THE CASE BRIEF OF
PETITIONER- BALU GOPALKRISHNAN
RESPONDENTS- 1. STATE OF KERALA
2. UNION OF INDIA
3. SPRINKLR INC
CASE REFERRED
- JUSTICE K. S. PUTTASWAMY (RETD) AND ANOTHER VS. UNION OF INDIA
- SWAMI RAMDEV VS JUGGERNAUT BOOKS PVT LTD & ORS ON 29 SEPTEMBER, 2018
- ANURADHA BHASIN VS UNION OF INDIA ON 10 JANUARY, 2020
- T. K. SARAVANAN VS THE STATE OF TAMIL NADU ON 5 SEPTEMBER, 2019
- SHAYARA BANO VS UNION OF INDIA & ORS. (2017) 9 SCC 1
STATUES REFERRED
- CONSTITUTION OF INDIA.
- INFORMATION TECHNOLOGY ACT,2000.
FACTS
It is basically, a case of contract penned between Government of Kerala and Sprinklr Inc, a software company of USA. The Contract states that, Sprinklr Inc, is supposed to designed an online digital manifesto or software with the intent to scrutinize the data of those person who are primarily rife with the COVID-19 particularly in the state of Kerala.
The Sprinklr Inc, will render its service gratuitously for six months. To collect the Sensitive Medical Data, a mobile application was employed and the same was designed by the Sprinklr Inc itself. After collecting the data, the government servants were supposed to upload the same on a web server, which was also designed by the Sprinklr Inc.
Thus, a writ petition under Article 226 of the Indian constitution challenging the action of the State of Kerala with respect to the method of collecting the sensitive medical data pertaining to covid1-19 patients was filed.
ISSUE
Whether the precautions pertaining to susceptible as well as positive found patients of covid-19 are suffice ?
CONTENTIONS OF THE PARTIES
Petitioner
- The petitioner contended that the standard form of the contract restraint the government of Kerala to file a suit against the Sprinklr Inc if the circumstances like breach of personal data appear. Because the standard form of contract gives the exclusive jurisdiction to the courts in New York, USA. Consequently, it would be impossible on the part of the citizens to profess the panacea with respect to the breach of their personal data.
- The Standard from of the Contract caused the grave miscarriage of Article 299 of the Indian constitution.
- The petitioner also contended that the standard form of the contract hardly aims at shielding the sensitive medical data.
Respondents
- The state of Kerala contended that this unprecedented global pandemic as well as the scaling of the covid-19 cases facilitate to track as well as trace the citizens with the intent to collect sensitive medical data.
- The entities of the government were not in a position to monitor the capacious data, Therefore, it had become necessary on the part of the state to penned the standard from of the contract, grants exclusive jurisdiction to the courts of New York, United State of America, with the Sprinklr because they have had the requisite capacity to imbibe the medical data pertaining to covid-19.
- The state of Kerala submitted that while penning the standard from of the contract with the Sprinklr, the confidentiality of the Medical data pertaining to susceptible as well as positive found patients of covid-19 was ensured and the state has taken each and every possible precaution to shield the sensitive medical data.
- The state of Kerala has said the personal medical data of the citizens is preserving in India at present so if any breach arises the remedial action could be taken for the same in India.
- The State of Kerala has said with respect to the terms of the contract particularly, the courts of New York can have the jurisdiction.
- The State of Kerala has said the technical as well as shielding aspect which was employed with respect to Amazon Cloud service have had ensured that in the past there could not have been any miscarriage of personal data.
- The Union of India has said at the time of the executing of the contract, there is a duty arises on the part of the state that in case of breach of personal data the citizens ought to have the legal platform so that they could profess the remedy in such cases.
- The Union of India demurred with respect to the State for approaching the Sprinklr to imbibe the personal Data. Because the sensitive medical data could also have been collected by National Informatics Centre.
- The Union of India said the Standard from of Contract did not ensure the safety of the sensitive medical data.
- The Union of India has also said the state should take into confidence the anonymization of the personal data before giving accessibility to the third party (Sprinklr Inc) and after completion the state must immediately ousted the data.
