Author: Apurv Singh Deb

Abstract

The 21st-century digital age has revolutionized communication and transaction, but it has also created a significant digital footprint that, if left unprotected threatens the fundamental right to privacy and personal liberty. While the State can impose reasonable restrictions on digital spaces to protect the rights of citizens, such interventions must remain within constitutional bounds. However, recent governmental measuresranging from new legislations to administrative moderation of Artificial Intelligence and personal dataincreasingly appear not as isolated responses to specific issues, but as a systematic state mechanism designed to control public information and retrieve private citizen data.This paper aims to evaluate whether these emerging state actions comply with the four-fold test of proportionality or if they constitute an unconstitutional overreach into the personal space of citizens.The study utilizes a doctrinal approach to examine various statutes, amendments, and executive actions.The analysis reveals that these measures consistently fail the proportionality test by granting broad executive exemptions, lacking judicial oversight, and creating a digital leash through pre-censorship and the breaking of anonymity. The findings indicate that the justifications of national security and public order often lack a rational nexus to the intrusive means employed. The paper suggests that these trends foster a chilling effect on dissent and critical journalism, threatening the core of Indian democracy. It recommends that Parliament establish a truly independent Data Protection Board and mandate prior judicial warrants for all forms of digital search and surveillance to uphold the principles of natural justice.

Keywords: Privacy, Proportionality Test, Digital Panopticon, Surveillance, Digital Authoritarianism.

1. Introduction

The new Digital age that we have now stepped into in the 21^st century has brought with it immense ease of communication, creation and transaction. The new age thoughstill comes with a baggage of digital footprint that can disastrous to people’s personal life if went to wrong hands[1]. This privacy of one’s digital data therefore is really essential for a person’s dignified existence which is also directly protected under the fundamental right to personal life and liberty as dictated in the Puttaswamy judgement. These digital spaces though, should not be left unregulated and shall be subjected to reasonable restrictions imposed upon by the statefor ensuring that the rights of the other citizens are not infringed. The government of India in the last few years seem to have taken a peculiar interest in the regulating the digital space. The methods used by the government for this task varies from bringing out new legislations, amending the old laws, taking administrative measures and other similar processes that seeks to moderate and inspect Artificial intelligence, personal data, digital content and secure communications. The govt. seems to be heavily invested in these particular areas of digital personal data of the individuals.

Through this paper it is argued that when these measures are seen from the bird’s eye view then these measures do not seem like isolated responses for specific and certain problems but rather seem like a well thought state mechanism working for controlling information that reaches the public. This system draws an eerie similarity to the concept of a panopticon[2]as given by Jeremy Bentham, where the government is using national security, public order and curbing misinformation as a justification for creating a panoptical situation where the government has all eyes on the citizens even when there’s no real rational nexus[3] between the object and the means achieved through those measures.The concept of the state trying to act as a parent and deciding for its citizen which information shall reach them and which ones are to be restricted without any reasonable justification is both undemocratic and unconstitutional. This unilateral control over information imposes a double threat to the citizens, as the state is not only restricting information that reaches us but is also retrievingcrucial private digital information from its citizen.

Finance minister while defending the new income tax bill’s inclusion of digital spaces for search and seizure,has mentioned in the parliament thathow history derived from Google Maps and Instagram accounts have been useful in identifying cash hideouts and benami properties[4]. This is the true picture of the state working under the garb of reasonable restrictions slowly inching towards interfering in people’s personal space. The earlier methods opted by the state where case centric and required gaining special access to information by courts for specific individuals.The new legislations howeverare loaded with unreasonable arbitrary powers that give the state machineries generalised powers to look into the personal data of any individual which they might deem appropriate.

2.Constitutional Frameworks Protecting Freedom Of Speech And The Right To Privacy

Considered as the core of personal liberties and the very mother of all other liberties, the ability to speak freely and access information from others is regarded as the most crucial civil right, which the government cannot easily limit or restrict without any reasonable cause. Also, as per the Indianconstitution, Article 19(1)(a)[5] protects this right for the citizens by safeguarding their ability to express their views, opinions, and thoughts through any method.  although this freedom is subject to reasonable restrictionsof Article 19(2)[6]. The judiciary through various interpretations of this article repeatedly affirmed that this protection extends beyond political speech to include both commercial speech and artistic expression. Article 19(1)(a) grants every citizen the right to receive and share information on matters of public concern, [7] that a principle supported by other judicial pronouncements which confirmed that the right to collect and disseminate information is covered by the same article.[8]

