The right to privacy is a fundamental right guaranteed to each citizen by the Constitution. But what about those who do not have the agency to claim this right for themselves? Do children, for instance, have the right to privacy? Recently, while hearing a paternity suit, the Supreme Court answered in the affirmative. The court cited the United Nations’ Convention on the Rights of the Child — India ratified it in 1992 — to state that children are not to be deprived of the right to privacy simply by virtue of being children. This raises important legal questions. The first, and perhaps the most important one, concerns the role of the custodian of a child’s right to privacy. The Supreme Court’s observation had come in the context of a paternity suit that showed that children often get caught up in the battles of adults where their rights are disregarded by the ‘custodians’ tasked with protecting those very rights.

This is not to suggest that there is a paucity of laws underlining a child’s right to privacy. But implementing them remains a grey area, not least because children usually do not have the wherewithal to demand these rights. It is imperative that parents, legal guardians and the State act as stewards of a child’s right to privacy. But this is especially challenging in India, where the concept of privacy is seen as inimical to the cohesion of the structure of the traditional family. Cultural mores — they vary across countries — thus take precedence over personal choices and ownership. In 2010, it was reported that the parents of a child forced him to divulge his Facebook password to school authorities. The same year, in a similar case involving a 15-year-old in the United States of America, the largest civil liberties union in that country sued the school and the court ordered the latter to pay up $70,000 in damages. With the popularity of the digital universe rising among children, a new — worrying — aspect of a breach in their privacy has opened up. In 2020, the Union government’s online education application revealed the personal data of nearly 600,000 students, down to their addresses and test scores, to the world wide web for over a year, rendering them vulnerable to misuse and exploitation. Hearteningly, legislation is catching up. Chapter IV, Section 16 of the personal data protection bill 2019 mandates that a data fiduciary verify the age of a child and obtain the consent of his or her parent or guardian before processing their data. Yet, like in most Indian laws, here too, no distinction is made between children and adolescents. A 16 or a 17-year-old requiring parental approval for accessing their data could be deemed as inimical to juvenile privacy. Incidentally, in Europe, children above the age of 16 are considered mature enough to take a call on their own data usage. In China, this age of consent is 14. Should India, one of largest generators of data, begin to review its position on children’s age, consent and agency concerning data privacy?