Somewhere in the last few months, you took a decision an applicant did not like. Perhaps you upheld a penalty. Perhaps you transferred them. Perhaps you refused a routine favour. Now an RTI application has landed at your department, and it is not asking about policy. It is asking about you.

• “On what dates did Officer XYZ come to office in January?”
• “List of all files signed by Officer XYZ in the last six months.”
• “All tours undertaken by Officer XYZ at state expense since January 2024.”
• “All complaints received against Officer XYZ from any source in the last five years.”

The pattern is familiar. The applicant is converting the RTI Act into a personal surveillance tool or a pre-FIR fishing expedition. Many honest officers feel intimidated. Some begin to avoid taking decisions for fear of being “RTI'd.”

Do not. The Right to Information Act, 2005 was never designed to be a weapon against individual officers performing lawful duties. The Supreme Court, multiple High Courts, and the Central Information Commission have consistently drawn that line. This guide shows you where the line sits.

Post the 14 November 2025 amendment to §8(1)(j) by Section 44(3) of the Digital Personal Data Protection Act, 2023, the Act now reads:

Information which relates to personal information the disclosure of which has no relationship to any public activity or interest, or which would cause unwarranted invasion of the privacy of the individual.

The internal “public-interest override” that used to sit inside clause (j), and the Parliament-proviso, have been removed. The public-interest balancing now operates only through §8(2). This tightens the privacy shield for officers. See our deep-dive at PIO Framework — §8(1)(j) after DPDP.

Foundational case. Girish Ramchandra Deshpande v. CIC & Ors., (2013) 1 SCC 212 — the Supreme Court held that service records of a public servant — including copies of memos, show-cause notices, orders of censure, details of assets, liabilities, movable and immovable property, gifts received, transfer orders, and ACRs — are “personal information” under §8(1)(j). Disclosure requires an overriding public interest.

This line has been followed in R.K. Jain v. UoI, (2013) 14 SCC 794 (ACR only on public interest); Canara Bank v. C.S. Shyam, (2017) — transfer policy details; Harish Chandra Dwivedi v. CIC (Delhi HC) and a consistent line of CIC orders.

This is the most under-used, and most powerful, protection for an officer who is the subject of an RTI.

Section 11(1) requires that where a PIO intends to disclose information that relates to, or has been supplied by, a third party and has been treated as confidential by that third party, the PIO must, within 5 days of receipt of the RTI, give written notice to the third party. The third party has 10 days to represent against disclosure. The PIO then decides, within a 40-day total window, recording reasoning.

Skipping §11 is one of the most common grounds on which FAAs and SICs set aside PIO disclosures.

• C. Muniyappan v. State of Tamil Nadu (Madras HC, 2013) — §11 notice is mandatory; skipping it is procedural illegality.
• Kolkata Municipal Corporation v. WBIC (Calcutta HC, 2016) — §11 is not optional for third-party data.
• Arvind Kejriwal v. CPIO (CIC, 2010) — the third party has a statutory right to object and to appeal.

As the subject officer, you are a statutory third party. When your name appears in an RTI, your PIO has a duty to issue you a §11 notice. If they do not, remind them.

Information, the disclosure of which would endanger the life or physical safety of any person, or identify the source of information or assistance given in confidence for law enforcement or security purposes.

When a hostile applicant asks for your daily in-out timings, your daily vehicle route, your field-tour itinerary in real time, or the identity of witnesses who deposed against a local mafia, the §8(1)(g) ground is live. The danger must be a “reasonable probability,” not mere imagination — but the threshold is factual, not bureaucratic.

• Dayanand Saraswati v. CIC — pattern-of-harassment evidence justifies §8(1)(g).
• Various CIC orders have upheld §8(1)(g) for whistleblowers in serious-crime investigations.

If you have reason to believe the applicant has a stalking, intimidation, or revenge motive — document it. The PIO should cite §8(1)(g) and record the threat assessment.

Information available to a person in his fiduciary relationship, unless the competent authority is satisfied that the larger public interest warrants the disclosure.

For evaluative records — ACRs, APARs, integrity-certificates, vigilance reports, selection-committee notes on an officer — §8(1)(e) applies. The employer holds such records in fiduciary trust.

• CBSE v. Aditya Bandopadhyay, (2011) 8 SCC 497 — sets the fiduciary test; ACR-style subjective evaluation satisfies it.
• ICAI v. Shaunak Satya, (2011) 8 SCC 781 — examiner identity and model answers are fiduciary.
• R.K. Jain v. UoI (2013) — applies §8(1)(e) and §8(1)(j) jointly to ACR.

