The Pandemic-induced lockdowns and social distancing norms has forced the educational institutions in the country to close down their premises leading to a drastic shift and reliance on online methods of teaching and learning. It has enabled the rise and popularity of online proctoring service providers hired by the educational institutions for conducting their large-scale entrance and internal examinations. However, the dearth of a strong data privacy legislation in India has left the sensitive and personal data of thousands of students in the hands of these third-party service providers. Popular service providers like Meritrrac, Mettl, Wheebox etc., collect information like name, address, caste certificate, PAN & Aadhaar, Photographs, video, biometric, IP address, location, of the candidates. The collection and storage of sensitive data poses a serious threat to the privacy of the students. In this paper, the authors argue that conducting of online proctored examination through hired third-party service providers is violative of Right to Privacy of students under Article 21 of the Constitution of India. In the case of Dr. Janet Jeyapaul v. SRM University & Others, the honourable Supreme Court held that imparting higher education to students at large constitutes a ‘public function’ and therefore it binds the Universities and educational institutions under Article 12 of the Constitution. Consequently, being the procurer of the agency, the liability would fall on the educational institutions. The authors further argue that conducting of online proctoring examination is also violative of Article 14 of the constitution as it leaves out a number of candidates from appearing in the exams due to the ever-existing and widening digital and socio-economic divide. It impacts the most marginalised groups of people, thereby, trapping them in the vicious cycle of poverty. The authors would conclude the paper with suggestions for alternative methods of conducting examinations which is equitable in nature and would take India closer to the Sustainable Development Goals of Quality Education and Gender Equality. 


The outbreak of COVID- 19 pandemic had a tremendous impact on the educational landscape of universities, schools and educational institutions all around the globe. According to UNESCO, the Pandemic- induced safety measures like lockdowns, closure of schools, universities and transport systems, social-distancing measures etc. has affected 1.3 billion students globally.   In India, more than 320 million learners have been affected.  To cope up with the menace of ‘educational emergency’ many educational institutions have resorted to online and blended learning methods thereby, making the optimum use of digital tools and platforms.  While conducting of online classes have been extremely helpful for the growth of students during this testing time, the process of conducting online proctored examinations has faced heavy backlashes. The rise of online proctored examinations service providers like Meritrrac, Mettl, Wheebox etc. which have been collecting and storing sensitive data of thousands of students without being circumvented by any law of the country and functioning only on the basis of their ‘goodwill’ and ‘promise’ leaves a lot of loopholes and grey areas in the legal system. This paper has been divided in three parts. The first part will deal with the collection and storage of data by private third-party service providers, without an adequate data privacy law in India, constituting a violation of Right to Privacy of students under Article 21 of the Constitution. The second part would deal with conducting of at home online entrance examinations being violative of Right to Equality under Article 14 of the constitution. The third part would provide suggestions for alternative methods of conducting online examinations which are more equitable in nature.


Online proctoring is conducted either with the help of Artificial Intelligence (AI) or a combination of AI and human proctors. The former is resorted to in conducting large-scale examinations and the latter is used in small-scale examinations. The proctoring services are availed from third party service providers (hereinafter, service providers) by educational institutions. The terms and conditions of such hiring is kept confidential from the students. A close examination of privacy policy of major service providers like Merittrac, Mettl, Wheebox, ProtorU, Examity indicates that the personal data of thousands of students lie in the hands of these companies which takes no accountability for any breach. Most of the service providers are given access to personal information of students like name, location, contact details, IP address, caste certificate, Aadhar/PAN Card details, photo, biometric data like combination of video & audio surveillance, personal space scans, facial recognition and remote system access.   Many of these data are considered to be sensitive in nature and therefore, requires a free and voluntary consent from the person as per the Draft Personal Data Privacy Bill, 2019.  However, the consent of the students while taking the test is far from free. Neither, they are provided access to the terms and conditions of the agreement between the university and the service-provider. Nor, they are given much choice in the matter.  The students are forced to choose between their career aspirations, which runs under the shadow of uncertainty, and compromising their personal data. In a country like India, where unemployment rates are higher than the availability of jobs, the students are left with the latter option. Such a consent in no law would be considered to be informed and free.   

 Many service providers taking the advantage of lack of a comprehensive data privacy law in the country keep their privacy policies quite ‘vague’ allowing them the legal grey area for sharing and storing the collected data according to their whims and fancies. Some explicitly preclude themselves from accountability by providing no warranty with respect to security of data, reliability of services or keeping the data or computer systems, devices or networks, free from viruses or other harmful components.  Some even acknowledge that the data so collected would be shared by them to the third-parties if their company is involved in any kind of mergers, acquisitions, sale of business or asset.  In any case, the liability is shifted on the hirer of the services i.e., the educational institutions or the students taking the test.


