The Supreme Court of India has agreed to examine petitions challenging the constitutional validity of the Digital Personal Data Protection (DPDP) Act, 2023, focusing on concerns about its impact on the Right to Information Act.
The United States Trade Representative (USTR) has expressed concerns that India's Digital Personal Data Protection (DPDP) Act, particularly the lack of a deemed consent mechanism for credit information companies, and the Information Technology (IT) Rules of 2021, along with frequent internet shutdowns, could negatively impact the ability of US companies to operate and trade in India.
Digital Personal Data Protection (DPDP) law aims to protect the privacy of Indian citizens while proposing a penalty of up to Rs 250 crore on entities for misusing or failing to protect digital data of individuals.
A new law that defines how companies should process users' data came into force with the President giving assent to the Digital Personal Data Protection (DPDP) Act passed by Parliament in the just-concluded monsoon session. The law arms individuals with greater control over their data while allowing companies to transfer users' data abroad for processing, except to nations and territories restricted by the Centre through notification. It also gives the government power to seek information from firms and issue directions to block content.
Information and Broadcasting Minister Prakash Javadekar said the Bill will be introduced in Parliament during the current Winter Session.
'One has to be very mindful because it will be applicable for big tech platforms and even for banks and insurers, whose business is completely different.'
The final report was to be submitted in March but it got an extension till the second week of the monsoon session that began September 14.
The draft rules have been issued after Parliament approved the Digital Data Protection Bill 2023 about 14 months back.
The "construct of the DPDP Act" cannot be changed at this stage, though there may be some minor tweaks in the language of the Rules and formats in certain legitimate cases.
The US on Thursday raised concerns over India's Personal Data Protection (PDP) Bill and draft non-personal data governance framework, claiming these could potentially threaten innovation and economic growth. In its latest 'Special 301' Report, the US Trade Representative (USTR) kept India on the priority watch list, maintaining the country remains one of the world's most challenging major economies with respect to protection and enforcement of intellectual property (IP). In December 2021, a joint parliamentary committee released a report recommending changes to the PDP Bill, 2019, that could undermine important IP protections in India.
The biggest fear many of the e-commerce firms have is the possible requirement to change business models overnight, which would drastically increase costs as well as disrupt businesses.
The data protection bill introduced in Parliament on Thursday enables the government "to call for information" from data protection board, data collecting entities or intermediary, and safeguards the Centre from legal proceedings for "action taken in good faith" under the provisions of the legislation.
India needs a paradigm shift in personal data management that transforms the current organisation-centric data sharing system to an individual centric approach that promotes user control on data sharing for empowerment, said Niti.
Journalists will be exempted from seeking consent of individuals before collecting and reviewing their personal data to be used in news reports.
Entities may be given about a year to tune their systems to comply with norms of Digital Personal Data Protection Act, 2023, Minister of State for Electronics and IT Rajeev Chandrasekhar said on Wednesday. Speaking to reporters on the sidelines of consultation with the industry, Chandrasekhar said the Data Protection Board and guidelines for the eight rules, including consent management, will be put in place within a month. "Industry wants some more time for age-gating, different timelines for transition for different data fiduciaries.
The government on Wednesday withdrew the Personal Data Protection Bill from Lok Sabha and said it will come out with a 'set of fresh legislations' that will fit into the comprehensive legal framework.
Prime Minister Narendra Modi is promoting India as a global hub for digital infrastructure and artificial intelligence, highlighting the government's incentives for data center investments and inviting the world's data to reside in India.
The Registrar General and Census Commissioner of India, Mritunjay Kumar Narayan, has reassured the public that individual data collected during the upcoming census will remain confidential and cannot be used for any purpose other than statistical aggregation.
The government on Thursday tabled the Digital Personal Data Protection Bill 2023 in the Lok Sabha with an aim to protect the privacy of Indian citizens, while proposing a penalty of up to Rs 250 crore on entities for misusing or failing to protect digital data of individuals.
"Critical data which has to be resided in India is an important component that needs to be clarified, as this will be arguably uncovered on an ad hoc basis as we move forward."
The Rajya Sabha on Wednesday passed the Digital Personal Data Protection Bill 2023 by voice vote following a walkout by opposition members over the Manipur issue.
'There were two options before the government -- create a complex, cumbersome law, which will cause a tremendous amount of compliance challenges for startups or say let's go back and do a clean slate, where we do a framework of laws and policies'
The JCP was constituted in the Lok Sabha in December 2019 and was expected to submit its report in the Budget Session.
DPDP Act (2023) gives individuals the right to decide how their personal data is collected and used. For many businesses, this means reworking longstanding data practices, notes Ravi Duvvuru.
Hours after Congress leader Manish Tewari on Thursday said the government might get the Digital Data Protection Bill classified as a money bill, Union IT Minister Ashwini Vaishnaw refuted the charge and termed it a "normal bill".
After withdrawing the personal data protection bill, the government is hopeful of getting a new legislation passed by the next Budget session of Parliament, Union Minister Ashwini Vaishnaw has said.
The new rules allow for a staggered implementation road map, giving companies, data fiduciaries, data principals, and other stakeholders up to 18 months to comply with the administrative guidelines under the DPDP Act.
Companies, particularly those that are notified as Significant Data Fiduciaries, will have to make extensive investments in data mapping, process modification, consent management tools, tools to enable Data Principal Rights, and establish a well-structured Data Privacy Officer organisation.
'We are in touch with industry to further compress the timelines.'
After the first draft of the Bill was submitted under a committee chaired by Justice B N Srikrishna in 2018, there were objections raised by businesses, especially on the broad restrictions on cross-border data flow.
The Home Ministry has informed a parliamentary committee that security agencies utilise open-source intelligence, including social media, for information gathering, ensuring no privacy breach as personal data is not collected.
Yatra Online has announced a strategic collaboration with Google Cloud to accelerate its AI-led transformation across corporate and personal travel, aiming to simplify booking, enhance expense management, and deliver seamless travel experiences.
The proposed law seeks bars on storing and processing of personal data by entities without the explicit consent of an individual. It, however, provides for exemptions for "reasonable purposes" such as "prevention and detection of any unlawful activity including fraud, whistle-blowing, merger and acquisitions, network and information security, credit scoring, recovery of debt, processing of publicly available personal data and the operation of search engines".
'We do have some concerns with the timeline being shortened from 18 to 12 months.'
After withdrawing the personal data protection bill, the government is hopeful of getting a new legislation passed by the next Budget session of Parliament, Union minister Ashwini Vaishnaw has said. The government on Wednesday withdrew the Personal Data Protection Bill from the Lok Sabha. The Joint Committee on Personal Data Protection Bill, 2019, headed by BJP member P P Chaudhary, had tabled its report in Lok Sabha on December 16, 2021.
Sections in the draft Personal Data Protection Bill are a blatant violation of the Right to Privacy as guaranteed by the Constitution.
The report touches on variety of issues including consent, rights of children, data protection authority and right to recall data.
The court is hearing appeals against a CCI order imposing a penalty on Meta and WhatsApp.
CThese vulnerabilities, Cert-In said, could leave Apple users at risk of unauthorised access to sensitive data on their devices, cause service disruptions, and compromise the entire device.
© 2026 Rediff.com - Advertise with us - Disclaimer - Privacy Policy - Sitemap - Feedback - About us - Terms of use - Grievances