JUDGEMENT
The constitutional bench of Kerala High court consisting of Devan Ramachandran Justice and T.R Ravi Justice passed an interim order after taking into consideration the contentions of both the parties. The bench has said there should not be any issue regarding ‘Data Epidemic’ after the eradication of this global issue i.e. covid-19.
The court has also said the non-disclosure of the personal data implies that data should be protected from unauthorized, unintentional as well as unlawful hands. The Kerala high court has further submitted that the court is heedful while providing the interim order so that the attempt of the Kerala Government with respect to public health emergency could not go in vain. Thus, the court has passed the order with respect to confidentiality of sensitive medical data.
The Kerala high court submitted that the terms as well as conditions of the standard form of the contract are not in a position to shield the personal data of the individuals. Therefore, the court has passed the interim order with respect to the protection of Data.
- It is a duty of the State of Kerala to anonymize the personal data of the individuals both past and future pertaining to covid-19. And only after the anonymization of the Data the Sprinklr would be given accessibility to the personal data regarding health.
- Whenever the personal data will be collected in the future, it must be based on the consent of the Individuals that is to say each and every individual must be informed that their personal data will be given to the third party name Sprinklr Inc.
- The Kerala High court has also restrained the Sprinklr Inc from giving effect to any act with respect to the confidentiality of the medical data.
- The court has said after scrutinizing the personal data with respect to the contract, the Sprinklr will revert all the personal data to the government of Kerala.
- The court instructed the Sprinklr to return the secondary as well as residual data to the state of Kerala in the light of peremptory because the Kerala high court was bring across to the fact that no data is in the custody of the Sprinklr.
- The Kerala High court has also restrained the Sprinklr Inc to advertise that the personal data pertaining to the patients of Covid-19 is in the hands of Sprinklr Inc. and also the Sprinklr Inc is barred to utilize the logo of the government of Kerala.
RULE OF LAW
The precautions in the light of the sensitive medical data pertaining to susceptible as well as positive found patients of covid-19 are not suffice. Consequently, Article 21, Article 14 and Article 299 of the Indian constitution as well as section 43 A of the Information Technology Act, 2000 have had received jolt. Before giving accessibility to personal data, the consent should be taken into the consideration.
COMMENT
After scrutinizing the facts as well as issue in great detail of this case, it could said that the terms as well as the conditions of the standard form of the contract are not reasonable because it has caused the grave miscarriage of the various provision of the Indian constitution namely Article 21, Article 14 and Article 299 as well as section 43A of Information Technology Act, 2000.
Judicially, in Justice K.S. Puttaswamy vs. Union of India[1], it was said that the basic purpose of the Rule of Law is to eradicate the arbitrariness on the part of the state completely and Rule of Law holds equality before Law aims at shielding the people from the arbitrary action of the State. And in the present case we could see that state is inclined towards the arbitrariness because the state has given accessibility to personal data to the third party that is to say Sprinklr Inc without taking into consideration privacy as well as consent of the individuals.
Thus, it also hampered the section 43A of the Information Technology Act, 2000. And also, the state of Kerala has had not made the contract under the presence of either Governor or President. And if the contract is not formed in such a way then the same will not amount to a government contract under the Article 299 of the Indian Constitution.
CONCLUSION
After analyzing the case, we could deduce that the government of Kerala had penned this standard form of the contract with the Sprinklr Inc for the purpose of welfare of the people, main motive behind the contract. As we know that the whole world is blanketed in the darkness of covid-19.
This unprecedented virus has created a situation of Halt with respect to the lives of the people. Even the Kerala high court has issued the interim order after taking into consideration the attempt of the Kerala government with respect to public health emergency.
It is pertinent to note that before signing the contract with the Sprinklr, the government of Kerala should have to considered the consent as well as the privacy of the individuals. Because we cannot put sensitive medical data at peril of being misuse.
- Writ petition (civil) No 494 of 2012 judgement dated on 24 August, 2017. ↑