historic case. It decided that people might ask search engines to take down links pointing to personal data that was rendered illegible, out-of-date, or no longer needed. This instance brought to light how the public's interest in information access must coexist with the right to privacy.
   
• The 2020 Schrems II
  The Privacy Shield framework, an agreement between the EU and the US for the transfer of personal data, was declared unconstitutional by the CJEU in the Schrems II case. The EU citizens' data was not sufficiently protected under the framework against possible surveillance by U.S. intelligence agencies, according to the court. This case highlights how crucial it is to guarantee adequate protection for personal data moved to third nations.
   
• Justice K.S. Puttaswamy (Retd.) v. Union of India
  In this historic decision, the Indian Supreme Court's nine-judge panel unanimously upheld the right to privacy as a basic freedom guaranteed by the Indian Constitution. The court stressed that privacy protects a person's dignity and autonomy and is necessary to exercise other fundamental rights. This case established the framework for India to recognize data privacy as an essential component of an individual's right to privacy.
   
• Union of India v. Justice Kamlesh Vaswani
  The Union Government was ordered by the Bombay High Court to act in this matter to protect privacy and prevent the illegal sharing of personal information on social media sites. The court acknowledged that internet companies have an obligation to take proactive measures to block and eliminate any offensive or illegal content that violates someone's right to privacy. This case brought to light the obligation of internet platforms to safeguard their users' privacy.

G20 meet expected to address big challenges of digital world

India's Minister of External Affairs, S. Jaishankar, emphasized during the G20 how critical it is to solve issues with data security and privacy in the digital age. He underlined how important it is to protect private data and encourage safe internet connectivity as technology develops.

He emphasized that digital was one of the novel elements at work, saying "We still have not fully appreciated it but digital has changed our lives. Every time you look at the screen, you are learning something but somebody is also learning something about you, your habits, your likes, dislikes, demands, and preferences".

To fortify cybersecurity measures and create strong data protection frameworks, Jaishankar urged cooperation amongst G20 members. Through a unified approach to these problems, the G20 hopes to establish a more secure digital landscape that upholds people's right to privacy.

Thesis statement:
A complete legal viewpoint is necessary to secure the security of personal information in the digital environment, which poses several obstacles to data privacy. A strong legal framework is essential to achieving a balance between individual privacy rights and the advantages of the digital age. This may be seen by examining the changing legal environment, significant case laws, and the difficulties brought about by technology. We can only confront the intricacies of the digital environment and protect data privacy by appropriate law.

Digital Personal Data Protection Act

On August 3, 2023, the Digital Personal Data Protection Bill, 2023 was presented to the Lok Sabha. On August 7, the Parliament passed it, and on August 9, the Rajya Sabha gave its approval. The President signed the bill on August 11.

An essential legislative framework that controls the gathering, use, and preservation of personal data is the Data Protection Act of 2023. Its goal is to safeguard people's rights to privacy and data by controlling how businesses handle this information. Transparent data practices, consent for data processing, and stringent security measures to avert breaches are mandated by law. People have more control over their information because they may access it and ask for it to be deleted. Data security is crucial in the digital era since noncompliance can result in hefty fines. In a society where data is used more and more, this act enhances privacy and data protection.

A genuine attempt to secure personal data or a ruse to get lawful control and surveillance.

While the Act appears to protect personal data in its current form, there may be technical issues with how the requirements are implemented. For example, CG is authorized under Section 36 to request "such information" from the Board or any intermediary or data fiduciary. When examined through a legislative lens, the expansive authority and inclusive language revealed the deeply ingrained intention of the CG's monitoring program.

Additionally, any State instrumentality may be exempted from the strictures of the laws pertaining to the processing of personal data by the CG under Section 17(2)(a) . A Public Information Officer (PIO) can now reject an application made under the Right to Information Act, 2005 (RTI Act) on the grounds that the information sought relates to personal data, effectively widening their power. This means that the balance between privacy and informational rights struck by the RTI Act will be lost. This is because Section 8(1)(j) of the RTI Act is amended by Section 44(3) of the Act.

Conclusion:
In the digital age, data privacy poses several difficulties that necessitate a strong legal framework to safeguard people's personal data. Obstacles include lack of awareness, challenges with enforcement, and the dynamic nature of technology. People must share their personal information with greater caution, and companies and governments must cooperate to maintain data privacy as a primary priority.

The future of data privacy in Digital India is both exciting and challenging. It is important for the government, businesses, and individuals to work together to protect personal data. By implementing strong data protection measures and raising awareness about digital privacy rights, we can make safe place to live.

The Personal Data Protection Bill, 2019, and the skilled IT workforce in India provide opportunities for businesses to gain the trust of their customers. As India embraces digital technologies, it is crucial to address challenges and seize opportunities to create a secure and inclusive digital future.