The Union government’s Cabinet Committee on Security recently gave clearance to the Home Ministry’s NATGRID project. The project aims to allow investigation and law enforcement agencies to access real-time information from data stored with agencies such as the Income Tax Department, banks, insurance companies, Indian Railways, credit card transactions, and more. NATGRID, like a number of other government initiatives (UIDAI), is being established through governmental notifications rather than legislation passed in Parliament. The examination of this issue requires an assessment of the benefits of legislation vis-a-vis government notifications. Government notifications can be issued either under a specific law, or independent of a parent law, provided that the department issuing such notification has the power to do so. Rules, regulations which are notified have the advantage of flexibility since they can be changed without seeking Parliamentary approval. This advantage of initiating projects or establishing institutions through government notifications is also potentially of detriment to the system of checks and balances that a democracy rests on. For, while legislation takes a longer time to be enacted (it is discussed, modified and debated in Parliament before being put to vote), this also enables elected representatives to oversee various dimensions of such projects. In the case of NATGRID, the process would provide Parliamentarians the opportunity to debate the conditions under which private individual information can be accessed, what information may be accessed, and for what purpose. This time consuming process is in fact of valuable import to projects such as NATGRID which have a potential impact on fundamental rights. Finally, because changing a law is itself a rigorous process, the conditions imposed on the access to personal information attain a degree of finality and cannot be ignored or deviated from. Government rules and regulations on the other hand, can be changed by the concerned department as and when it deems necessary. Though even governmental action can be challenged if it infringes fundamental rights, well-defined limits within laws passed by Parliament can help provide a comprehensive set of rules which would prevent their infringement in the first place. The Parliamentary deliberative process in framing a law is thus even more important than the law itself. This is especially so in cases of government initiatives affecting justiciable rights. This deliberative process, or the potential scrutiny of government drafted legislation on the floor of Parliament ensures that limitations on government discretion are clearly laid down, and remedies to unauthorised acts are set in stone. This also ensures that the authority seeking to implement the project is The other issue pertains to the legal validity of the project itself. Presently, certain departmental agencies maintain databases of personal information which helps them provide essential services, or maintain law and order. The authority to maintain such databases flows from the laws which define their functions and obligations. So the power of maintaining legal databases is implicit because of the nature of functions these agencies perform. However, there is no implicit or explicit authorization to the convergence of these independent databases. One may argue that the government is not legally prevented from interlinking databases. However, the absence of a legal challenge to the creation of NATGRID does not take away from the importance of establishing such a body through constitutionally established deliberative processes. Therefore, the question to be asked is not whether NATGRID is legally or constitutionally valid, but whether it is important for Parliament to oversee the establishment of NATGRID. In October 2010, the Ministry of Personnel circulated an “Approach paper for a legislation on privacy”. The paper states: “Data protection can only be ensured under a formal legal system that prescribes the rights of the individuals and the remedies available against the organization that breaches these rights. It is imperative, if the aim is to create a regime where data is protected in this country, that a clear legislation is drafted that spells out the nature of the rights available to individuals and the consequences that an organization will suffer if it breaches these rights.” As the lines above exemplify, it is important for a robust democracy to codify rights and remedies when such rights may be potentially affected. The European Union and the USA, along with a host of other countries have comprehensive privacy laws, which also lay down conditions for access to databases, and the limitations of such use. The UIDAI was established as an executive authority, and still functions without statutory mandate. However, a Bill seeking to establish the body statutorily has been introduced, and its contents are being debated in the Parliamentary Standing Committee on Finance and the Bill has also been deliberated on by civil society at large. A similar approach is imperative in the case of NATGRID to uphold the sovereign electorate’s right to oversee institutions that may affect it in the future.
In law, the addition or deletion a single punctuation or a single word can have a major impact on the effect of that law. One such example can be seen from the recommended changes in the Civil Liability for Nuclear Damage Bill, 2010 by Parliament’s Standing Committee. The Civil Liability for Nuclear Damage Bill, 2010 was introduced in the Lok Sabha on May 7, 2010. The Bill was referred to the Parliamentary Committee on Science and Technology, Environment and Forests, which submitted its report on the Bill yesterday (August 18, 2010). The Committee has made a number of recommendations regarding certain clauses in the Bill (See summary here). One of these may have the effect of diluting the provision currently in the Bill. The main recommendations pertain to:
Clause 17 of the Bill which gives operators a right of recourse against those actually causing damage had been opposed as it was felt that it was not strong enough to hold suppliers liable in case the damage was caused by them. Clause 17 gave a right of recourse under three conditions. The exact clause is reproduced below: The operator of a nuclear installation shall have a right of recourse where — (a) such right is expressly provided for in a contract in writing; (b) the nuclear incident has resulted from the wilful act or gross negligence on the part of the supplier of the material, equipment or services, or of his employee; (c) the nuclear incident has resulted from the act of commission or omission of a person done with the intent to cause nuclear damage. Under this clause, a right of recourse exists when (a) there is a contract giving such a right, or (b) the supplier acts deliberately or in a grossly negligent manner to cause nuclear damage, or (c) a person causes nuclear damage with the intent to do so. If any of the three cases can be proved by the operator, he has a right of recourse. The Committee has stated that “Clause 17(b) gives escape route to the suppliers of nuclear materials, equipments, services of his employees as their willful act or gross negligence would be difficult to establish in a civil nuclear compensation case.” It recommended that Clause 17(b) should be modified to cover consequences “of latent or patent defect, supply of sub-standard material, defective equipment or services or from the gross negligence on the part of the supplier of the material, equipment or service.” The Committee also recommended another change in Clause 17. It recommended that clause 17(a) may end with “and”. This provision may dilute the right of recourse available to operators. The modified clause 17 would read as: The operator of a nuclear installation shall have a right of recourse where — (a) such right is expressly provided for in a contract in writing; and, (b) the nuclear incident has resulted as a consequence of latent or patent defect, supply of sub-standard material, defective equipment or services or from the gross negligence on the part of the supplier of the material, equipment or services.; (c) the nuclear incident has resulted from the act of commission or omission of a person done with the intent to cause nuclear damage. This implies that for Clauses 17(b) or (c) to be applicable, the condition specified in clause 17(a) has to be compulsorily satisfied. Two examples highlight the consequence of the recommended change in Clause 17(a) of the Bill:
The effect of the changes recommended by the committee may thus dilute the provision as it exists in the Bill. The table below compares the position in the Bill and the position as per the Standing Committee’s recommendations:
| Right of recourse - The Bill gives operators a right to recourse under three conditions: (a) if there is a clear contract; (b) if the damage is caused by someone with intent to cause damage; (c) against suppliers if damage is caused by their wilful act or negligence. | In the Bill the three conditions are separated by a semi-colon. The Committee recommended that the semi-colon in clause 17(a) should be replaced by “and”. | This might imply that all three conditions mentioned need to exist for an operator to have recourse. |
| Right to recourse against suppliers exists in cases of “willful act or gross negligence on the part of the supplier”. (Clause 17) | The Committee felt that the right of recourse against suppliers is vague. It recommended that recourse against the supplier should be strengthened. The supplier is liable if an incident has occurred due to (i) defects, or (ii) sub-standard material, or (iii) gross negligence of the supplier of the material, equipment or services. | The variance with the Convention continues to exist. |