The supreme court has previously emphasized that a democratic society is dependent on free discussion, debate, and open conversation, which serve as essential checks on government actions.[9]This is vital because democracy, being a system of self-governance, requires that all people can participate in its processes, and open discussion on public issues is necessary for voters to make informed choices. Reinforcing this, the Supreme Court described free expression as a key part of the Constitution,[10] noting that a working democracy demands an educated and informed public, even while acknowledging that this right can be limited by attacks, a lack of room for different opinions, or restrictive laws. Ultimately, the right to free speech and expression is the pillar of a healthy democracy; as a government “of the people, by the people, and for the people,” it necessitates that the people can freely express opinions on the government's functioning. This freedom is a tool that allows people to live with dignity rather than just existing, and it is widely held that democracy cannot truly work without open and free expression.

Alongside the right to free expression, the Constitution guarantees the right to life and personal liberty under Article 21[11]. The Supreme Court's interpretation of this article has been foundational in establishing the Right to Privacy.Initially, the Supreme Court did not explicitly recognize a fundamental right to privacy,[12]Justice Subba Rao’s dissenting opinion famously argued that the right to privacy was an essential part of personal liberty under Article 21[13].This dissenting view was ultimately affirmed decades later in the landmark nine-judge bench[14]. This judgment definitively established the right to privacy as a fundamental right, intrinsic to Article 21[15] and protected as a part of the right to life and personal liberty.

2.1 RTI (Right to Information)

The right to information is a fundamental right, intrinsically included within the freedom of speech and expression guaranteed by Article 19(1)(a) of the Constitution.[16] This principle was again upheldby the Court where it ruled that the freedom to receive and share information is a component of free expression, facilitating public participation in moral and cultural discourse.[17]

This right also extends to cover education, knowledge, entertainment, and the ability to be informed. On the same lines as the judgementSection 2(f) of the RTI Act[18] provides a comprehensive definition of the term information, defining it as “any material in any existing form including records, documents, emails, advice, press releases, logbooks, reports, samples, and electronic data and notably extends to information held by a private body that a public authority can legally access under other laws.”

The Apex Court has previously articulated that because individuals cannot express thoughts or communicate without knowledge, the right to information is inherently included within the scope of Article 19.[19]The Court also affirmed that in a democracy, the people are the rulers and consequently have a valid right to know how the government, which exists to serve them, functions. Given that the right to information is a key facet of free expression, the rights to know, intercept, and share information are also considered part of this fundamental freedom. This entitles every citizen to the basic right to use the most efficient methods for sending and receiving information, including broadcasting. This right is not absolute, however; Section 8 of the Right to Information Act, 2005, which provides grounds for government officials to deny information requests, outlines the statutory limitations on this right, which are themselves rooted in the reasonable restrictions permitted on free expression under Article 19(2) of the Indian Constitution.

2.2Right to internet

The Indian judiciary has positively recognized access to internet as a fundamental right which is essential in the digital era. The Court haveaffirmed that due to growth of online education infrastructure in the country this accessibility is integral to both the right to privacy as well as the right to education under Articles 21 and 21A of the Indian Constitution,[20]noting its power to improve educational quality. In addition to this the Supreme Court has established internet access as a component of the freedoms of speech and commerce under Articles 19(1)(a) and 19(1)(g), respectively due to its vital role as a cost-effective platform for e-commerce and business.[21]However, the Apex Court also stipulated that any restrictions on these fundamental rights must necessarily satisfy the proportionality test under Articles 19(2) and (6).

3.Recent legislations promoting state control over information

3.1Digital Personal Data Protection Act, 2023 & Draft Digital Personal Data Protection Rules, 2025

Several provisions of the Draft Data Protection Rules, 2025[22] fail to comply with the Supreme Court’s ruling in the Puttaswamy judgment.The Puttaswamy verdict established clear guidelines for testing for any infringement to privacy and mandatedevery data protection law to be made as per a positive obligation of the state to protect it[23]. In the DPDPA[24] neither the statute, nor the rules conform to the proportionality test, and instead grant broad exemptions to government agencies regarding the protection and access to personal data. This results in undermining principles such as purpose limitation and data minimisation. Specifically, provisions such as Rule 22 by granting the Central Government unchecked authority to demand user data from Data Fiduciaries and intermediaries without any judicial oversight, transparency or safeguards creates a parallel framework for state surveillance without any checks and balances.

