Citizens gain more rights to information through the DPDP Act, says Ashwini Vaishnaw Online Desk
Business

Govt in talks with major companies to compress compliance timelines under DPDP Act: Ashwini Vaishnaw

The government recently notified the DPDP Act, India’s first comprehensive law to safeguard personal data online, which will be implemented in three stages, with its main provisions coming into effect after eighteen months.

Rakesh Kumar

NEW DELHI: The government is actively engaging with industry to “significantly compress the compliance timelines” for the recently enacted Digital Personal Data Protection (DPDP) Act, said the minister of Electronics and Information Technology Ashwini Vaishnaw on Monday. The minister, while speaking to media on Monday, also highlighted that once the Data Protection Board is established and the complete digital framework—already prepared—is rolled out, the government will introduce further amendments to the rules to shorten the timelines.

“The first set of rules that we have published provides a reasonable time frame for compliance, based on what industry had requested and what our priorities were. We are also in touch with industry to further compress the compliance timelines, because we have given them the same argument: they already follow compliance frameworks in other geographies—why not replicate them here? They are quite positive about this,” said the minister.

The government recently notified the DPDP Act, India’s first comprehensive law to safeguard personal data online. The Act will be implemented in three stages, with its main provisions coming into effect after eighteen months. These include rules governing data collection and use, consent requirements, individual rights, children’s data protections, cross-border data transfers, data-breach responsibilities, and the full set of obligations for Significant Data Fiduciaries. 

The Act categorises large companies—such as social media platforms like Google and Meta, as well as other entities dealing with sensitive data—as Significant Data Fiduciaries. These organisations must comply with stricter norms, including conducting an annual Data Protection Impact Assessment, performing yearly audits, and ensuring that any automated decision-making systems or algorithms they deploy are safe and fair.

When asked whether the Right to Information (RTI) Act would be diluted by the DPDP Act, the minister rejected the concern, stating that Section 8(2)(a) of the RTI Act clearly mandates that any information required to be disclosed in the public interest must continue to be disclosed. “That provision remains unchanged—there is no amendment. So the framework is not diluted in any way. In fact, citizens gain more rights to information through the DPDP Act, which gives them the right to know what personal information has been collected by tech companies and data fiduciaries. The right to information is actually enhanced by the DPDP Act and the rules,” Vaishnaw said.

Follow The New Indian Express channel on WhatsApp 

Download the TNIE app to stay with us and follow the latest

Also Read

'American? No!' says Greenland after latest Trump threat

Meghalaya: Three held in youth’s killing; CM Sangma appeals for communal harmony

Iranians protest for 13th day amid internet blackout; Trump warns US could strike

Five Jharkhand migrant workers kidnapped in Niger return to India after eight months

R Sreelekha condemns arrest of Tanthri in Facebook post; withdraws comment following controversy

SCROLL FOR NEXT