The DNA Technology (Use And Application) Regulation Bill, 2019 (DNA Bill) has caused an uproar on the issue of privacy very recently, however, the Bill has been in the making for the past three years. The original Bill was submitted to the Law Commission in September 2016 by the Department of Biotechnology under the Ministry of Science and Technology. The Law Commission after reviewing the draft Bill proposed some changes in its report published in July 2017. The present Bill is practically the same as what the Law Commission proposed in its 2017 report.
Law Commission Recommendations
The original draft Bill was titled: The Use and Regulation of DNA-based Technology in Civil and Criminal Proceedings, Identification of Missing Persons and Human Remains Bill, 2016. The contents of the Bill were publicly criticised based on concerns of privacy. However, the Law Commission report on the matter has not adequately addressed these concerns.
The Law Commission’s recommendations were primarily to constitute a DNA (profiling board as a statutory body to oversee DNA laboratories and a DNA database. The crux of what the Bill is intended to achieve is that by maintaining a DNA database, unidentified dead bodies, victims of natural calamities and criminals can be relatively accurately identified, since there is a 0.01% error rate in terms of DNA technology. However, simply by introducing provisions creating a statutory body, the existing loopholes and infirmities have not been adequately addressed.
The DNA Bill
The primary issue with the present DNA Bill is consent. According to the threefold test laid down in Justice K. S. Puttaswamy (Retd.) and Anr. vs Union Of India And Ors. regarding privacy:
- There must be a law.
- The law must serve a public purpose.
- The public purpose must be proportional to the infringement of an individual’s privacy.
Also read: Human DNA Profiling Bill: Invasion of Privacy at a Grand Scale
The other aspect of the decision on privacy concerned consent. Justice DY Chandrachud stressed the importance of ‘informed consent’. As per the existing law, consent was expected to be free from inducement and coercion. In the Puttaswamy case, consent took on a new dimension, i.e. that it must be informed, meaning that if all the facts were not known to the person, the consent obtained would be tainted.
Another point on which the present Bill fails the Puttaswamy test is in the case of civil matters where DNA profiling might become necessary, such as a paternity suit. In this case, retaining the DNA profile of the concerned parties does not serve a public purpose.
As per sections 21 and 22 of the Bill, consent is required for obtaining DNA samples in all cases except for specified offences. The explanation makes it clear that specified offences are those where the sentence is for seven years or more or death. If consent cannot be obtained -- in a criminal matter -- then the sample may be collected on the Order of a Magistrate. The issue here is that it is well known that the police are adept at influencing people within their custody -- whether by force or inducement -- hence, though section 25 of the Indian Evidence Act, 1872, lays down that a confession to the Investigating Officer is not admissible in court, the police could potentially encourage self incrimination through DNA testing.
A big privacy issue arises over the proposed DNA Data Banks. These are envisioned to be created and maintained at both the regional as well as central levels. These Data Banks will maintain six indices: the crime scene index, the offenders' index, the suspects' index, the undertrials' index, the missing persons' index and the unknown deceased persons' index. Apart from the DNA data entered in the offenders’ index, all the other information can be removed from the repository. In the case of a suspect, upon the police report being filed or upon the Order of a Court. In the case of an undertrial, on the Order of a Court. For those whose DNA has been entered in the concerned repositories and are not accused of any offence, the DNA profile can be removed upon an application to the Director of the National DNA Bank. However, the DNA profile of a convict or an offender is not covered by the proposed section. This raises two questions regarding the stage at which the concerned person’s DNA sample will be collected and whether consent is required. Another issue concerns the broader philosophy of the criminal justice system in which once a convict has served their sentence, they should no longer have to face punishment.
One shortcoming of the Bill that has been pointed out on PRS India is that two other countries that have laws regarding DNA Data Banks, South Africa and Ireland, have specific provisions prohibiting the retention of data concerning medical history and physical characteristics. The present Bill does not contain a specific provision for the same.
Also read: A Law on Data Privacy Should Also Place Restrictions on its Exceptions
The primary reason for which the Bill was first conceived was to identify dead bodies. However, in its present form, the Bill goes beyond the scope of merely identifying unclaimed cadavers. On one hand, the positive aspect is that the Bill is a proposal to regulate DNA testing and the retention of DNA records. On the other hand, the creation of DNA Data Banks has major privacy implications. If one were to consider that there are provisions for the removal of DNA records, it would appear that persons whose DNA is in the concerned repositories have a degree of control over their privacy. However, this is not extended to persons who have been convicted. Even if for argument’s sake, the reasoning is so that an offender can be identified if they commit an offence after being released, introducing a time-bound deletion of the data retained can prove just as effective.