The Supreme Court of India has agreed to examine petitions challenging the constitutional validity of the Digital Personal Data Protection (DPDP) Act, 2023, focusing on concerns about its impact on the Right to Information Act.
Digital Personal Data Protection (DPDP) law aims to protect the privacy of Indian citizens while proposing a penalty of up to Rs 250 crore on entities for misusing or failing to protect digital data of individuals.
A new law that defines how companies should process users' data came into force with the President giving assent to the Digital Personal Data Protection (DPDP) Act passed by Parliament in the just-concluded monsoon session. The law arms individuals with greater control over their data while allowing companies to transfer users' data abroad for processing, except to nations and territories restricted by the Centre through notification. It also gives the government power to seek information from firms and issue directions to block content.
The "construct of the DPDP Act" cannot be changed at this stage, though there may be some minor tweaks in the language of the Rules and formats in certain legitimate cases.
The draft rules have been issued after Parliament approved the Digital Data Protection Bill 2023 about 14 months back.
'One has to be very mindful because it will be applicable for big tech platforms and even for banks and insurers, whose business is completely different.'
Prime Minister Narendra Modi is promoting India as a global hub for digital infrastructure and artificial intelligence, highlighting the government's incentives for data center investments and inviting the world's data to reside in India.
Entities may be given about a year to tune their systems to comply with norms of Digital Personal Data Protection Act, 2023, Minister of State for Electronics and IT Rajeev Chandrasekhar said on Wednesday. Speaking to reporters on the sidelines of consultation with the industry, Chandrasekhar said the Data Protection Board and guidelines for the eight rules, including consent management, will be put in place within a month. "Industry wants some more time for age-gating, different timelines for transition for different data fiduciaries.
The new rules allow for a staggered implementation road map, giving companies, data fiduciaries, data principals, and other stakeholders up to 18 months to comply with the administrative guidelines under the DPDP Act.
'We are in touch with industry to further compress the timelines.'
The data protection bill introduced in Parliament on Thursday enables the government "to call for information" from data protection board, data collecting entities or intermediary, and safeguards the Centre from legal proceedings for "action taken in good faith" under the provisions of the legislation.
'By extending the definition of 'personal' to include institutions and not just individuals, the State has equipped itself with a tool to block access to most kinds of information.'
The government on Thursday tabled the Digital Personal Data Protection Bill 2023 in the Lok Sabha with an aim to protect the privacy of Indian citizens, while proposing a penalty of up to Rs 250 crore on entities for misusing or failing to protect digital data of individuals.
DPDP Act (2023) gives individuals the right to decide how their personal data is collected and used. For many businesses, this means reworking longstanding data practices, notes Ravi Duvvuru.
The Rajya Sabha on Wednesday passed the Digital Personal Data Protection Bill 2023 by voice vote following a walkout by opposition members over the Manipur issue.
Companies, particularly those that are notified as Significant Data Fiduciaries, will have to make extensive investments in data mapping, process modification, consent management tools, tools to enable Data Principal Rights, and establish a well-structured Data Privacy Officer organisation.
The government on Wednesday withdrew the Personal Data Protection Bill from Lok Sabha and said it will come out with a 'set of fresh legislations' that will fit into the comprehensive legal framework.
'Digital arrests are the cutting edge of the problem and the most challenging part of the ecosystem right now.'
The court is hearing appeals against a CCI order imposing a penalty on Meta and WhatsApp.
'We do have some concerns with the timeline being shortened from 18 to 12 months.'
...on par with oil, power, and defence, and to restrict its storage under foreign control.
'There were two options before the government -- create a complex, cumbersome law, which will cause a tremendous amount of compliance challenges for startups or say let's go back and do a clean slate, where we do a framework of laws and policies'
The DPDP rules, which have come into effect, require companies to implement a data protection and consent management system by November 2026.
After withdrawing the personal data protection bill, the government is hopeful of getting a new legislation passed by the next Budget session of Parliament, Union Minister Ashwini Vaishnaw has said.
