Home » Blog » The Great Tug of War: Transparency vs Privacy

The Great Tug of War: Transparency vs Privacy

By /

Authored By: Shwana Rayees

Aligarh Muslim University

Abstract

The foundation of democratic government, particularly in the digital age, is the interaction between privacy and transparency. Transparency was made an essential concept by India’s Right to Information (RTI) Act, 2005, which gave people the ability to hold the government responsible. A major step forward in the protection of personal data has been made with the recent passage of the Digital Personal Data Protection (DPDP) Act, 2023, but there are serious concerns about how it may affect transparency. With an emphasis on how the DPDP Act’s enlarged “personal information” exemptions may restrict access to public documents and undermine democratic accountability, this article explores the conflict between these two rights. The article makes the case for a balanced strategy that protects privacy without compromising citizens’ right to know, which is the cornerstone of a robust democracy, by examining the legal system, current events, public discussions, and comparative international viewpoints.

Introduction

Can individuals stay fully informed about government acts without jeopardizing their personal privacy in an era where nearly every element of life leaves a digital footprint?  One of the main issues facing India’s contemporary democracy is the conflict between privacy and transparency.  Transparency, on the one hand, guarantees that public officials’ acts are open, accountable, and susceptible to public examination. However, privacy protects people’s liberty, dignity, and personal information, particularly in a society that is becoming more and more reliant on digital technology. Both ideas are crucial: in an age of ubiquitous data collecting, privacy safeguards people, while disclosure enhances democratic government.

Transparency in India has been established by the Right to Information (RTI) Act, 2005. RTI gives people access to government documents, enabling them to keep an eye on public administration, uncover wrongdoing, and take an active role in governance.

 However, a simultaneous focus on privacy has become necessary due to the rise of digital governance and extensive data processing. In order to safeguard individuals’ digital information from abuse, the Digital Personal Data Protection (DPDP) Act, 2023, was passed into law. Its purpose is to control the gathering, storing, and processing of personal data, such as email address and Adhaar cards etc. 

Therefore, the main argument is whether the DPDP Act unjustly restricts transparency and democratic accountability while protecting privacy.

Right to Information

An important turning point in India’s democratic trajectory was the passage of the Right to Information Act in 2005. Prior to its passage, there was little and frequently no access to government records, which allowed bureaucratic power and transparency to run amok. In the 1990s, civil society organizations fought tenaciously for the public’s right to know how public resources were being used, especially the Mazdoor Kisan Shakti Sangathan (MKSS) in Rajasthan. The RTI Act was made possible by their battles against corruption and demands for accountability. As upheld in State of Uttar Pradesh v. Raj Narain (1975) [1]and S.P. Gupta v. Union of India (1981)[2], the Supreme Court of India has long acknowledged that the right to information stems from the protection of freedom of speech and expression under Article 19(1)(a) of the Constitution.

Ensuring participation and accountability.

The RTI Act has played a significant role in bringing corruption, inefficiency, and resource misuse to light. One of its most well-known examples was perhaps its involvement in the Supreme Court’s 2024 Electoral Bonds Case, in which NGOs and RTI activists claimed that the plan compromised political finance transparency. Citing the value of people’ right to know, the Court invalidated the plan.

By enabling regular people to interact with the government directly, RTI has improved governance in addition to exposing corruption. It has been utilized by workers to guarantee equitable wage plan implementation, students to confirm test results, and farmers to check land records. It has served as an empowering tool in each instance, reducing the distance between the governed and the government. [3]

By amending Section 8 (1)(j) of the RTI Act and restricting access to personal data without conducting a public interest inspection, the DIGITAL PERSONAL DATA PROTECTION ACT, 2023 (DPDP Act) undermines it. Transparency, accountability, and the Indian Constitution’s Article 19(1)(a) guarantee of freedom of speech and expression are all at risk from this shift.

Section 8(1)(j) of the RTI Act of 2005- According to this clause, personal information that is unrelated to public activity or interest or that would result in an unjustified breach of privacy cannot be disclosed. It does, however, offer a significant exception: if the Public Information Officer (PIO) is convinced that a greater public interest warrants it, the material may be released.