See PIO Framework — §8(1)(e) Fiduciary relationship for the full doctrine.

Information which would impede the process of investigation or apprehension or prosecution of offenders.

If there is a departmental inquiry, a vigilance investigation, or a pending disciplinary proceeding where premature disclosure would impede the process — §8(1)(h) is available. Note the time-bound nature: once the investigation report is filed, §8(1)(h) ceases and fresh reasoning is required.

If you are an officer in an organisation listed in the Second Schedule (IB, RAW, CBI, ED, NCB, listed state agencies), §24 exempts the entire organisation subject to the corruption / human-rights proviso. See Section 24.

Each question below maps the hostile RTI to the statutory position, the case law, and the PIO's correct response. These are the four most common hostile queries I have seen in twenty-five years of training PIOs.

What is clearly disclosable (aggregate, institutional):

• Gazetted holidays and working days — already public.
• Aggregate attendance statistic — “Officer XYZ was present on 220 of 230 working days in 2024” — may be released under §4 proactive-disclosure principles where the role is senior and public.
• Casual leave / earned leave availed — not disclosable as a named record per Girish Deshpande. Aggregate count only.

What is NOT disclosable (personal, invasive):

• Daily in-time and out-time on a minute-by-minute basis — §8(1)(j) personal information. Unwarranted invasion of privacy, no meaningful public interest in real-time schedule.
• Biometric log with specific timings — the SC in Puttaswamy (2017) 10 SCC 1 held biometric data is an informational-privacy category; disclosure requires strict necessity + proportionality.
• Live / real-time location — §8(1)(g) is activated. Even the question itself can be flagged as a safety-concern signal.

Case law anchor.

• Girish Ramchandra Deshpande — service-records under §8(1)(j).
• Justice K.S. Puttaswamy (Retd.) v. UoI, (2017) 10 SCC 1 — informational privacy and proportionality.

PIO correct response. Aggregate attendance with broad dates — disclosable. Specific in-out timings — declined under §8(1)(j), with the Deshpande and Puttaswamy citations recorded in the order.

What is clearly disclosable:

• Decision records once the decision is taken and matter is complete — per R.K. Jain v. UoI, (2013) 14 SCC 794 (file-notings post-decisional) and Treesa Irish v. CPIO (Kerala HC, 2010) — file-notings are part of the record under §2(i).
• Signed orders, sanction memos, and formal decisions — these are the public authority's record, not your personal record.
• Specific files requested by number — fair game, subject to §8(1) clause-wise analysis of each file.

What is NOT disclosable:

• “All files” blanket request without a specific file number or subject — may fall under §7(9) (voluminous; PIO offers inspection + selective copies) and §8(1)(j) (where the list itself reveals a pattern of movement or personal routine).
• Signature specimen, handwriting, signing times with second-level granularity — §8(1)(j).
• Notes / annotations that form part of ongoing investigations — §8(1)(h).

Case law anchor.

• R.K. Jain v. UoI, (2013) 14 SCC 794 — post-decisional file-noting disclosability; the test being whether decision is complete.
• Treesa Irish v. CPIO (Kerala HC, 2010) — file-noting is within §2(i).

PIO correct response. Ask the applicant to specify file numbers or subjects; offer inspection of the file-movement register for identified files; redact third-party personal data under §10; record §8(1)(j) reasoning for any “patterning” request.

What is clearly disclosable:

• Official tour programme — date, destination, purpose, approved budget, sanction order — these are public-expenditure records.
• Tour diary filed with the establishment section — yes for official purposes and expenditure.
• TA / DA claims submitted and sanctioned — yes as aggregate expenditure records (redact personal bank details).

What is NOT disclosable:

• Medical leave or personal leave destinations — §8(1)(j); these are not “public activity.”
• Real-time or future tour itinerary — §8(1)(g), obvious safety concern.
• Hotel room numbers, private-meeting details — §8(1)(j).
• Family members accompanying (if officially permissible) — §8(1)(j) as to family names.

Case law anchor.

• Subhash Chandra Agrawal v. CPIO, Supreme Court of India, (2020) — public-expenditure records on judges' foreign travel were held disclosable in aggregate — a principle that applies a fortiori to bureaucratic tours.
• Namit Sharma v. UoI, (2013) 1 SCC 745 — exemptions narrow, transparency presumption strong on public expenditure.

PIO correct response. Disclose official tour records with destinations, dates, purpose, expenditure — redact only names of family members (§8(1)(j)), hotel room numbers (§8(1)(j)), and future-dated itineraries (§8(1)(g)).