After withdrawing the personal data protection bill, the government is hopeful of getting a new legislation passed by the next Budget session of Parliament, Union minister Ashwini Vaishnaw has said. The government on Wednesday withdrew the Personal Data Protection Bill from the Lok Sabha. The Joint Committee on Personal Data Protection Bill, 2019, headed by BJP member P P Chaudhary, had tabled its report in Lok Sabha on December 16, 2021.
'The impact will be minimal and it will only increase compliance cost on consent, data flows, localisation timelines, internal audits, data mapping, and new tooling.'
'Unless the government comes up with the rulebook, the technical requirements will not be clear to us.' 'Going by the Act, non-technical provisions can be complied with within six months.' 'But we need up to 24 months for provisions like parental consent.'
Recently, an Air India flyer sent a legal notice to the airline seeking damages of Rs 30 lakh for the breach of personal data of 4.5 million passengers, including her husband and herself. Air India had informed the complainant of the data leak a month earlier, after it emerged that its passenger service system provider fell prey to a cyberattack in February. However, in the absence of a data protection law, India lacks a mechanism for compensation or grievance redress of consumers in such cases, say experts. Advocate Virag Gupta, a New Delhi-based cyber law expert, explains that a legal notice is a good beginning in the Air India case, but it raises many questions. These include whether sensitive personal information has been leaked and whether the airline is responsible or not, given that a passenger service system provider was also involved.
'By leveraging user data from WhatsApp, Meta can enhance its technology.' 'It (user data) is collected by me, it's my personal property. Shall I give it to my competitors?'
Since the deadline for Justice B N Srikrishna Committee's feedback is December 31, the government is unlikely to table a data protection Bill in the winter session of Parliament.
Exercise caution when charging your phone in public places or borrowing a charger from someone -- you might get hacked.
Sebi Chairman Tuhin Kanta Pandey announced intensified surveillance and technology-driven enforcement to combat pre-investment scams targeting retail investors, who are increasingly being lured by fake trading apps and promises of high returns.
'Look at what kind of sites the child is visiting, what kind of games they are playing and then tell them about the pitfalls.' 'After the child sleeps, parents can check the history of sites visited and block sites that could be dangerous or inappropriate.'
The government may not be able to put in place the Digital India Act, which aims to replace over 23 years old IT Act 2000, before the next general election, as there is not much time left for extensive consultation, Minister of State for Electronics and IT Rajeev Chandrasekhar said on Wednesday. While speaking at the Global Technology Summit 2023, the minister, however, said the rules for the Digital Personal Data Protection Act will be out later this month for consultation and are expected to be notified by the end of December or early January. Chandrasekhar said the existing IT Act doesn't even have the word internet, and there is a consensus that it can be safely superseded and replaced.
The government has raised the penalty amount to up to Rs 500 crore for violating the provisions proposed under the draft Digital Personal Data Protection Bill 2022 issued on Friday. The draft personal data protection bill in 2019 proposed a penalty of Rs 15 crore or 4 per cent of the global turnover of an entity. The draft proposes to set up a Data Protection Board of India, which will carry on functions as per the provisions of the bill.
After the draft data protection bill, the government is now all set to bring another key legislation -- Digital India Bill -- that will be made available for public consultation by the month-end, Minister of State for IT Rajeev Chandrasekhar said on Thursday. The Digital India Bill, which will replace the 22-year old Information Technology (IT) Act, will be contemporary and a modern piece of legislation, the Minister promised. The proposed bill, alongside the Digital Personal Data Protection (DPDP) Bill whose draft was released recently, will contribute to the evolving framework which is light on regulation, safeguards consumer rights and catalyses innovation, the minister said while speaking at CII Global Economic Policy Summit 2022.
During an open house discussion with stakeholders on the draft Digital Personal Data Protection (DPDP) bill 2022, Chandrasekhar said that the right to privacy is a fundamental right while the right to information is not. "Right to privacy is a fundamental right and right to information is not.
This Budget positions India's taxation ideology as not merely a revenue source but as a strategic catalyst for growth, inclusion and long-term confidence.
You should rather use nicknames, incorrect date of birth and if possible make a separate e-mail address for such apps and services. You should also not share your phone number
© 2026 Rediff.com - Investor Information - Advertise with us - Disclaimer - Privacy Policy - Sitemap - Feedback - About us - Terms of use - Grievances