It is submitted that the service-providers enjoy the immunity provided to intermediaries under Section 79 of Information Technology Act. Section 2(1)(w) of IT Act, 2000, defines ‘intermediary’ as any person any person who on behalf of another person receives stores or transmits record or provides any service with respect to that record. It includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes under its ambit. Consequently, the service-providers of online proctored exams are also included under the definition of intermediary. Section 79 of IT Act , exempts the liability of intermediaries for any third-party information, data or communication, wherein, they acted merely as a facilitator and did not play any part in the creation or modification of data. However, this immunity or safe harbour protection, is contingent upon the compliance of ‘due diligence’ by the intermediary, in accordance with Information Technology (Intermediaries Guidelines) Rules, 2011.  It is contended that the immunity of service-providers outweighs the accountability placed on it through the ‘due diligence’ requirements. Another problematic issue is the tendency of the service-providers to shift their accountability to the educational institutions and the students for any contraventions or errors. The only remedy available to victims is discontinuing the use of their services.


With the shifting of a large part of people’s life online, the incidents of cybercrime have increased tremendously.  According to the report of Microsoft Security Intelligence, the highest incidents of malware encounters have been witnessed by education industry.  With the increased use of online platforms for teaching and learning, new types of cybercrimes like ‘zoombombing’ have impacted online classrooms. The presence of critical personal data of students online, collected by the service-providers, has opened a floodgate for the commission of cybercrimes.  Online proctoring has faced serious backlashes globally because of such security breaches. 


In the case of Justice K.S.Puttaswamy v. Union of India , the honourable Supreme Court by a bench of nine judges, held that the Right to Privacy is protected as fundamental right and is an intrinsic part of the Right to Life and Personal Liberty under Article 21 of the constitution.   The court further held that –

“Privacy is the constitutional core of human dignity. Privacy has both a normative and descriptive function. At a normative level privacy sub serves those eternal values upon which the guarantees of life, liberty and freedom are founded. At a descriptive level, privacy postulates a bundle of entitlements and interests which lie at the foundation of ordered liberty”

The court also held that privacy includes preservation of personal intimacies, sanctity of family, marriage, procreation, the home and sexual orientation and it also includes right to be forgotten and to be left alone. The right to privacy protects individual autonomy and personal choices ranging from intimate & private to public arenas.

It is contended that the collection, storage and transmission of sensitive personal data of students, including scanning of their personal spaces like bedroom, home, dorm rooms, hostels etc. constitutes an invasion of right to privacy.  The fact which makes the matter worse is that it is being done without the voluntary and free consent of students. The youth of today will be the future of tomorrow and for the sake of ‘evaluation’ and ‘avoidance of cheating’, the temple of learning is compromising the future of the country. It is also eroding the trust of students on their own universities and educational institutions.  It is an accepted fact that data has become the new oil and the entity which has access to sensitive personal data would be in control of the lives of millions of populations. Data is capable of starting future wars and therefore, it needs to be safeguarded for a peaceful future.


Under the existing system of higher education in India, Universities are broadly classified into four types – Central University, State University, Deemed University and Private Universities.  It is submitted that Central universities and State Universities are considered to be “other authority” under Article 12 of the constitution because they come into existence through the Acts of Parliament and State Legislature, receive the government’s funding, dispose public function and there is an existence of State control.   Therefore, they can be made liable for the violation of fundamental right to privacy of students. The question regarding Deemed University being considered as an authority under Article 12 was settled in the case of Dr. Janet Jeyapaul v. SRM University. In the given case, the Supreme Court held that a university is declared to be a ‘deemed university’ under section 3 of UGC Act by the Central Government and therefore, all the provisions of UGC Act were made applicable to it including all functions and activities just like other public universities, it was “other authority” within the meaning of Article 12 of the constitution and thereby, amenable to writ jurisdiction.

In the above-mentioned case, the honourable Supreme Court, also indicated that even Private Universities could be considered to be ‘other authority’ under Article 12 of the Constitution, because they impart education in higher studies to students at large which constitutes ‘public function’.  Also, even the Private Universities have to follow the guidelines UGC and other directions of professional bodies like Bar Council of India. It is therefore contended that even Private Universities could be interpreted within the ambit of Article 12 of the Constitution of India.   

It is argued that the universities hire the services of the online proctoring service providers, therefore, borrowing the vicarious liability principle, where the service-providers are deemed to be the agents of the universities, the universities should be made liable for the invasion of right to privacy of students.