The DPDP Act and the Right to Privacy

Privacy as a Fundamental Right

With the Supreme Court’s historic decision in Justice K.S. Puttaswamy v. Union of India (2017)[4], the concept of privacy as a pillar of individual liberty in India solidified. A nine-judge panel unanimously ruled in this case that Article 21 of the Constitution guarantees the right to privacy as a basic right. The Court stressed that the right to privacy protects human dignity, individual liberty, and the freedom to make decisions without excessive intervention from the government or private organizations.

Recognizing privacy as a basic right has become crucial in the current digital era, where personal data is continuously gathered, saved, and shared from social media platforms to Aadhaar verification.

An overview of the DPDP Act,2023

Recent concerns about data misuse led to the enactment of the Digital Personal Data Protection (DPDP) Act, 2023. Its main objective is to control the collection, processing, and storage of personal data in order to hold both public and commercial organizations that handle individuals’ information accountable.

The Act creates rights for individuals, including permission and data rectification, imposes duties on data fiduciaries (companies that collect data), and specifies sanctions for abuse. On paper, it seeks to provide a more secure digital environment where people’s right to privacy is upheld[5].

RTI Exemptions and Section 44(3)

Section 44(3) of the DPDP Act, amending the RTI Act of 2005, is a major source of contention.  Under RTI, it broadens the definition of “personal information” that is excluded from disclosure. In the past, the only data that was excluded was that which was obviously private or unconnected to public action. A far greater variety of information can now be concealed due to the expansion of definitions.[6]

For instance, information pertaining to officials’ administrative files, decision-making procedures, or service records may be excluded on the grounds that it constitutes “personal data.”

The Rising Tension

 The DPDP Act is unquestionably a positive step in safeguarding digital privacy, but there are concerns that it could harm freedom. If all government-related information be protected as “personal,” people could lose a crucial instrument for keeping public servants responsible.

Therefore, striking the correct balance between protecting privacy and preserving the hard-won benefits of transparency under the RTI Act is the challenging task.

Current Situation and Problems

Transparency Risks

The actual atmosphere for information access has already changed with the passage of the Digital Personal Data Protection Act (DPDP Act). Critics claim that the DPDP Act narrows the previous public-interest override and increases the range of crucial data that can be withheld by modifying the RTI exemption for “personal information,” which makes it simpler for public entities to deny disclosure on privacy grounds. Recent reports from the Central Information Commission provide evidence of the significance of this change that the CIC has continued to receive a high volume of applications and appeals, demonstrating the public’s ongoing reliance on RTI as a vehicle for openness.

Concretely, there is a risk that documents that the public has traditionally used to examine government actions, like the service histories of public servants, administrative decision minutes, tender and expenditure records, or vetting documents, will increasingly be labelled as “personal information” and excluded.  Advocates and parties in Parliament have claimed that Section 44(3) essentially eliminates or weakens the “public interest” clause, which formerly permitted the revelation of personal information where the public interest was required, thus this risk is not only theoretical.

Public Debate and Concerns

A number of well-known civil society organizations have persisted in opposing the amendment because they believe it will undermine the RTI Act and be used as a tool to erect a wall around public officials and reveal information about their personal assets, transfers, appraisals, etc., in order to reject information requests that contain personal data, which could lessen government accountability.

At the core of the problem is the uncertainty that exists between “personal information” and “public interest.” Who determines whether information is useful to the general public?  The risk is that public authorities themselves have this option, which leaves room for selective disclosure. For example, by designating them as personal, information on public spending on projects, hiring choices, or resource distribution are the issues that directly impact citizens, may be hidden.

On August 20, 2025, the Ministry of Electronics and Information Technology (MeitY) explained that the Amendment codifies existing jurisprudence, helps prevent potential conflicts between laws, and is consistent with the Supreme Court’s ruling in the case of Justice K.S. Puttaswamy v. Union of India, which focuses on judicial reasoning on reasonable restrictions.

