Monday, November 24, 2025 | 11:25 PM ISTहिंदी में पढें

Bill On Personal Data Protection

DPDP norms nudge insurance firms to boost tech systems, consent frameworks

Industry leaders say phased deadlines through 2027 give them time, but the compliance effort will require major process redesign

Updated On : 20 Nov 2025 | 11:57 PM IST

DPDP rules 2025: Why Indian businesses must act now on data compliance

The notification of the Digital Personal Data Protection Rules 2025 on November 13, 2025, marks a significant milestone in India's journey towards a harmonised data privacy regime

Updated On : 17 Nov 2025 | 7:09 PM IST

Govt may shorten DPDP compliance timeline for big tech amid industry talks

The Digital Personal Data Protection (DPDP) rules, which currently offer an 18-month transition period for companies, may see this timeline "compressed" for large companies as the government engages with industry stakeholders on the issue. Big tech firms and many large companies already abide by stringent data protection standards in many other markets, among them General Data Protection Regulation (European Union's data privacy and security law) and this argument has prompted discussions about faster implementation of the new rules in India. About the rationale of 18-month transition time, when, in fact, many large companies are already complying with stringent norms elsewhere, IT Minister Ashwini Vaishnaw said the government is already in touch with the industry on the issue. "We have been discussing with industry... the first set of rules have been published and this gives reasonable timeframe depending on what industry's ask was, and what our thrust was." He added, "But we are

Updated On : 17 Nov 2025 | 4:16 PM IST

India's DPDP rules: Shaping future of personal data privacy in digital era

India's DPDP rules have set a framework for a more accountable digital economy through clear consent standards, data safeguards, with the goal to arm individuals with greater control over their personal data in the world's fourth largest economy. Here is what it means for businesses and individuals: First things first. These subordinate rules to the principal legislation -- Digital Personal Data Protection Act -- spell out operational norms for entities in collection and handling of personal data, and protects the rights of individuals. In simple terms, 'data fiduciaries' refer to entities that decide the purpose and means of processing of individual's data while 'data principals' are individuals or users (of a particular service) to whom personal data belongs. Consent notice to individuals: Companies must give clear, plain-language notice seeking informed consent with itemised data description, processing purpose, complaint mechanisms, and easy consent withdrawal process where eas

Updated On : 17 Nov 2025 | 7:34 AM IST

DPDP rules notified: Digital privacy law a reality after 14 years

Implementation planned in phases over 12-18 months

Updated On : 15 Nov 2025 | 12:24 AM IST

DPDP rules implementation: Demand for consent managers likely to rise

Will maintain log of consents given, denied, or withdrawn

Updated On : 14 Nov 2025 | 11:31 PM IST

DPDP rules mandate deleting user data after three years of inactivity

Ecommerce, gaming, and social media intermediaries must erase dormant user data with prior notice

Updated On : 14 Nov 2025 | 3:27 PM IST

EU's code of practice sets key benchmarks for regulating AI development

Most countries have still not been able to catch up. India, for instance, has no dedicated AI law

Updated On : 16 Jul 2025 | 10:42 PM IST

Digital personal data protection law brings change and challenges

DPDP Act (2023) gives individuals the right to decide how their personal data is collected and used. For many businesses, this means reworking longstanding data practices

Updated On : 13 Jul 2025 | 11:07 PM IST

No change likely in DPDP rules on data storage, cross-border data transfers

A team of US officials was in India till Saturday to hold trade agreement talks with the commerce department ahead of the proposed reciprocal tax announcement by the Trump administration

Updated On : 31 Mar 2025 | 12:01 AM IST

DPDP rules need to be principle-based rather than prescriptive: Vaishnaw

Over 200 participants, including key government officials from various ministries, industry leaders, legal experts, and policymakers, discussed the rules

Updated On : 14 Jan 2025 | 11:28 PM IST

Will hold wider consultation with industry bodies on DPDP rules: Vaishnaw

Union minister Ashwini Vaishnaw on Tuesday said the government will hold wider and more consultation meetings with industry bodies on the draft data protection rules. The government held its first consultation meeting with industry representatives on draft Digital Personal Data Protection (DPDP) Rules 2025. "A lot of suggestions have come from digital platforms. We will now start focussed consultation process with various industry organisations. We want consultation to be very extensive," Vaishnaw said. According to an official statement, the consultation attracted representatives from various sectors such as technology, consulting, MSMEs, banking, and finance. Some notable organisations in attendance included DSCI, NPCI, PwC, Apple, Microsoft, Snapchat, Accenture, Zomato, Deloitte, KPMG, PhonePe, OpenAI, and others. Vaishnaw in the meeting highlighted the importance of understanding the full scope of the framework, stressing that to gain a clear understanding of the framework for

Updated On : 14 Jan 2025 | 9:57 PM IST

Draft data protection rules balance regulation, innovation: Vaishnaw

The draft protection rules released by the government create a balance between regulation and innovation while completely protecting citizen rights, Union minister Ashwini Vaishnaw said on Saturday. The government issued draft rules for the Digital Personal Data Protection (DPDP) Act on Friday for public consultation till February 18. "Rules have to be within four walls of the Act. It is within the ambit of the Act passed by Parliament. These rules have been framed to ensure a balance between regulation and innovation while completely safeguarding the rights of citizens," Vaishnaw told PTI in an interview. The minister said earlier there was only one template available to the world -- the European data protection rule with a high level of regulation. However, Indian rules have attempted to balance the regulation with innovation to safeguard the boom in the innovation ecosystem developing among startups in the country. He said extensive consultations have been held with the industry

Updated On : 04 Jan 2025 | 4:03 PM IST

Govt releases draft Digital Personal Data Protection Rules, no penal clause

The government has released the long-awaited draft of Digital Personal Data Protection Rules that do not mention any penal action for violations. The draft rules, which have been published for public consultations, will be taken into consideration for making the final rule after February 18. "Draft of rules proposed to be made by the central government in exercise of the powers conferred by sub-sections (1) and (2) of section 40 of the Digital Personal Data Protection Act, 2023 (22 of 2023), on or after the date of coming into force of the Act, are hereby published for the information of all persons likely to be affected thereby," the draft notification said. The draft rules have laid out provisions related to consent processing of individuals, data processing bodies and the functioning of authorities under the Digital Data Protection Act, 2023. "...notice is hereby given that the said draft rules shall be taken into consideration after 18th February, 2025," the notification said.