The new concept of equality propounded by the Supreme Court in the case of E.P.Royappa v. State of Tamil Nadu , recognised equality as a dynamic concept with various aspects and dimensions, which cannot be ‘cribbed, cabined and confined’ within the traditional and doctrinaire limits. Equality has been held to be an antithesis to arbitraniness. When an act is arbitrary, it is considered to be implicitly unequal and contrary to the political logic and constitutional law and therefore, violative of Article 14 of the Constitution of India.  In Maneka Gandhi v. Union of India, the new dimension of equality was crystallized. It was held that Article 14 strikes at arbitrariness in State action and ensures fairness and equality of treatment. The honourable court further held that the ‘principle of reasonableness’ is an essential element of ‘equality or non-arbitrariness’ and it ‘pervades article 14 like a brooding omnipresence’.  The same was reiterated in the case of R.D.Shetty v. Airport Authority .

According to a government survey in 2019, only 24 percent households in India, have access to internet and in rural India, only 4 percent have internet access.  According to a NITI Aayog report in the year 2018, almost 55,000 villages in India did not have mobile network coverage.  Despite being the second largest pool of internet users, nearly half of the population lacks internet access and out of those who have access to the same, only 20% Indians know how to use digital services.  These figures only represent a partial truth. The digital divide in India is amplified by the existence of socio-economic disparities like gender, caste, class and religion.  The existence of staunch patriarchal structures within most of the households, ensures that women are the worst sufferers. It is also difficult to imagine that every household provides a conducive environment and separate rooms for students to continue their studies and write their examinations. It is contended that the Universities of a country which is suffering from the ‘Great Digital Divide’ cannot completely resort to online mode of conducting examinations. The large-scale take -at- home online proctored entrance examinations leave out a large majority of students from entering the universities of their dreams. For many, getting a higher education is the ultimate escape from the vicious cycle of poverty and other social entrapments. 

Also, online proctored examinations ignore the problems of differently abled students who need extra assistance while writing the exams in physical form.

It is therefore argued that conducting of online proctored entrance examinations which dissuades a number of students from seeking higher education, is arbitrary in nature and therefore, violative of Article 14 of the constitution of India.


India is a country of diversity and extreme heterogeneity. A method which works for countries which are smaller, richer or more homogenous in structure might not work well for the Indian scenario. It is therefore, imperative that we look for alternatives which do not compromise the privacy of students and surpasses the digital divide, thereby, providing safe, fair and equal opportunities for all.

One such method is conducting of ‘Open Book’ exams. The concept of conducting an open-book exam is not completely new in India. The former pattern of All India Bar Examinations which was conducted at a large-scale used to adopt an open-book examination system. This method tests students on their conceptual clarity and aptitude rather than on rote learning, something which the new National Educational Policy, 2019, aims to achieve. An open-book exam can work well for assessing students during internal examinations (semester exams). It can also work well for large-scale specialised entrance exams. A 24-hour open-book exam is a popular variant of the above-mentioned method which is being used by various universities around the globe.

Another method which can be resorted to in place of entrance exams is the culture of formative assessment, wherein the performance of students is assessed on the basis of their overall academic and co-curricular activities record coupled with their Statement of Purposes. This would also allow the students to introspect and realise their interest areas. Such a system would also be in consonance with the new NEP ideals.

The culture of research in the country can be enhanced by resorting to assessment methods like writing essays, term papers, capstone assignments, projects, articles through various ways like using words, pictures and a lot of other creative methods. Some of the top Universities of the world have adopted these methods of assessment.

Some Universities are resorting to take-home exams, wherein the question papers are framed on the basis of application of concepts to solve hypothetical problems. The students are expected to come out with unique solutions. They are provided with a deadline and after solving the question papers, the students send their answer sheets using registered post. This method is specifically good for places which have low internet connectivity and unavailability of continuous electricity. 

A good example of the flexible method of evaluation could be the method adopted by IIT Goa, wherein the students were asked to frame their own questions as per their understanding and then answer them accordingly.   

Incorporating these methods in our overall system of evaluation would not only permeate the digital divide but would also allow creativity to blossom and would take us closer to the Sustainable Development Goal of quality education and gender equity. It would also take off pressure from the students and would shift the focus away from ‘cheating’ and more on creativity. The future researches should focus on finding more creative ways of evaluation taking the help from our own past and cross-cultural references.

[1] Student of School of Law, Christ Bengaluru

[2] Associate Professor, School of Law, Christ Bengaluru