According to the Ministry’s additional explanation, a public authority may still grant access to information under section 8(2) of the RTI Act if the public interest in disclosure outweighs the harm to the protected interests.  The Attorney General of India, Shri R. Venkataramani, has officially accepted the Ministry’s position that the RTI Act is not undermined by the DPDP Act.[7]

EU’s approach to the dispute between privacy and transparency

The European Union (EU) offers helpful guidelines on how democracies should strike a compromise between the right to information access and the right to privacy. Both rights are acknowledged as essential under the General Data Protection Regulation (GDPR), but neither is unlimited. Courts have underlined again and time again that the greater public interest in transparency must frequently be balanced against privacy.

The Court of Justice of the EU (CJEU) recognized in Google Spain v. AEPD & Mario Costeja Gonzalez[8] that the public’s right to information cannot be superseded by privacy. Rather, courts must assess each case by taking into account elements like:

  1. Kind of information: Privacy comes first if it pertains to an individual’s private life and has no broader public interest.
  2. Case-by-case balancing: Each request for access or deletion must be evaluated separately in order to strike a balance between democratic accountability and privacy.

The EU’s commitment to striking a balance between data protection and individuals’ right to access public information is further demonstrated by Article 86 of the GDPR, which requires member states to enact legislation that does just that.

This balancing act is demonstrated by a number of seminal examples.  The question in Volker und Markus Schecke and Hartmut Eifert v. Land Hessen [9]was whether it was against privacy law to publicize the names of EU agriculture subsidy recipients along with the sums they received.  The CJEU ruled that although transparency is essential, disclosing precise payment amounts disrupted personal life and required proportionality.

Similar to this, the CJEU examined Austrian law requiring public servants’ salary to be disclosed in Rechnungshof v. Österreichischer Rundfunk and Others[10].  The Court said that even if the goal of salary disclosure was to avoid excessive compensation, national courts nevertheless have to make sure the measure was appropriate and required and take into account less invasive options.

However, in Client Earth and PAN Europe v. EFSA[11], the CJEU reversed a ruling that limited access to European Food and Safety Authority information.  In this case, the Court stressed that excessive secrecy could not be justified by privacy concerns and that identifying specialists was necessary to ensure impartiality in scientific evaluations.

When combined, these rulings demonstrate that transparency and privacy are not mutually exclusive.  Rather, the EU adopts a case-by-case balancing approach in which neither right can take precedence over the other.  This strategy guarantees the simultaneous protection of individual dignity and democratic responsibility.[12]

The conflict between privacy and transparency is fundamental to India’s democratic well-being and goes beyond simple legal issues. When people can see what the government does, hold it accountable, and participate actively, a democracy flourishes.

Much of what citizens have depended on under RTI may disappear behind legal shields if privacy exemptions are overapplied, as opponents say occurs with the DPDP Act’s increase of “personal information” exclusions. As a result, responsibility becomes symbolic rather than substantive: public officials may feel less bound by citizen monitoring, and choices, internal discussions, or trends may be concealed under the pretense of privacy.

Repercussions for Citizens

  • The enlarged definition of “personal information” now allows for the rejection of routine RTI requests for things like beneficiary records, pension lists, and recruiting statistics.
  • The need that citizens demonstrate “larger public interest” even in routine matters weakens the constitutional obligation of maximal transparency.
  • Instead of risking legal repercussions, public information officers are more likely to turn down requests out of fear of harsh fines (upto Rs. 250 crore) under the DPDP Act.
  • Since information about fake personnel, fictitious beneficiaries, or procurement frauds may be hidden, corruption may find a shield from public scrutiny.
  • When citizens are denied access to official records, they lose their capacity to act as effective grassroots watchdogs, which erodes daily accountability.
  • With refusal rates perhaps reaching 90%, even simple papers like signed official orders, pension rolls, or revised marksheets run the danger of being withheld.
  • The RTI Act’s Section 8(2) permits disclosure in the “larger public interest,” but in reality, fewer than 1% of these cases are successful, making it an inadequate protection for transparency.[13]