This is the most sensitive category. The rule is multi-layered.

What is clearly disclosable:

• Complaints that have been adjudicated and closed, with findings in favour of the officer — but anonymised at complainant level. The finding itself (exoneration) is a public record and is usually beneficial to the officer to disclose.
• Complaints that led to a penalty or order — the order itself is a public record under §4(1)(d) (reasons for quasi-judicial / administrative decisions).
• Aggregate number of complaints closed without action — institutional statistic.

What is NOT disclosable:

• Anonymous / unsubstantiated complaints — §8(1)(j); some complaints carry baseless allegations, and the presumption of innocence applies. The CVC itself flags such entries as “non-actionable noise” and does not proactively publicise.
• Pending inquiry files — §8(1)(h); disclosure would impede investigation.
• Vigilance register entries with allegations untested on facts — §8(1)(e) (fiduciary) + §8(1)(j) (personal).
• Complainant's identity when disclosure would expose a whistleblower — §8(1)(g).
• Internal noting suggesting suspicion against an individual — §8(1)(h) during the live phase; §8(1)(j) if never escalated.

Case law anchor.

• Girish Ramchandra Deshpande, (2013) 1 SCC 212 — integrity-certificate and disciplinary detail fall within §8(1)(j).
• Union Public Service Commission v. GS Sandhu and similar CIC orders — protecting evaluative / interrogatory material.
• CVC Manual — treatment of anonymous complaints; used as a reference for SLA-based non-action.

PIO correct response. Adjudicated outcomes — disclosable (often favourable to officer). Pending inquiries — §8(1)(h) + §8(1)(e). Anonymous / untested allegations — §8(1)(j) + §8(1)(g) where a pattern of intimidation exists.

The PIO is required, under §11(1), to issue you a written notice of the RTI application within 5 days of receiving it. If you have not received one, ask your PIO whether the request involves your personal information, and request §11 procedure to be initiated.

To,
The Public Information Officer,
[Department / Directorate / Organisation]
[Address]

Subject: Representation under Section 11(3) of the RTI Act, 2005,
against the proposed disclosure of information that relates to me —
RTI Reference No. __________.

Sir / Madam,

I have received the Section 11(1) notice dated __________ intimating
the proposed disclosure of information that relates to the undersigned.
I represent, as the concerned third party under Section 11, that the
proposed disclosure be declined on the following specific grounds:

1. Section 8(1)(j) — the queried information comprises personal
   information of the undersigned, the disclosure of which has no
   relationship to any public activity or interest and would cause an
   unwarranted invasion of my privacy, as held by the Hon'ble Supreme
   Court in //Girish Ramchandra Deshpande v. CIC//, (2013) 1 SCC 212
   and the subsequent line of Supreme Court and High Court decisions.

2. [Where applicable] Section 8(1)(g) — disclosure of the specific
   particulars sought would endanger physical safety of the undersigned,
   having regard to [specific threat indicators — attach any relevant
   material such as an existing FIR, written threat, prior pattern].

3. [Where applicable] Section 8(1)(e) — the information is held in a
   fiduciary relationship between the public authority and the
   undersigned (ACR / APAR / evaluative record).

4. [Where applicable] Section 8(1)(h) — there is an ongoing departmental
   inquiry / vigilance investigation referenced at __________ and
   disclosure would impede the process.

5. The DPDP 2023 framework, and the principle of informational privacy
   recognised in //Justice K.S. Puttaswamy v. UoI//, (2017) 10 SCC 1,
   require a strict necessity-and-proportionality test before disclosure.

I request that the PIO record specific reasoning under Section 7(1) and
Section 8(1) for any part of the request that is declined, and apply
Section 10 severability where information can be partly disclosed.

In the event the PIO decides to disclose information, I reserve my
right, as the third party, to file a First Appeal under Section 19(1).

Yours faithfully,
[Name]
[Designation]
[Date, Place]

The PIO is not adversarial to you. The PIO is a clerk with limited time and legal training. Help the PIO give a correct, reasoned, appeal-proof order. Supply:

• The case-law citations (listed above).
• The specific §8(1) clauses that apply.
• A clear indication of which parts can be severed and released under §10.
• A note on any safety concern, in writing, with evidence.

A one-page note with these points, handed to the PIO within 48 hours, usually results in a correct disclosure order that the applicant cannot easily overturn on appeal.

