There is a certain unreality in reviewing Rahul Matthan’s Privacy 3.0: Unlocking Our Data-Driven Future . I read the Kindle version of the book, downloaded over a coffee shop’s Wi-Fi, aware that my every movement was being tracked via CCTV cameras, online trackers, in-app monitors and touchscreen sensors. Had I bought a print version of the book, I might have been asked for my cellphone number at the billing desk, while cameras captured my image from behind the cashier. Reading a book on privacy is not a private act, at least not anymore. It is tracked, recorded, stored, retrieved, and used by people and technologies I may never meet in person.

Privacy 3.0 has been published at a moment when debates on digital technologies in our lives are occurring simultaneously in different parts of the world. Matthan raises the quality of discussion by focusing sharply on a present moment — when a non-Western country, India, is being forced to engage openly with ideas of privacy in its courtrooms and government offices. Privacy 3.0 allowed me to isolate one concept — privacy — from many others which have become inter-twined in technology debates (such as information security or transparency) and examine its relationship with law and society. Furthermore, the book’s focus on India at a time of Aadhaar keeps it fresh, contemporary and relevant. It’s a microcosmic study of an intersection between an idea, a place and a moment in history.

Matthan’s book is divided into three broad sections, reflecting what he believes are three critical phases in the evolution of privacy as an idea. He calls these phases Privacy 1.0, 2.0 and 3.0. He argues that Privacy 1.0 saw the emergence of personal spaces and private thoughts as important ideas; 2.0 was when technologies such as the printing press began invading these spaces and thoughts, leading to laws on privacy and consent; while 3.0 has seen digitisation turning consent-based privacy redundant, creating a need for a new approach to privacy.

Privacy 3.0 is heavy on law and jurisprudence, reflecting its author’s background. Matthan’s strength is in the second section of book, while tracing the evolution of legal debates on privacy. He does a great job explaining how jurisprudence around privacy in the United Kingdom and United States directly influenced law-making in India. Matthan is even stronger later in the book, where he discusses the current moment of digitisation and its associated problems, most powerfully represented by Aadhaar. He recounts his personal experiences of being drafted by the Government of India to help frame a privacy law considering Aadhaar. He takes a very nuanced, balanced view of both the situation and the debates he encounters. He points out how a desire to display transparency pushes government agencies to overreach themselves and compromise individual privacy. At the same time, Matthan emphasises the need for both privacy laws and institutional frameworks to deal with such situations better.

The book’s most useful contribution to Indian privacy debates is probably Matthan’s insider perspective of government frameworks. Contrary to some popular beliefs that there are few privacy debates within government, Matthan’s account shows how complex and nuanced such debates were, accommodating multiple interests and turf battles while navigating privacy concerns. At the same time, his account illustrates that keeping these debates restricted within tight circles probably deprived officials of other useful perspectives, which could have helped them avoid many pitfalls. The book’s third section reinforces this. Here, Matthan covers the Justice K.S. Puttaswamy vs Union of India case where a nine-judge bench ruled that Indians have a fundamental right to privacy. The case was a direct outcome of another ongoing case on Aadhaar, where the Attorney General of India argued against such a fundamental right. Matthan covers both the case as well as the public activism leading up to it, highlighting differences in opinion inside and outside administrative circles.


Privacy 3.0:Unlocking OurData-Driven FutureRahul MatthanHarperCollins IndiaNon-fiction₹599



The book’s weakest part is the first section. Here, Matthan outlines the emergence of privacy as an idea within human civilisation. While exhibiting no deep flaw, there is a confident tone employed in a linear narrative that simplifies much debate about early human beings and their social structures. For example, Matthan states that “privacy is alien to nature” and evolved only with human innovations such as walls. Such claims about what is natural need to be treated with more care, especially when they can be weaponised against vulnerable sections of society.

Barring this, Privacy 3.0 is an excellent read for people looking to understand the current moment in India, when privacy is at the heart of key legal debates in the country. Private corporations and government agencies are both being forced to reckon with the complex implications of balancing privacy with efficiency and transparency. This is happening at a time when internationally, corporations like Facebook are increasingly being criticised for their privacy-weak frameworks. Privacy 3.0 couldn’t have been better timed.

Amogh Arakali is an occasional blogger who enthusiastically follows developments in information security and data privacy