What are the Digital Personal Data Protection Rules and when do they apply? | Current Affairs | Vision IAS
Vision
VisionIAS Logo
Vision
Share
Link copied successfully!
Mains 365

Daily News Summary

Get concise and efficient summaries of key articles from prominent newspapers. Our daily news digest ensures quick reading and easy understanding, helping you stay informed about important events and developments without spending hours going through full articles. Perfect for focused and timely updates.

News Summary

Sun Mon Tue Wed Thu Fri Sat

    What are the Digital Personal Data Protection Rules and when do they apply?

    2 min read

    Digital Personal Data Protection Act (DPDP) 2023 and Rules 2025

    The DPDP Act, 2023 is India's legal framework for data protection, akin to Europe's GDPR and other international data protection laws. It aims to safeguard the online data of Indian citizens by establishing guidelines for data handling by companies, known as "data fiduciaries."

    Key Provisions

    • Data Handling Requirements:
      • Access control and encryption are mandatory.
      • Security audits are required for large firms labeled as "significant data fiduciaries."
    • Consent Management:
      • Data principals must provide "informed" consent, detailing what data is collected and its use.
      • Users can erase, modify, or delete their data, and inactive data must be deleted after a certain period.
    • Data Protection Officer: Large firms must appoint an officer to oversee compliance.
    • Targeted Advertising: Restrictions are placed on advertising and data collection, especially concerning children, with exemptions for parental location tracking.
    • Consent Manager: A framework is provided for users to manage data across multiple platforms.
    • Data Breach Reporting: Breaches must be reported promptly.

    Enforcement and Compliance

    • Fines range from ₹10,000 to ₹250 crore for non-compliance.
    • Firms are given up to 18 months to comply with the Act's requirements.
    • Some provisions, like appointing a Data Protection Officer (DPO), will be mandatory after one year.

    Data Protection Board of India (DPBI)

    • The DPBI will oversee the implementation of the Act and function as a subordinate office of the Ministry of Electronics and Information Technology (MeitY).
    • The board will consist of four members.

    Amendments and Controversies

    • Right to Information Act, 2005:
      • The DPDP Act amends Section 8(1)(j), removing the public interest clause for disclosing personal information, allowing more discretion for government entities.
      • Activists have resisted this change, arguing it limits transparency and could protect misconduct.
    • Information Technology Act, 2000: An amendment is proposed but not yet enforced, raising concerns about potential misuse to hide official misconduct.


    • Tags :
    • Digital Personal Data Protection Act (DPDP) 2023
    • Data Protection Board of India (DPBI)

    Articles Sources

    https://www.thehindu.com/sci-tech/technology/what-are-the-digital-personal-data-protection-rules-and
    Next Article
    Article 32 enables every citizen to approach Supreme Court for enforcement of fundamental rights, says CJI
    Subscribe for Premium Features