3.1.1Undermining RTI and Press Freedoms

The right to information, along with the right to privacy is a constitutionally protected right in India. The Data Protection Act, 2023 had already damaged the right to information which is supposed to co-exist with the right to privacy, by amending the RTI Act. Specifically, the amended Section 8(1)(j) of the RTI Act, 2005 prevents the disclosure of any information that is related to any “personal information”. This upsets a balance, where it previously allowed withholding of personal information if it bore no relation to public activity or interest and thereby constituted an unwarranted invasion of privacy. This change again departs from the proportionality test referenced in Puttaswamy judgment, effectively allowing officials to refuse critical information simply by labelling it “personal”. Here, the deficiencies of the principal law have neither been addressed, nor mitigated by the Draft Data Protection Rules, 2025.

3.1.2Expansion of Government Control and Reduced Accountability

DPDPA’s powers, while do not include the power to make regulations but they do empower the authorities the ability to summon individuals, examine evidence, and imposing penalties. These powers we foresee will be exercised with compromise and in a partisan manner given its structure and staffing. Rule 16 of the Draft Data Protection Rules, 2025 Rules centralises its appointments, functioning, and decision-making within the executive branch, raising serious concerns about political influence and lack of autonomy​. Since the Data Protection Board is controlled by the executive, this creates risks of bias in adjudication when the state itself is the biggest data fiduciary and processor.

3.1.3Vague and Arbitrary Definitions Allow Misuse

The Draft Data Protection Rules, 2025 suffer from significant vagueness creating the possibility for, selective enforcement. Poorly defined terms and a lack of clarity on key provisions enable state overreach, opaque corporate practices and inconsistent application. For instance, several critical terms remain vague or entirely undefined, For instance, several critical terms remain vague or entirely undefined, including: “Instrumentalities of the State,” which fails to specify which government-controlled entities are exempt from strict privacy norms, granting excessive discretionary power; “Emergent Situation,” which lacks a legal or operational definition and could justify limitless state access to data without accountability; “Research, Archiving, or Statistical Purposes,” where the absence of specific standards allows for potential misuse by companies seeking exemptions from user consent ; and “Significant Data Fiduciary (“SDF”),” as the criteria for classifying an entity as an SDF remain unclear, particular regarding data volume or sensitivity.The lack of specificity falls short of acceptable legal standards.

3.1.4A data protection law that does not protect Indians

The Draft Data Protection Rules, 2025 provided another opportunity for the MeitY to ensure the protection of the privacy of ordinary Indians. It is upsetting that they end up tightening a digital leash while having poorly thought and designed provisions. They mark a continuous failure to comply and meet the constitutional thresholds as set by the Supreme Court on the right to privacy. Substantial changes to the Draft Data Protection Rules, 2025 is required in thecurrent form of the act for being poorly considered and increasing the trends towards digital authoritarianism.[25]

3.2VPN – Cert Rules

India has introduced a law that requires all virtual private network (VPN) service providers to keep user data for a minimum of five years. There are concerns about how these new guidelines, issued by the Ministry of Electronics and Information Technology, might affect the fundamental rights of privacy and freedom. The guidelines ask all data centres, cloud service providers, virtual private server providers, and VPN service providers to maintain user logs for at least five years. These rules for VPN[26] service providers are seen as unreasonable and may invade user privacy. Also, it is unclear what exactly needs to be collected, which could lead to surveillance.The fact that the VPN services require logs according the new laws contradicts the principal purpose of the VPN services itself. One of the main aspects of a VPN is to ensure the security and privacy of the user in the form of an encrypted connection which allows to hide the IP address and stay unnoticed. The following directions are against this by enforcing the storage of personal information such as verified customer names, assigned IP addresses, email addresses, physical address and phone number.The no-log services are the most common VPN services, which are services that do not store any data that can be used to identify a particular user. Others maintain technical records, such as location of servers and time stamps, on how to improve the service. Nevertheless, the maintenance of user data is imposed by the new rules, thereby going against this principle.

