Balancing Open Courts and Privacy Rights in India: A Dilemma Commentary
Balancing Open Courts and Privacy Rights in India: A Dilemma

Recently, in Karthick v The Registrar General (‘Karthick’), the Madras High Court (‘MHC’) addressed a crucial issue concerning the need to balance the concept of open courts with the right to privacy. At the core of the issue was a plea to redact the name of an accused from a judgment after his acquittal. The acquitted person had started a new chapter in his life but recently found that the High Court judgment revealed his identity and other personal details publicly.

Here, the Court sought to harmonize the idea of ‘open courts,’ as highlighted in Swapnil Tripathi v Supreme Court of India (‘Swapnil Tripathi’), with the fundamental right to privacy, as laid down by the Supreme Court of India (‘SC’) in Justice K.S. Puttaswamy v Union of India. The Court also considered whether Section 8(7)(a) of the Digital Personal Data Protection Act, 2023 (‘DPDPA’) would be applicable in this case. Section 8(7)(a) mandates a data fiduciary to erase personal data upon withdrawal of consent by the Data Principal or if the purpose of retaining data has been served.

The Idea of Open Courts Juxtaposed with the Right to Privacy

The principle of open courts aims to increase public accessibility to court proceedings, ensuring transparency, boosting public confidence in the independence and impartiality of courts, and making legal principles accessible to people. The SC in Swapnil Tripathi cited these principles to allow live streaming of court proceedings. However, the SC also contemplated instances where this principle may prove detrimental, recognizing the need for closed room hearings in certain cases. Thus, the SC pointed to the requirement of a balanced framework before open hearings become the norm.

While open courts have their benefits, the idea of openness must be weighed against the right to privacy, ensuring that the former does not lead to a blatant infringement of the latter. In cases involving sensitive matters, the courts must recognize the potential infringement on the right to privacy. The presence of such details in the public domain can lead to the stigmatization of individuals. Even though criminal proceedings require proving guilt beyond a reasonable doubt, acquittals do not necessarily make individuals innocent in the eyes of society. Those acquitted of sensitive cases are often viewed with scepticism, infringing not only on their right to privacy but also impeding their right to reputation, considered an inherent part of the fundamental right to life by the SC in Kiran Bedi & Ors v Committee of Inquiry. In Karthick, there was a similar situation where the charges pertained to sections 417 and 376 of the Indian Penal Code (‘IPC’), which deal with the offenses of cheating and rape, respectively.

The stigma attached to such sensitive and heinous crimes impedes the general reputation of the acquitted person. While data may be stored for administrative purposes, it does not justify public dissemination, especially when it risks tarnishing reputations and infringing upon the fundamental rights to life and liberty.

The Unanswered Question

Furthermore, the dissemination raises concerns regarding the relevant provisions of the DPDPA. Section 8(7)(a) mandates the removal of data upon the withdrawal of consent by the data principal. However, Section 17(1)(b) provides an exception to this provision for the proceedings of courts of law and other tribunals. This exception can be detrimental due to the large volumes of sensitive data these institutions process. Not all such processing can be attributed to the essential features of the judiciary, thus warranting a different approach rather than providing them with a blanket exemption.

The MHC in Karthick delved into the existence of any obligation cast upon the courts to publicize data, thus exempting them from Section 3(c)(ii)(B). This section exempts any person who is under the obligation of the law to process data. The courts considered the discretion vested in them to decide upon the dissemination of data, hence imbuing them with a responsibility to exercise that discretion consciously.

Data fiduciaries are liable to carry out the compliance of this act and the rules made thereunder under Section 8 of the DPDP Act. This makes it imperative for the executive to table the rules to allow enforcement of these provisions.

A major question that went unaddressed was whether any consent to publish such data had been given in the first place. There is no requirement for obtaining consent from individuals regarding whether the judgments that are publicized should contain their details. So how can the withdrawal of consent be argued in the absence of any consent given? Furthermore, the fact that Section 17(1)(b) was required to exempt the courts from various provisions that apply to other data fiduciaries implies that the legislature did envisage the courts as data fiduciaries.

Additionally, Section 4 of the act allows the Data Fiduciary (the person who decides how to process the data) to process the data (a) with the consent of the Data Principal (to whom the data relates) or (b) for a legitimate purpose, further defined as anything not in contravention of the law. It is worth mentioning that the Right to Privacy forms an inherent part of Article 21 of the Indian Constitution, which can only be restricted subject to reasonable restrictions outlined under Article 19(2) of the Indian Constitution. In this context, the expansive definition of legitimate purpose poses serious questions and has grave and wide ramifications, bereft of any safekeeping. This far exceeds the exceptions mentioned under Article 19(2). This necessitates the intervention of the executive to table the much-awaited rules for the DPDP Act and specify the ambit of a legitimate purpose.

The Position of Private Entities

Furthermore, one of the defendants in the case was a private entity in the business of providing access to public judgments through its database. Other similar entities operate on a comparable business model catering to lawyers. These entities satisfy the definition of Data Fiduciary under the DPDP Act, 2023, and hence should be governed by the act without any exceptions. The question that arises is whether they have the consent of the parties involved in the respective cases to process their identities and trade them for monetary gains. Since obtaining consent from all these parties is not logistically feasible, we must examine whether obtaining consent is the only available option.

To impart legal principles and education, it is possible to use judgments with redacted names of the parties. Cases can be referred to by their citation numbers, or some other mechanism can be put in place to facilitate easy references. Furthermore, in the case files and judgments, personal and sensitive details may be redacted.

The Way Ahead

Filing applications before the courts to redact details later does not seem logistically feasible. In Karthick, the petition was first filed on July 27, 2021, and was dismissed by the MHC, citing a lack of statutory backing to redact the names and mentioning that this court is a public and open court. The decision was appealed before a larger bench and eventually allowed in March 2024. Redaction after such a long time defeats the purpose, as the damage caused by public exposure is already extensive by the time a decision is reached. The cumbersome procedure of makes the process infeasible involving great cost and time.

In the case of Nipun Saxena v Union of India, the SC presented a 9-point guideline to keep the names of rape victims discreet. This involved prohibiting the media from using their names, disallowing FIRs to be put in the public domain, keeping documents in sealed covers, and only making those documents public with redacted names, requiring an application from the victim or their kin to allow disclosure of information. A similar approach can be used for accused individuals as well, until their guilt is confirmed.

To begin with, obtaining consent forms from the accused and not publicizing court records in the absence of such consent can be a good initiative. Legislative action is also imperative to establish clear authority ensuring that individuals accused of sensitive offenses are not subjected to public stigma upon acquittal. The government needs to formulate DPDP rules and narrow down the usage for which data can be processed without the consent of the data principal. This would eventually tighten up regulations on private entities indulging in publishing judgments that may reveal details and identity of the accused. The right to privacy needs to allow people to decide the extent to which their lives are publicized. A mere name in an FIR should not strip people of their basic rights and a chance to start their lives afresh; their acquittal should be enough to start a new chapter of life without the stains of their past episodes. It is imperative to strike a balance that respects privacy and rehabilitation while ensuring justice, and access to information for all.

Opinions expressed in JURIST Commentary are the sole responsibility of the author and do not necessarily reflect the views of JURIST's editors, staff, donors or the University of Pittsburgh.