Way Forward

  • To maintain equality and guarantee accountability in government, citizens should have the same access to information as members of parliament.
  • Using the proportionality principle established by the Supreme Court, the definition of “personal information” must be restricted to include only truly sensitive material, such as medical records or family information.
  • With increased financing and stringent deadlines for handling appeals and complaints, positions in the Central and State Information Commissions should be filled as soon as possible.
  • To lessen reliance on individual RTI requests, the government could proactively provide necessary information, such as spending reports, tender details, and recipient names.
  • Decision-making should be guided by the proportionality test from Justice K.S. Puttaswamy v. Union of India so that openness and privacy are not viewed as mutually exclusive rights but rather as complementary.
  • Clarification of RTI Act exemptions is necessary to prevent the exploitation of “personal information” for capricious denials and to ensure a more uniform application of the “larger public interest” provision.
  • Campaigns for public awareness should be started, particularly in rural regions, to promote the active use of RTI and bolster democratic openness.
  • To cut backlogs and guarantee RTI applicants have faster access to justice, commissioners must be appointed on time, and case management systems must be improved.
  • To overcome bureaucratic opposition, Public Information Officers must get mandatory training, and unjustified rejections must be punished severely.
  • The complete implementation of the Whistleblower Protection Act is necessary to protect activists who utilize RTI to reveal wrongdoing and corruption.
  • To restore the RTI Act’s original spirit, amendments must be made that strengthen the public interest protection, define the scope of personal information, and harmonize it with the DPDP Act.
  • To protect the RTI framework and make sure it isn’t undermined or replaced with a weaker system, the public, civil society, and media must actively interact with political parties.

Conclusion

India’s democratic future is centered on the privacy and transparency issue. By extending exclusions under the RTI framework, the DPDP Act has sharpened this tension and raised concerns about how much information should continue to be available to the public. In the digital era, maintaining transparency is just as important as protecting personal data in order to avoid secrecy and uphold responsibility.

All things considered, this is a democratic duty as well as a legal one.  It is essential to make sure that privacy does not turn into a cloak for opacity as we negotiate the difficulties of digital governance. When individuals are educated and their personal information is safeguarded, a democracy flourishes in the digital era.

Reference(S):

[1] State of Uttar Pradesh v. Raj Narain, (1975) 4 SCC 428 (per Mathew, J.) (India).

[2] S.P. Gupta v. Union of India, (1981) Supp SCC 87, 214 (per Bhagwati, J.) (India).

[3] Sahil Jindal, The Right To Information Act, 2005: A Critical Analysis, 12 IJCRT 54, 56 (2024).

[4] Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1 (per Chandrachud, J.) (India).

[5] Pooja Mahla, THE LEGAL FRAMEWORK FOR DATA PROTECTION IN INDIA: A CRITICAL ANALYSIS OF THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023, 11 IJMR 853, 854 (2025).

[6] Ishwar Ahuja & Sakina Kapadia, Digital Personal Data Protection Act, 2023 – A Brief Analysis, Bar & Bench (Sept. 21, 2025, 3 PM), https://www.barandbench.com.

[7] Rakesh Roy, Can the DPDP Act weaken RTI? Harmonizing privacy protection with the need for transparency, ETGovernment (Sept. 22, 2025, 4:30 PM), https://government.economictimes.indiatimes.com.

[8] Google Spain SL v. Agencia Española de Protección de Datos (AEPD) & González, Case C-131/12, EU:C:2014:317 (2014) (per Costa, J.) (EU).

[9] Volker und Markus Schecke GbR and Hartmut Eifert v. Land Hessen, Joined Cases C-92/09 & C-93/09, [2010] E.C.R. I-11063 (2010) (EU).

[10] Rechnungshof v. Österreichischer Rundfunk and Others, Joined Cases C-465/00, C-138/01 & C-139/01, [2003] E.C.R. I-4989 (2003) (EU).

[11] ClientEarth and Pesticide Action Network Europe (PAN Europe) v. European Food Safety Authority (EFSA), Case C-615/13 P, EU:C:2015:489 (2015) (EU).

[12] S.RAMYA & B.JOTHILAKSHMI, UNVEILING PRIVACY THROUGH RTI: ANALYZING AN EXEMPTION, 11 IJCTR 79, 80-81 (2023).

[13] Wasim, DPDP Act vs RTI Act, Forum IAS (Sept. 24, 2025, 5:10 PM), https://forumias.com/blog.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top