What is unclear is what data is being sought. The rules are clearly against user rights since they demand that the providers store and transfer sensitive personal information. This would enable the government to gather excessive information than it needs for its legitimate purposes. The section 70B of the IT Act has overridden any confidentiality agreement in a contract.This information should be retained at least five years according to the fifth instruction given by CERT-In. It is assumed that the data retention might exceed this time and CERT-In has not provided an appropriate reason to this. Without certain time restrictions, data retention should be based on the so-called principles of proportionality. The absence of mechanisms to check the government as the receiver of the data exposes the users to dangers such as breaching of data and tracking.These solutions are also unwarranted and burdensome to businesses, in terms of additional storage space. This is detrimental to present operations not mentioning the Micro, Small, and Medium Enterprises (MSMEs) which are also subject to the guidelines[27].

3.2.1Against the Principle of Proportionality

The principle of proportionality entails that a law exists, there is a goal that is legitimate to the state and there is a rational connection between the goal and the means of achieving it[28].The CERT-In regulations on data retention should be evaluated in this principle. The court in the Aadhaar judgment declared that a clause that required the retention of authentication records beyond a time of five years was unconstitutional.The court thought that six months of retention of data was sufficient. The CERT-In Directions, though, require a five-year retention, perhaps more. The length of time has not been well explained by the government.As per application of the proportionality test, such rules appear to be against the constitutional requirement. The only valid state purpose that can be set to sustain the logs in such a duration of time does not exist and the purpose of minimizing cybersecurity threats and storing data in such a long period does not make any sense.

3.2.2Breach of Right to Anonymity

The primary aim of VPN is to conceal actual identity of the user. The concept of anonymity has been accepted by Indian court decisions. This anonymity privilege has now become a right to privacy as laid down in Subhash Chandra Agrawal[29]. In the absence of anonymity, profiling by analyzing traffic is possible.It is done by gathering extensive data in order to determine the trend of the users. Storing information dealing with IP addresses, details of subscribers and email addresses would make it easier to monitor their activities on the government side. This extensive gathering and utilization of data in order to recognize the users is against the Subhasch Chandra decision and infringes the right to anonymity.Numerous significant VPN providers of services, such as ProtonVPN and Surfshark, have reported that they will keep their no-logs policy and exit the Indian market as a result of the new laws.The absence of a dedicated and independent Data Protection Authority in India means these guidelines violate civil liberties and raise concerns about widespread surveillance. There are also insufficient regulatory procedures to control the actions of the authorities without a strong data protection regime and an appropriate oversight mechanism. One recommendation is to start a thorough public consultation process with stakeholders and service providers to address these issues.

3.3Income Tax Bill 2025

The Income Tax Bill, 2025[30] was presented in Lok Sabha on February 13, 2025. This Bill will be replacing the existing Income Tax Act, 1961[31]. On the face of it the Bill retains much of the structure of the 1961 Act. It, however, attempts to simplify it by cutting down the number of sections, the text length, and making it straight forward.In spite of this objective, the Bill has attracted a lot of debate and controversy. This is due to some provisions that allow a tax authority to access an individual virtual digital space in case of a search or seizure. This, in effect, would permit by-passing encryption, cracking passwords of emails, social media accounts, and cloud storage without any prior notice, summons or warrant.

3.3.1Evolution of the Indian Tax Law of search and seizure

In the colonial times, no explicit regulation existed when it came to search and seizure. The government played a minimal role and the tax payers were supposed to obey the regulations with little intervention.This altered with the act of Income tax in 1922. But the actual investigative strength of the Indian taxation system was the Taxation on Income (Investigation Commission) Act of 1947[32]. Under this Act, Section 6 and 7 gave the Income-tax Investigation Commission similar powers as a civil court, wherein it could request documents, check accounts and question witnesses.These powers led to the establishment of the first organized system of the search and seizure in the Indian tax system by the 1961 Act.Another significant one was the Finance Act of 2017[33]. This Act introduced a note to Sections 132(1) and 132(1A) of the 1961 Act, in respect of which the reason to believe of a search or seizure does not have to be shared with any person, including the Income Tax Appellate Tribunal. The transparency and accountability of the judicial system were interpreted as being threatened.

3.3.2What Is New in the Bill on Search and Seizure?

