Image used for representational purposes only. FILE | ANI
Nation

IT Ministry elaborates draft DPDP rules, seeks feedback by February 18

The DPDP Act introduces graded financial penalties based on the severity and duration of violations. Businesses may voluntarily submit undertakings to avoid penalties during proceedings.

ANI

NEW DELHI: The Ministry of Electronics and Information Technology (MeitY) on Sunday elaborated draft Digital Personal Data Protection (DPDP) Rules designed to protect citizens' rights under the Digital Personal Data Protection Act, 2023.

The Ministry said that the public feedback on the draft rules is open until February 18, 2025, via the MyGov portal.

The DPDP Act and the draft rules are structured to adapt to rapid advancements in digital technologies, it added. The Data Protection Board, envisioned as a fully digital entity, will enable citizens to lodge complaints and resolve disputes online without the need for physical presence.

Citizens will be informed of their rights and empowered to manage their personal data through multilingual digital platforms.

In addition to online feedback, the Ministry plans structured consultations with civil society, industry, and government stakeholders to refine the rules. Finalised rules will be submitted to Parliament for approval. The draft rules aim to protect individual rights without causing disruptions to existing digital practices.

Organisations will be given adequate time to comply with the new regulations, with minimal compliance burdens. Data processing based on prior consent will be allowed to continue, with notices issued to individuals, ensuring their rights under the law are upheld.

To safeguard children's personal data, data fiduciaries must implement measures to obtain verifiable parental consent. Additionally, startups will benefit from reduced compliance requirements, while significant data fiduciaries will be subject to stricter obligations.

The DPDP Act introduces graded financial penalties based on the severity and duration of violations. Businesses may voluntarily submit undertakings to the Data Protection Board to avoid penalties during proceedings, ensuring fair and proportional enforcement.

The draft rules do not impose a blanket requirement for storing personal data within India. However, restrictions on cross-border data transfers may apply to specific categories of personal data as recommended by a designated committee.

By integrating digital-first mechanisms and maintaining a balanced regulatory framework, the draft DPDP Rules aim to secure the rights of citizens while ensuring India's digital economy continues to thrive.

Also read:Data protection rules: India Inc says challenges remain
Also read:DPDP Act will balance innovation and regulation, safeguard citizens' rights: IT Minister Vaishnaw

Follow The New Indian Express channel on WhatsApp 

Download the TNIE app to stay with us and follow the latest

Also Read

Universal Health Coverage: The medicine all of India needs in 2026 and beyond

11 arrested in Assam, Tripura over alleged links with 'Bangladesh-based fundamentalist groups'

Delivery apps brace for mega strike on New Year’s Eve as unions mobilise 1.5 lakh workers across India

SIT formed to probe Tripura student's death, police say no evidence so far of racial abuse

Year of contradictions for the Indian economy

SCROLL FOR NEXT