A third party whose objection has been overruled can file a First Appeal under §19(1) within 30 days. This is identical in procedure to an applicant's first appeal. See First Appeal timelines and FAA appellate-review checklist.

• Section 66E of the Information Technology Act, 2000 — violation of privacy (covers capture / transmission of private images; may apply where RTI is used to triangulate a personal surveillance pattern).
• BNS, 2023 — Section 78 — stalking; pursuing a person in a manner that causes reasonable fear of safety can invoke criminal provisions even when the medium is paperwork.
• Magistrate's application under §175(3) BNSS if there is a cognizable offence pattern.
• Writ petition under Article 226 — citing Puttaswamy informational-privacy test.
• Vigilance complaint if the applicant is themselves an insider using RTI for malicious purposes.

Officers often ask me what to hand over to their PIO. Here it is.

• Apply §11 procedure strictly. Issue notice within 5 days of the RTI. Wait 10 days for the third party to respond. Record in writing.
• Identify the §8(1) clauses that apply. Use §8(1)(j) for personal, §8(1)(g) for safety, §8(1)(e) for evaluative-fiduciary, §8(1)(h) for pending inquiries, §24 for Schedule-II agencies.
• Record reasoning for each part. The harm test must be specific, not formulaic.
• Apply §10 severability. If part of the record can be released — do so. Do not issue blanket refusals.
• Anonymise third parties. Complainant names, whistleblower identities, and family-member names should be redacted under §10.
• Cite the case law. Girish Deshpande, Puttaswamy, R.K. Jain, C. Muniyappan (for §11 procedure). See the PIO RTI Reply Guide and PIO / FAA Knowledge Base for the full framework.
• Where §8(1)(g) is invoked, attach a threat assessment. A two-sentence note is enough if the threat is documented (prior FIR, hostile correspondence, etc.).
• Retain the denial order for appeal. A well-reasoned §8(1) order usually survives the First Appeal and the Information Commission.

A single hostile RTI is usually containable. A pattern of hostile RTIs across an organisation requires an institutional response.

• Establish a third-party-RTI review committee — usually the Vigilance Officer + Head of Administration + senior legal officer — to review RTIs that target individuals rather than decisions.
• Create a standardised §11-notice template with attached citations, so every PIO issues a correct notice without re-inventing.
• Train your PIOs on the Deshpande + Puttaswamy line. A one-day training every year is enough.
• Maintain a record of repeat applicants. If one applicant files multiple RTIs naming specific officers, the pattern is an institutional fact. This is not a basis to refuse a lawful RTI, but it is a basis for the §8(1)(g) safety assessment and for a vigilance / legal response.
• File Section 20 counter-proposals where the RTI is vexatious. The Information Commission has invoked §20 against applicants found to have misused the RTI Act for harassment (rare but precedented — several CIC orders reference the rule).
• Communicate the outcome to the named officer. The officer whose name appeared in the RTI is entitled to know what was disclosed and what was refused.

• Multiple RTIs in a short window, all naming the same officer.
• Progressively personal — attendance, then files, then tours, then family.
• Coincides with a disciplinary action, transfer, or complaint by the targeted officer.
• The applicant has a documented hostile history with the department.
• Questions are phrased like an FIR — “who, what, when, where, why” about the officer, not about government decisions.
• The applicant asks for information that would be obviously dangerous (real-time location, house address, family details).

When three or more of these red flags cluster, the organisation should shift from routine §11 treatment to active legal protection of the officer. This is entirely lawful and supported by the Supreme Court's privacy framework.

Q1. Can an RTI ask about my personal leave?
Aggregate count yes; specific dates and destinations no — §8(1)(j). See Deshpande.

Q2. Can an applicant see my APAR?
Generally no — §8(1)(e) + §8(1)(j). Exception requires an overriding public interest, which is rarely met in individual-officer queries.

Q3. Can an applicant demand a list of all files I have ever signed?
The applicant can ask for specific files; a “patterning” request across all files is likely to be met with §7(9) voluminous-handling + §8(1)(j) privacy ground.

Q4. My attendance is on a biometric system — is the biometric log disclosable?
No. Puttaswamy applies the proportionality test; biometric data is high-privacy. Aggregate attendance yes; raw biometric log no.

Q5. What if there is a vigilance complaint pending against me?
§8(1)(h) applies during the inquiry; §8(1)(e) for the examiner / inquiry-officer record. Post-closure and order, the final order is a public document.

Q6. Do I have to appear before the PIO or the FAA?
You are not required to appear in person, but you may ask to be heard. The §11 procedure is in writing by default; hearings are discretionary and usually held only at Second Appeal before the SIC / CIC.