The most notable amendment to the Bill is the addition of the language of the virtual digital space of Section 261(i). This term is extremely broad and encompasses such objects as emails, social media accounts, cloud servers, online banking, and brokerage. Briefly, any online service that holds user information or enables communication is within this definition.Under the 1961 Act, searches and seizures, as listed in Section 132, were mainly focused on physical places, documents, and assets.The Bill, through Section 247(1)(b), gives tax authorities the power to conduct searches and seizures if there is a reason to believe that someone has undisclosed income or assets, whether in India or abroad. Moreover, the Bill allows officers to ask individuals with access to electronic records or data to provide technical assistance, which includes giving them access codes for inspection.Another important change is in Section 247(7) of the Bill;this section expands the legal assumptions found in Section 132(4A) of the 1961 Act to include the digital world. Both the 1961 Act and the new Bill assume that: (i) items found during a search belong to the person in possession; (ii) the contents of documents are true; and (iii) signatures and handwriting are genuine. The Bill goes a step further by assuming that any information or message found on a computer or online platform (such as emails, chat logs) is accurate and was sent between the mentioned parties.

3.3.3Constitutional Issues and Legal Challenges

The constitutionality of search and seizure provisions under the 1961 Act was decided by the Supreme Court[34]where it reaffirmed its previous stance,[35] that these investigative powers while intrusive, are necessary for the state's interest in maintaining economic and social order, provided they are within legal limits.

While the Pooran Mal ruling on Section 132 of the 1961 Act still holds, the new powers in the Bill especially Section 247(1)(b)(iii), which allows tax officials to bypass consent, passwords, and encryption without giving any notice raise serious constitutional concerns. This is especially relevant after the Supreme Court's Puttaswamy ruling.The reasons to believe that justify any search or seizure should be clearly communicated to the affected person, preferably in writing, either on the same day or at the latest within 24 hours.This kind of disclosure follows the principles of natural justice by informing the person about the legal basis for the violation of their privacy and property rights. It also allows them to take appropriate legal action if they think the search was unjustified.Thus, requiring such disclosures would serve as a strong check against arbitrary searches, making tax authorities use their broad powers more responsibly and carefully. This procedural protection is especially important in the digital age, where searches can access a huge amount of very sensitive personal and business data.

4.The Shreya Singhal verdict

The Supreme Court's ruling in the Shreya Singhal[36] case is significant for India's digital free speech legislation. The Court ruled that Section 66A of the IT Act was unconstitutional. Sending offensive or deceptive electronic communications was made illegal under section 66A. It penalized emails intended to annoy, inconvenience, insult, injure, or incite hatred, as well as messages that were extremely offensive or threatening. This clause carries a maximum sentence of three years in prison and a fine.While striking down the provision, the Supreme Court held that it placed too vague restrictions on speech since they criminalised speech that was offensive or menacing. The Court held that words such as annoyance and inconvenience gave too much discretionary authority to the officials, which would be abused arbitrarily and suffocated legitimate speech, including satire and political dissent.The verdict of the Court was that speech online was given the same protection of speech with the constitution as speech offline. It pointed out that ambiguous laws have chilling effect on the freedom of speech and are unconstitutional under Article 19(1)(A) of the Constitution unless they meet the test of reasonable restrictions in Article 19(2).

More importantly, the Court affirmed that intermediaries have the duty of removing content only where it is ordered by a court or government under due process. This interpretation shielded sites against being pressured into taking informal or arbitrary takedown requests.

5. Other recent actions of state against freedom of speech and right to privacy

5.1State action againstintermediaries and Online Content

The Information Technology (IT) Rules, 2021, and Section 69A of the IT Act are regularly involved in the regulation of online speech by the Indian government, especially on the major social media platforms. These powers have been used by the authorities to force content considered subversive to be taken down in the name of the threats to sovereignty and integrity. In 2023, an example was the order to Twitter/X and YouTube to take down material concerning a BBC documentary that was critical of the ruling party[37].Though it is common to acquiesce to such blocking orders, Twitter has launched legal actions against this blocking order, by questioning the reasonableness and the locality of such orders and relevance to due process[38]. The government defends such measures, such as the deletion of hundreds of accounts during the protest of farmers[39], as they need to cut misinformation and maintain order in the community. At the same time, India is one of the leading demands of user data by intermediaries such as Meta.

There is a considerable conflict between the legal protections set by the procedures that are required under the Section 69A and the mechanisms that were proposed by the 2021 Intermediary Rules. The portal known as Sahyog[40] created under such regulations was said to enable many bureaucratic functionaries to pass takedown orders, which usually bypassed the statutory protection and needed to notify users. This administrative fiat over adjudicated legal procedures is of serious concern as far as the narrowing of Article 19(1)(a) (freedom of speech) and a chilling effect on dissent is formed.

