Close Menu
Stratnews GlobalStratnews Global
    Facebook X (Twitter) Instagram
    Trending
    • From Red Corridor to Growth Corridor
    • Viral Manga Quake Rumours Dent Japan Tourism but Visitors Still Arrive
    • US Lifts Restrictions, Allowing Siemens Full China Software Operations
    • Astronomers Capture Rare Double Detonation Supernova in Stunning Detail
    • Advances in Diabetes, Gene Editing, and Stroke Care Unveiled
    • AI Chatbots Can Be Programmed to Spread Health Misinformation
    • Qantas Hit by Major Cyber Hack Affecting Millions of Customers
    • EU Set to Propose 2040 Climate Goal Allowing Use of Foreign Carbon Credits
    Stratnews GlobalStratnews Global
    Write for Us
    Friday, July 4
    • Space
    • Science
    • AI and Robotics
    • Industry News
    Stratnews GlobalStratnews Global
    Home » Understanding India’s Draft Data Protection Rules

    Understanding India’s Draft Data Protection Rules

    Jaijit BhattacharyaBy Jaijit BhattacharyaJanuary 7, 2025Updated:January 7, 2025 Security & Politics No Comments5 Mins Read
    Digital Data Protection Rules, India’s Data Protection Rules

    Given the spate of digital frauds based on leveraging user data for trapping unsuspecting citizens into “digital arrests” and myriad such crimes, there is an enhanced concern over how people’s data is used and leaked. And therefore, the rapid digitization of India’s economy and society has necessitated robust mechanisms to protect personal data and ensure privacy. To address these challenges, the Indian government introduced the draft Digital Personal Data Protection (DPDP) Bill, 2023. The framework seeks to address the need to balance individual privacy rights with the innovation and growth potential of the digital ecosystem.

    The draft of the rules as envisaged under different sections of the Act have now been made and is open to public feedback. The Rules provide for the necessary details and implementation framework of the Act.

    So who does the rules apply to? The DPDP Bill applies to the processing of digital personal data within India and also to entities outside the country if their processing activities target individuals in India. This extraterritorial application is intended to safeguard Indian citizens from misuse of their data by foreign entities.

    The draft rules emphasize obtaining clear, informed, and specific consent from individuals before collecting or processing their personal data. Consent must be revocable at any time, empowering individuals to exercise control over their information.

    The rules provide for a safer operating environment to individuals and provides for several rights, including the right to access and correct their data, the right to data portability, the right to erasure of data in certain circumstances and the right to be informed about data breaches affecting them.

    The bill differentiates between data fiduciaries, who determine the purpose and means of data processing, and data processors, who process data on behalf of fiduciaries. Both entities have distinct responsibilities, with fiduciaries bearing the primary accountability for compliance.

    Clearly, the draft rules enhance personal privacy by granting individuals greater control over their data. They empower users to make informed decisions about how their data is used and provide mechanisms to address grievances effectively.

    However, some concerns have been raised from a few quarters. Telecom companies have raised the concern that clauses around transferring personal data outside of India may affect International Long Distance calls (ILD) and sending text messages overseas or even sending whatsapp messages to international numbers. However, such “transfer” of data would clearly be with the consent of the Data Principal (i.e. the owner of the data), and a few tweaks to the clickwrap agreements would ensure alignment to the proposed rules. Therefore, such concerns are not unsurmountable or are a major roadblock.

    Some others have the view that the compliance costs for telecom companies and other Significant Data Fiduciaries would go up, and such costs will be passed to the consumers in the form of tariff hikes. Given the costs that individuals and society has to bear for unsanctioned use of personal data, leading to frauds and impact on lives of people, a marginal increase in cost of transactions, if any, is something that can be borne. There cannot be enhanced protection of personal data without a cost. However, such a cost is expected to be insignificant to consumers.

    While the framework imposes compliance costs, it also creates opportunities for businesses to build trust with consumers by adopting transparent data practices. The rules align India with global data protection standards, facilitating smoother international collaborations.

    There is also a fear of reciprocal regulations by other countries, thereby impacting Indian businesses. But then again, such regulations such as the European GDPR already puts restrictions on how data of Europeans living within Europe and also living outside Europe, are to be processed.

    It is important to understand that when our data moves outside of our shores, entities managing such data are not under the jurisdiction of the Indian government. Therefore, none of the Indian regulations, including the data protection rules, are applicable on such entities, thereby limiting the ability of the Indian government to enforce its will and protect its citizens. Hence the draft rules proposing that certain data must stay within the Indian borders is not necessarily for data protectionism but it is for the safety of the citizens.

    Another aspect of the regulation that is being applauded is the mechanism to age-gating by using educational institutions, thereby ensuring that the parental consent is verifiable.

    At the end of the day, the Data Protection Rules strengthens India’s position as a digitally sovereign nation. By regulating data flows and safeguarding citizens’ information, the government aims to create a secure and inclusive digital environment.

    The draft Data Protection rules mark a critical step towards building a secure and accountable digital ecosystem in India. While the framework promises to empower individuals and foster trust, its success hinges on effective implementation, clarity in provisions, and collaboration between stakeholders. As the rules undergo further deliberation, it remains essential to strike a balance between safeguarding privacy and enabling economic growth in the digital age.

    Jaijit Bhattacharya, President, Centre for Digital Economy Policy Research

    Author

    • Jaijit Bhattacharya
      Jaijit Bhattacharya

      President, Centre for Digital Economy Policy Research

      View all posts
    Featured
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Reddit Telegram WhatsApp
    Jaijit Bhattacharya

      President, Centre for Digital Economy Policy Research

      Keep Reading

      Viral Manga Quake Rumours Dent Japan Tourism but Visitors Still Arrive

      US Lifts Restrictions, Allowing Siemens Full China Software Operations

      Astronomers Capture Rare Double Detonation Supernova in Stunning Detail

      Advances in Diabetes, Gene Editing, and Stroke Care Unveiled

      AI Chatbots Can Be Programmed to Spread Health Misinformation

      Qantas Hit by Major Cyber Hack Affecting Millions of Customers

      Add A Comment
      Leave A Reply Cancel Reply

      Latest Posts

      From Red Corridor to Growth Corridor

      July 3, 2025

      Viral Manga Quake Rumours Dent Japan Tourism but Visitors Still Arrive

      July 3, 2025

      US Lifts Restrictions, Allowing Siemens Full China Software Operations

      July 3, 2025

      Astronomers Capture Rare Double Detonation Supernova in Stunning Detail

      July 3, 2025

      Advances in Diabetes, Gene Editing, and Stroke Care Unveiled

      July 2, 2025

      AI Chatbots Can Be Programmed to Spread Health Misinformation

      July 2, 2025

      Qantas Hit by Major Cyber Hack Affecting Millions of Customers

      July 2, 2025

      EU Set to Propose 2040 Climate Goal Allowing Use of Foreign Carbon Credits

      July 2, 2025

      Jeff Bezos-Backed Methane Satellite Lost in Space

      July 2, 2025

      Wimbledon Embraces AI Line Calling, Divides Players and Fans

      July 2, 2025

      Subscribe to News

      Get the latest sports news from NewsSite about world, sports and politics.

      • Astronomical Events
      • Space Missions
      • Industry News
      • Science
      StratNewsGlobal Tech
      Facebook X (Twitter) Instagram LinkedIn YouTube
      © 2025 StratNews Global, A unit of BharatShakti Communications LLP
      • About Us
      • Contributors
      • Copyright
      • Contact
      • Write for Us

      Type above and press Enter to search. Press Esc to cancel.