Close Menu
Stratnews GlobalStratnews Global
    Facebook X (Twitter) Instagram
    Trending
    • KSSL Showcases Cutting-Edge Artillery at Indo Defence Expo 2025
    • Webb Telescope Reveals Young Gas Giants Shaping in Distant Star System
    • NASA Halts ISS Launch Over Air Leak in Ageing Russian Module
    • SpaceX May Lose Role in Golden Dome Amid Trump Feud
    • U.S. Military Eyes Space War Readiness Amid Rising China Tensions
    • Iran’s Key Nuclear Facilities and Programme Developments
    • IITs: From Labs to Launchpads
    • Paris Airshow Highlights Aircraft Deals Amid Aviation Uncertainty
    Stratnews GlobalStratnews Global
    Write for Us
    Sunday, June 15
    • Space
    • Science
    • AI and Robotics
    • Industry News
    Stratnews GlobalStratnews Global
    Home » Understanding India’s Draft Data Protection Rules

    Understanding India’s Draft Data Protection Rules

    Jaijit BhattacharyaBy Jaijit BhattacharyaJanuary 7, 2025Updated:January 7, 2025 Security & Politics No Comments5 Mins Read
    Digital Data Protection Rules, India’s Data Protection Rules

    Given the spate of digital frauds based on leveraging user data for trapping unsuspecting citizens into “digital arrests” and myriad such crimes, there is an enhanced concern over how people’s data is used and leaked. And therefore, the rapid digitization of India’s economy and society has necessitated robust mechanisms to protect personal data and ensure privacy. To address these challenges, the Indian government introduced the draft Digital Personal Data Protection (DPDP) Bill, 2023. The framework seeks to address the need to balance individual privacy rights with the innovation and growth potential of the digital ecosystem.

    The draft of the rules as envisaged under different sections of the Act have now been made and is open to public feedback. The Rules provide for the necessary details and implementation framework of the Act.

    So who does the rules apply to? The DPDP Bill applies to the processing of digital personal data within India and also to entities outside the country if their processing activities target individuals in India. This extraterritorial application is intended to safeguard Indian citizens from misuse of their data by foreign entities.

    The draft rules emphasize obtaining clear, informed, and specific consent from individuals before collecting or processing their personal data. Consent must be revocable at any time, empowering individuals to exercise control over their information.

    The rules provide for a safer operating environment to individuals and provides for several rights, including the right to access and correct their data, the right to data portability, the right to erasure of data in certain circumstances and the right to be informed about data breaches affecting them.

    The bill differentiates between data fiduciaries, who determine the purpose and means of data processing, and data processors, who process data on behalf of fiduciaries. Both entities have distinct responsibilities, with fiduciaries bearing the primary accountability for compliance.

    Clearly, the draft rules enhance personal privacy by granting individuals greater control over their data. They empower users to make informed decisions about how their data is used and provide mechanisms to address grievances effectively.

    However, some concerns have been raised from a few quarters. Telecom companies have raised the concern that clauses around transferring personal data outside of India may affect International Long Distance calls (ILD) and sending text messages overseas or even sending whatsapp messages to international numbers. However, such “transfer” of data would clearly be with the consent of the Data Principal (i.e. the owner of the data), and a few tweaks to the clickwrap agreements would ensure alignment to the proposed rules. Therefore, such concerns are not unsurmountable or are a major roadblock.

    Some others have the view that the compliance costs for telecom companies and other Significant Data Fiduciaries would go up, and such costs will be passed to the consumers in the form of tariff hikes. Given the costs that individuals and society has to bear for unsanctioned use of personal data, leading to frauds and impact on lives of people, a marginal increase in cost of transactions, if any, is something that can be borne. There cannot be enhanced protection of personal data without a cost. However, such a cost is expected to be insignificant to consumers.

    While the framework imposes compliance costs, it also creates opportunities for businesses to build trust with consumers by adopting transparent data practices. The rules align India with global data protection standards, facilitating smoother international collaborations.

    There is also a fear of reciprocal regulations by other countries, thereby impacting Indian businesses. But then again, such regulations such as the European GDPR already puts restrictions on how data of Europeans living within Europe and also living outside Europe, are to be processed.

    It is important to understand that when our data moves outside of our shores, entities managing such data are not under the jurisdiction of the Indian government. Therefore, none of the Indian regulations, including the data protection rules, are applicable on such entities, thereby limiting the ability of the Indian government to enforce its will and protect its citizens. Hence the draft rules proposing that certain data must stay within the Indian borders is not necessarily for data protectionism but it is for the safety of the citizens.

    Another aspect of the regulation that is being applauded is the mechanism to age-gating by using educational institutions, thereby ensuring that the parental consent is verifiable.

    At the end of the day, the Data Protection Rules strengthens India’s position as a digitally sovereign nation. By regulating data flows and safeguarding citizens’ information, the government aims to create a secure and inclusive digital environment.

    The draft Data Protection rules mark a critical step towards building a secure and accountable digital ecosystem in India. While the framework promises to empower individuals and foster trust, its success hinges on effective implementation, clarity in provisions, and collaboration between stakeholders. As the rules undergo further deliberation, it remains essential to strike a balance between safeguarding privacy and enabling economic growth in the digital age.

    Jaijit Bhattacharya, President, Centre for Digital Economy Policy Research

    Author

    • Jaijit Bhattacharya
      Jaijit Bhattacharya

      President, Centre for Digital Economy Policy Research

      View all posts
    Featured
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Reddit Telegram WhatsApp
    Jaijit Bhattacharya

      President, Centre for Digital Economy Policy Research

      Keep Reading

      KSSL Showcases Cutting-Edge Artillery at Indo Defence Expo 2025

      Webb Telescope Reveals Young Gas Giants Shaping in Distant Star System

      NASA Halts ISS Launch Over Air Leak in Ageing Russian Module

      SpaceX May Lose Role in Golden Dome Amid Trump Feud

      U.S. Military Eyes Space War Readiness Amid Rising China Tensions

      Iran’s Key Nuclear Facilities and Programme Developments

      Add A Comment
      Leave A Reply Cancel Reply

      Latest Posts

      KSSL Showcases Cutting-Edge Artillery at Indo Defence Expo 2025

      June 14, 2025

      Webb Telescope Reveals Young Gas Giants Shaping in Distant Star System

      June 13, 2025

      NASA Halts ISS Launch Over Air Leak in Ageing Russian Module

      June 13, 2025

      SpaceX May Lose Role in Golden Dome Amid Trump Feud

      June 13, 2025

      U.S. Military Eyes Space War Readiness Amid Rising China Tensions

      June 13, 2025

      Iran’s Key Nuclear Facilities and Programme Developments

      June 13, 2025

      IITs: From Labs to Launchpads

      June 12, 2025

      Paris Airshow Highlights Aircraft Deals Amid Aviation Uncertainty

      June 12, 2025

      Hungary to Sell Key Defence Assets to 4iG as Election Pressure Mounts

      June 12, 2025

      Starlink Applies to Launch Satellite Service in Southwestern Switzerland

      June 12, 2025

      Subscribe to News

      Get the latest sports news from NewsSite about world, sports and politics.

      • Astronomical Events
      • Space Missions
      • Industry News
      • Science
      StratNewsGlobal Tech
      Facebook X (Twitter) Instagram LinkedIn YouTube
      © 2025 StratNews Global, A unit of BharatShakti Communications LLP
      • About Us
      • Contributors
      • Copyright
      • Contact
      • Write for Us

      Type above and press Enter to search. Press Esc to cancel.