5.2Decentralization of Takedown powers and the following re-calibration.

Under the Sahyog portal introduced as the IT Rules 2021, the government heavily decentralized its censorship functionality through the empowerment of almost 1,800 officials, such as district magistrates and local police superintendents, to make takedown orders. It was found faulty, this broad delegated legislature, as it gives unrestricted discretion to lower-level functionaries, without registering a specific statutory direction, or penalty on abuse, or independent appeal.In a particular case, the Facebook page of a lawyer was taken down after the opaque request was made through the Sahyog portal without any reason being given to the user of the affected page. [41]The intervention of the Punjab Haryana High Court demonstrated the insufficient due process and the possibility of arbitrariness, which is a violation of Article 14 of the Constitution. In late 2025, the Union government, after litigation and popular criticism, apparently limited this power, limiting the power to make takedown orders against senior officials (Union Joint Secretaries or DIGs and above). This remedial action effectively admits the constitutional excessiveness of the previous regime.

5.3 Algorithmic Governance and Media monitoring that is sponsored by the state.

The proposal in the Government of Maharashtra to approve a Media Monitoring Centre (MMC) indicates that they are on the path of algorithmically governing speech. The MMC, with the help of AI and machine learning, is to analyse the media and perform a so-called sentiment analysis to determine the fake or misleading news.Civil society organizations believe that this program is a state-sponsored surveillance program, which is not publicly accountable or has an appeal process against material that can be considered as misinformation. This has been a controversial development in the law especially after a Bombay High Court ruled in 2024 to invalidate a federal fact-checking unit (FCU) similar to this one[42]. Such a mechanism, according to which the government was allowed to blacklist content, was declared by the High Court to be ultra vires Article 19(1)(a) and contrary to Article 14. The MMC, which has no clear legal support and procedural protection, has a threat of putting a chilling effect on critical journalism and acts as a species of prior restraint.

6. Conclusion and Recommendations

The analysis conducted throughout this paper confirms thatthe DPDPA’s broad executive exemptions, the CERT-In directives compelling data retention by VPNs, and the Income Tax Bill's expansion of search powers into digital spaces all fail to satisfy the four-fold proportionality test. The justifications offeredas national security, public order, and curbing misinformation, lack a rational nexus to their stated goals, and fail to employ the least intrusive means. Also, they cannot be considered “reasonable restrictions” under Article 19(2) and are an egregious violation of the right to privacy inherent in Article 21. The pattern of executive overreach, bypassing parliamentary debate, and centralising power confirms these actions are connected, moving India towards a regime of digital authoritarianism.

This trend poses a clear and present danger to Indian democracy, fostering a chilling effectthat stifles dissent, critical journalism, and the free exchange of ideas necessary for an informed citizenry. The Parliament must amend the DPDPA to remove the sweeping exemptions for ‘instrumentalities of the state’ and establish a genuinely independent Data Protection Board. Any rules mandating pre-censorship or the breaking of anonymity, such as the VPN rules, should be reconsidered by the government. any form of state surveillance or digital search, including under tax laws, is contingent on a prior judicial warrant. The reason to believe must become a reviewable standard, not a secret held by the executive, to uphold the principles of natural justice.

References

[1]L. Vervier, E.-M. Schomakers, et.al., "Perceptions of digital footprints and the value of privacy" Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security (2017).

[2]Jeremy Bentham, The Panopticon Writings (Verso, London, 1995).

[3]“Constitutionality of Aadhaar: Judgment Summary”, Supreme Court Observer, available at: https://www.scobserver.in/reports/constitutionality-of-aadhaar-justice-k-s-puttaswamy-union-of-india-judgment-in-plain-english/ (last visited on Dec. 12, 2025).

[4]“Nirmala Sitharaman: Google Maps, Instagram Help Trace Rs 250 Crore Cash”, Deccan Chronicle, Mar. 26, 2025, available at: https://www.deccchronicle.com/nation/nirmala-sitharaman-google-maps-instagram-help-trace-rs-250-crore-cash-1869085 (last visited on Dec. 12, 2025).

[5]The Constitution of India, art. 19(1)(a).

[6]The Constitution of India, art. 19(2).

[7]State of Uttar Pradesh v. Raj Narain (1975) 4 SCC 428.

[8]Secretary, Ministry of Information & Broadcasting, Gov’t of India v. Cricket Association of Bengal, (1995) 2 SCC 161.