Q7. What if the PIO goes ahead and discloses my information without §11 notice?
File a complaint under §18 of the RTI Act to the Information Commission and a §19(1) First Appeal. The procedural violation is a strong ground, per C. Muniyappan.

Q8. Can the applicant be penalised for vexatious filing?
The Act does not have a direct “vexatious-applicant” clause, but CIC orders have declined to entertain patently abusive applications; organisations may also explore §66E IT Act or BNS stalking provisions where the pattern rises to that level.

Q9. Is my home address ever disclosable under RTI?
Virtually never. §8(1)(j) + §8(1)(g) together shield it. Even if you have given your home address to the employer, the RTI applicant has no public-interest basis to obtain it.

Q10. What if the applicant is a former colleague with a grudge?
The law does not care about motive (§6(2) bars motive inquiry), but the content of the request is what is tested. Personal-surveillance content does not become lawful because the applicant has standing as a citizen; the exemptions apply regardless.

In twenty-five years of training PIOs, First Appellate Authorities, and officers of every rank, I have seen one pattern repeat. Officers who know the law are not afraid of RTI. Officers who don't know the law concede disclosures they did not need to.

Learn the five shields. Respect the §11 procedure. Cite the case law. Keep a paper trail. Take your decisions fearlessly, and let the law do what it was written to do — protect you when you are right, and hold you accountable when you are wrong.

The RTI Act is not your enemy. Weak PIO practice, and ignorance of your own statutory rights, are.

• Grounds for RTI rejection — the 10 valid refusals
• PIO Framework — §8(1)(j) after DPDP
• PIO Framework — §8(1)(e) Fiduciary
• PIO RTI Reply Guide
• PIO / FAA Knowledge Base
• FAA Appellate-Review Checklist
• First Appeal Timelines
• FAA — Privacy vs Public-Interest Balancing
• FAA — §19(8) Disclosure Powers
• Blog — DPDP Rules 2025 RTI amendment
• Bombay HC RTI rulings
• Madras HC RTI rulings
• Kerala HC RTI rulings

• Right to Information Act, 2005 — §§ 2(f), 2(i), 4, 8(1)(e), 8(1)(g), 8(1)(h), 8(1)(j), 10, 11, 19, 20, 24.
• Digital Personal Data Protection Act, 2023 — §44(3), amending RTI §8(1)(j), effective 14 November 2025.
• Bharatiya Nyaya Sanhita (BNS), 2023 — §78 (stalking).
• Information Technology Act, 2000 — §66E (violation of privacy).

• Girish Ramchandra Deshpande v. Cen. Information Commr. & Ors., (2013) 1 SCC 212 — service records as §8(1)(j) personal information.
• R.K. Jain v. Union of India & Anr., (2013) 14 SCC 794 — ACR disclosure only on overriding public interest.
• Canara Bank v. C.S. Shyam & Anr., (2018) 11 SCC 426 — transfer-policy service-record privacy.
• Justice K.S. Puttaswamy (Retd.) & Anr. v. Union of India & Ors., (2017) 10 SCC 1 — fundamental right to privacy; proportionality test.
• Central Board of Secondary Education v. Aditya Bandopadhyay, (2011) 8 SCC 497 — fiduciary framework.
• Institute of Chartered Accountants of India v. Shaunak Satya & Ors., (2011) 8 SCC 781 — examiner confidentiality.
• Namit Sharma v. Union of India, (2013) 1 SCC 745 — exemptions narrowly construed; transparency presumption.
• Thalappalam Service Coop. Bank Ltd. v. State of Kerala, (2013) 16 SCC 82 — public-authority scope.

• C. Muniyappan v. State of Tamil Nadu (Madras HC, 2013) — §11 notice mandatory.
• Kolkata Municipal Corporation v. WBIC (Calcutta HC, 2016) — §11 compliance for municipal records.
• Treesa Irish v. CPIO (Kerala HC, 2010) — file-notings are part of §2(i) record.
• Harish Chandra Dwivedi v. CIC (Delhi HC) — §8(1)(j) applied to officer service records.

• Multiple orders of the CIC on §11 third-party procedure, §8(1)(j) applied to officer attendance / APAR / integrity certificates, and §8(1)(g) invoked where a pattern of harassment is documented.

Based on twenty-five years of RTI practice, including training sessions delivered to Public Information Officers, First Appellate Authorities, and Vigilance Officers in central ministries, state departments, police, and municipal corporations.

Last reviewed: 21 April 2026.