Entities likely to get a maximum of one year's time to comply with the Data Protection Act

Large tech companies like Meta, Twitter, or any others would be given less time to comply, while startups and MSMEs would be granted more time to adopt the law, IT minister Rajeev Chandrasekhar said.

Published: 20th September 2023 06:50 PM  |   Last Updated: 20th September 2023 06:50 PM   |  A+A-

Minister of State for Electronics and IT Rajeev Chandrasekhar

Minister of State IT Rajeev Chandrasekhar. (Photo | PTI)

By Express News Service

NEW DELHI: The government is likely to provide a maximum of one year for entities to comply with the norms of the Digital Personal Data Protection Act of 2023. The government will also establish the Data Protection Board and issue guidelines for eight rules, including consent management, within the next month or 45 days.

"Once we receive submissions from industry stakeholders, we will make a decision regarding the transition period for companies. However, one thing is certain: we will not grant the two years or 18 months of time as demanded by industry representatives," said Minister of State for Electronics and IT, Rajeev Chandrasekhar.

While speaking with industry representatives from tech companies such as Meta, Lenovo, Dell, Netflix, and others, the minister mentioned that the rules would be implemented in a graded manner. He said that large tech companies like Meta, Twitter, or any others would be given less time to comply, while startups and MSMEs would be granted more time to adopt the law.

ALSO READ | Data Protection Act a benchmark for others: Minister Rajeev Chandrasekhar

"These small startups and MSMEs require additional time to adapt to the new law. While I don't believe that large companies like Meta or Twitter need more time to comply, as they are already well-equipped and technically capable of adopting the new law," added the minister.

The Digital Personal Data Protection Bill, 2023 was passed by both Houses of Parliament in the Monsoon session. The Data Protection Act of 2023 mandates protection of the privacy of Indian citizens. According to the law, data collected from citizens should only be used for the purpose for which it was collected, and the amount of data collected should be limited to what is necessary.

The Act also proposes a penalty of up to Rs 250 crore for entities that misuse or fail to protect the digital data of individuals. In case of any grievances, individuals will have the option to approach the Data Protection Board, which will process complaints in accordance with the norms of the Act.

Follow The New Indian Express channel on WhatsApp


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp