Kerala HC: Government Bulk Messaging on Service Benefits Not a Privacy Breach

In a significant ruling regarding the modern intersection of digital governance and personal data, the High Court of Kerala has dismissed a writ petition challenging the state government's decision to send bulk WhatsApp messages to its employees regarding Dearness Allowance (DA) and House Building Advance (HBA) enhancements.

The case, Rasheed Ahammed v. The State of Kerala , centered on whether the use of government-held data to facilitate direct communication from the Chief Minister's Office constituted an intrusion into the right to privacy under Article 21 of the Constitution.

The Digital Dispute: A Question of Consent

The controversy arose in February 2026, when government employees—and even members of the judiciary—received personalized WhatsApp messages from an account bearing the sender ID "Chief Minister's Office." The messages, addressed to recipients by name, contained the photograph of the Chief Minister and announced critical service updates, such as the enhancement of DA and the reinstatement of HBA schemes.

The petitioner contended that this was a form of unauthorized data mining, alleging that data provided by employees for salary purposes had been repurposed without consent for what was characterized as a "political campaign" on the eve of elections.

Arguments from Both Sides

The petitioner’s counsel, Sri. George Poonthottam, argued that the state failed the "three-fold requirement" for privacy intrusion established by the Supreme Court in the Justice K.S. Puttaswamy case. They argued that the KSITM—the state’s IT arm—lacked the legal mandate to use personal mobile numbers for such bulk messaging, effectively turning personal data into a political tool.

Conversely, the Advocate General, representing the State, argued that the messages were purely administrative. They asserted that no data was ever transferred to the Chief Minister’s office; instead, the messages were routed through the Kerala State Information Technology Mission (KSITM), which manages the ‘SPARK’ platform (a human resource management system for government employees). They maintained this was a legitimate exercise of e-governance designed to enhance communication.

The Court’s Reasoning: Navigating the Thin Line

Justice Bechu Kurian Thomas, while affirming the sanctity of the right to privacy, emphasized that this right is not absolute. Referencing the Puttaswamy judgment, the Court acknowledged that in a social welfare state, data utilization must be for "legitimate purposes."

The Court clarified that: 1. No Data Misuse: There was no evidence that private data had been compromised or transferred to an unauthorized party. The messaging infrastructure was operated by the government via KSITM. 2. Legitimate Governance: The content of the messages related entirely to employment benefits (DA and HBA), which falls squarely within the scope of state functioning. 3. The Role of the CM’s Office: While the Court noted that communications should ideally be issued under a unified "Government of Kerala" identity to avoid confusion, it found no evidence of illegal data usage in this specific instance.

Key Observations

The High Court’s ruling highlighted the delicate balance required in the digital age:

• On Privacy: “The right to privacy has been recognised as an intrinsic part of the right to life and liberty under Article 21 of the Constitution of India... the consequence of such a judicial recognition is the legal imprimatur that without a proper procedure established by law, the said right cannot be intruded upon by any person, including the State or its instrumentalities.”
• On Data Usage: “Data mining with the object of ensuring that resources are properly deployed to legitimate beneficiaries is a valid ground for the State to insist on the collection of authentic data. But, the data which the State has collected has to be utilised for legitimate purposes of the State.”
• On Administrative Communication: “The message that has been sent to the employees of the State as well as to persons whose data is kept in SPARK portal, relates to DA and HBA, which are not extrinsic to the services for which their names have been enrolled.”

Final Decision

The Court dismissed the writ petition, concluding that there was no "merit" in the allegations of privacy violation. By ruling that official notifications regarding service benefits qualify as "good governance," the Court has provided a clear signal to state authorities: as long as data processing remains within the scope of state utility and maintains internal security, such communicative tools remain permissible under the constitutional framework.

The judgment is a landmark entry into the evolving jurisprudence surrounding the Digital Personal Data Protection Act , 2023, setting a precedent that even as technical regulations tighten, the administrative necessity for government-employee communication will be protected.