India’s new data protection act reshapes digital privacy for users and corporations
India's digital landscape is set for a significant overhaul with the operationalisation of the Digital Personal Data Protection (DPDP) Act. The new regulations aim to bolster data governance and enhance user protection, with key players, known as data fiduciaries, required to adhere to stringent compliance measures.
The DPDP Act, now in effect, mandates that significant data fiduciaries - including large corporations and government bodies processing vast amounts of personal data - undergo an annual audit and Data Protection Impact Assessment. These organisations, which may include e-commerce platforms, social media intermediaries, and online gaming companies with a substantial user base, are also required to delete inactive users' personal data after three consecutive years of dormancy.
Cross-border transfers of personal data are permitted, but they must adhere to specific rules that may be updated periodically. Companies must also notify users 48 hours before deleting their data, ensuring transparency and user awareness.
The Indian government has issued detailed norms under the DPDP Act, setting clear compliance requirements for companies handling user data. With these new regulations, India's digital ecosystem is poised to become more secure and user-centric, reflecting a global trend towards stricter data protection measures.
Read also:
- American teenagers taking up farming roles previously filled by immigrants, a concept revisited from 1965's labor market shift.
- Weekly affairs in the German Federal Parliament (Bundestag)
- Landslide claims seven lives, injures six individuals while they work to restore a water channel in the northern region of Pakistan
- Escalating conflict in Sudan has prompted the United Nations to announce a critical gender crisis, highlighting the disproportionate impact of the ongoing violence on women and girls.
