By Anuradha Gandhi and Rachita Thakur
After numerous revisions and discussion India finally got its own Data Protection Laws known as The Digital Personal Data Protection Act (hereinafter referred to as “DPDPA”) in August 2023. The newly DPDPA ensures that data of Indian citizens are processed in a fair, transparent and secure manner. Amidst the serious discussion going on to establish frameworks to regulate AI, Deepfakes to enhance privacy, the Ministry of Electronics and Information Technology (MeiTY) on December 6, 2023 has communicated its intention of publishing the Rules for DPDP Act, 2023 very soon.
The Anticipated Notification
The Minster of State for Electronics and Information Technology Mr. Rajeev Chandrasekhar has intimated that the much awaited Rules under the DPDPA will come out for consultation by the end of this December or early January 2024. It was further reported that the government is required to formulate a minimum of 25 Rules for the effective implementation of DPDP Act. The upcoming rules are expected to address and shed light on the various procedural and compliance details that are needed to be incorporated by Data Fiduciaries, Data Processors when involved in processing data.
It has been reported that the Government looks ahead to provide 12 month transition period to comply with most of the provisions of the Act (except age- gating). However, in contrast the tech companies and industries have earlier requested for a transition period of two (02) years before mandatory compliance with the DPDPA.
Swayamsiddha Das, Intern at S.S. Rana & Co. has assisted in the research of this Article.