Data Protection Act

India's DPDP rules explained: Here's how your personal data will be handled

The new DPDP rules will be introduced over the next 18 months to give organisations time to adapt to the guidelines.

India's DPDP rules: Shaping future of personal data privacy in digital era

India's DPDP rules have set a framework for a more accountable digital economy through clear consent standards, data safeguards, with the goal to arm individuals with greater control over their personal data in the world's fourth largest economy. Here is what it means for businesses and individuals: First things first. These subordinate rules to the principal legislation -- Digital Personal Data Protection Act -- spell out operational norms for entities in collection and handling of personal data, and protects the rights of individuals. In simple terms, 'data fiduciaries' refer to entities that decide the purpose and means of processing of individual's data while 'data principals' are individuals or users (of a particular service) to whom personal data belongs. Consent notice to individuals: Companies must give clear, plain-language notice seeking informed consent with itemised data description, processing purpose, complaint mechanisms, and easy consent withdrawal process where eas

DPDP rules notified: Digital privacy law a reality after 14 years

Implementation planned in phases over 12-18 months

Bundled consent mechanism likely to end as Meity plans stricter rules

DPDP Act may also ask intermediaries to keep detailed meta data records

DPDPA rules 2025: Advancing data privacy but challenges remain unresolved

New data protection rules boost transparency, yet compliance gaps persist

Rules of protection: Draft regulations should enhance data security

The Act and the Rules refer to individual digital users as "data principals", and the Act is expected to offer individuals greater control over their personal information

MeitY lets tech firms, data fiduciaries decide on parental consent methods

The Ministry of Electronics and Information Technology has urged tech firms to adopt advanced methods for obtaining parental consent while allowing them to determine the best practices independently

Social media platforms worry new data law could affect child safety, ads

Tech giants Google, Meta, YouTube, and Snap are concerned over India's new Digital Personal Data Protection Act's restrictions on behavioural tracking of children as they may compromise child safety

Drafting of rules under data protection law in advanced stage: Vaishnaw

Drafting of rules under the data protection legislation is in advanced stage with industry-wide consultations slated soon, Union Minister Ashwini Vaishnaw said on Saturday, asserting that India will also look at doubling electronics production and adding jobs under the Modi 3.0 government. At the same time, the Minister for Electronics and IT assured that regulatory work will see "good continuity" and that the agenda on digital regulatory framework remains "intact". The timelines for semiconductor plants of Micron and Tata Group too are on track. The process of implementation of the Digital Personal Data Protection (DPDP) Act will be based on 'digital-by-design' principle, paving the way for a new way of working, and the work on creating this 'digital by design' platform is also moving in parallel. Such a platform or portal will be created in-house by the likes of NIC and DIC. The Parliament had passed the DPDP Act in August last year. The key piece of legislation aims to protect th

DPDP rules, IT rules amendment on Meity's 100-day agenda after LS polls

The notification of the rules to India's data privacy law have been long awaited

Data protection law needs clarity on risk threshold for breaches: Group

BSA, which represents the global software industry, wants companies to get at least 72 hours to report data breaches

Irdai sets up 11-member taskforce to examine the impact of DPDP Act

The task force is expected to submit the report within a period of 1 month from the issuance of the order

DPDP rules ready but unlikely to be tabled in winter session of Parliament

As India's first-ever dedicated legislation for digital privacy, the DPDP Act provides broad principles of collection and processing of personal information in digital form

Majority organisations' very concerned' on impact of data law: EY study

While the rules that would provide exact processes of the DPDP Act are yet to be notified, the government has consistently claimed that large organisations must not require much time to comply

Meta mulls paid option for ad-free Instagram, Facebook in India: Details

It follows Meta's talks to launch a similar plan in the European Union (EU) to conform with its privacy concerns

Beyond due process

Invoking UAPA against a news outfit is overreaction

Only 9 out of 100 surveyed company websites seek clear consent: PwC report

Only 2 out of the 100 analysed websites provided consent in multiple regional languages

Only 9 of 100 firms obtain clear consent before collecting user data: PwC

Only 17% of Indian organisations have listed the email IDs of customer care or other functions for queries with respect to data protection

DPDP Act: Social media, telcos, startups lobby for 18-24 months to comply

The stakeholders also said that implementation of eKYCs may create an immense cost burden for startups and smaller organisations, considering that the number of users is in millions

Fintech firms rush to make tweaks as new data protection law looms

Fintechs, banks and non-bank financial companies (NBFCs) will have to redraw their contracts with their business partners with whom customer data gets shared