[9]Maneka Gandhi v. Union of India, (1978) 1 SCC 248.

[10]Mahesh Bhatt v. Union of India, (2022) 5 SCC 509.

[11]The Constitution of India, art. 21.

[12]Kharak Singh v. State of U.P., AIR 1963 SC 1295.

[13]Supra note 13.

[14]K.S. Puttaswamy v. Union of India, (2017) 10 SCC.

[15]Supra note 13.

[16]People’s Union for Civil Liberties v. Union of India, (1997) 1 SCC 301.

[17]Supra note 11.

[18]Right to Information Act, 2005, s. 2(f) (Act 22 of 2005).

[19]Supra note 10.

[20]Faheema Shirin R.K. v. State of Kerala, 2019 SCC OnLine Ker 1733.

[21]Anuradha Bhasin v. Union of India, (2020) 3 SCC 637.

[22]Draft Digital Personal Data Protection Rules, 2025 (Ministry of Electronics & Information Technology, Jan. 3, 2025).

[23]“Constitutionality of Aadhaar: Judgment Summary”, Supreme Court Observer, available at: https://www.scobserver.in/reports/constitutionality-of-aadhaar-justice-k-s-puttaswamy-union-of-india-judgment-in-plain-english/ (last visited on Dec. 12, 2025).

[24]Digital Personal Data Protection Act, 2023 (Act 22 of 2023).

[25]“IFF’s Response to MeitY on the Draft Data Protection Rules, 2025”, Internet Freedom Foundation, Mar. 5, 2025, available at: https://internetfreedom.in/iffs-response-to-meity-on-the-draft-data-protection-rules (last visited Dec. 12, 2025).

[26]Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Directions, 2022.

[27]Siddharth Chaturvedi and Himanshi Srivastava, “The constitutionality of the new Indian CERT-In VPN rules” 13 International Data Privacy Law 331 (2023).

[28]Supra note 15.

[29]C.P.I.O., Supreme Court of India v. Subhash Chandra Agarwal, (2020) 5 SCC 481.

[30]Income-tax Bill, 2025 (Bill 104 of 2025).

[31]Income-tax Act, 1961 (Act 43 of 1961).

[32]Taxation on Income (Investigation Commission) Act, 1947 (Act 30 of 1947).

[33]Finance Act, 2017 (Act 7 of 2017).

[34]Pooran Mal v. Director of Inspection (Investigation) of Income Tax, (1974) 1 SCC 345.

[35]M.P. Sharma v. Satish Chandra, AIR 1954 SC 300.

[36]Shreya Singhal v. Union of India, (2015) 5 SCC 1.

[37]“N. Ram v. Union of India (BBC Modi Documentary)”, Supreme Court Observer, available at: https://www.scobserver.in/cases/n-ram-v-union-of-india-bbc-modi-documentary/ (last visited Dec. 12, 2025).

[38]X Corp v. Union of India, W.P. No. 7405 of 2025 (Karn. H.C. Sept. 24, 2025).

[39]“India's demand to block accounts amid farmers' stir curtails free speech: X”, Al Jazeera, Feb. 22, 2024, available at: https://www.aljazeera.com/news/2024/2/22/indias-demand-to-block-accounts-amid-farmers-stir-curtails-free-speech-x (last visited Dec. 12, 2025).

[40]“Sahyog Portal”, Ministry of Home Affairs, available at: https://sahyog.mha.gov.in (last visited Dec. 12, 2025).

[41]Rajat Kalsan v. State of Haryana, CWP No. 22084 of 2025 (P&H H.C. Aug. 1, 2025).

[42]Nandita Bharadwaj and Aditya, “Bombay HC formally strikes down Centre's fact-check unit, calls amended IT-Rules unconstitutional”, The Hindu, Feb. 2, 2024, available at: https://www.thehindu.com/news/national/bombay-he-formally-strikes-down-centres-fact-check-unit-calls-amended-it-rules-unconstitutional/article68684934.ece (last visited Dec. 12, 2025).

Note - The information contained in this blog is for general informational purposes only. We endeavour to keep all content accurate, updated, and free from any form of misinformation or objectionable material. However, we shall not be responsible for any claims arising out of copyright infringement, plagiarism, or related issues; such responsibility lies solely with the respective authors. If you find any misinformation or objectionable content on this website, please report it to us at: editors.ilw@gmail.com