Union Minister Rajeev Chandrasekhar leads consultations on Digital Personal Data Protection Act compliance
Sep 20, 2023
New Delhi [India], September 20 : Union Minister of State for Electronics and IT, Rajeev Chandrasekhar, spearheaded discussions with key industry stakeholders during the inaugural Digital India Dialogues session, focusing on the implementation of the recently enacted Digital Personal Data Protection Act, 2023 (DPDP Act).
These dialogues served as a platform for deliberations on the transition period required for specific provisions of the law, seeking valuable inputs for its effective implementation, an official statement said.
Chandrasekhar recounted the legislative journey behind this historic law, elucidating its development from its inception to its current status as a fully enacted statute.
He elaborated on how this law aligns with Prime Minister Narendra Modi’s vision of establishing modern and pertinent legislation tailored to India's unique requirements and platform obligations.
Addressing the gathering, MoS Chandrasekhar stated, "Over the next 30 days, necessary rules will be prescribed for the Act. We will also work on establishing the Data Protection Board in the coming month. Some entities such as startups, MSMEs, and healthcare facilities that handle individuals' data may be granted additional time to adhere to these regulations”.
“This flexibility is extended as they may not possess the same level of experience in data handling as larger data fiduciaries. They may request more time for learning and compliance. In case of any violations, the Data Protection Board will address and make decisions. However, they will only commence adjudication when fully prepared", he added.
The dialogue drew participation from a diverse array of technology ecosystem stakeholders, including industry associations, startups, IT professionals, think tanks, and legal experts, with over 100 stakeholders actively engaging in the consultation.
Chandrasekhar emphasized the core objective of the DPDP Act, ensuring the trust and security of all digital citizens.
He stressed that all data fiduciaries must adhere to the law, and the Government is receptive to valid arguments for extending compliance periods when accompanied by compelling justifications.
"Companies that already comply with rules similar to the GDPR (EU’s General Data Protection Regulation) should not seek an extended grace period to follow these new rules. We are now in the phase of implementing these regulations, and it should occur seamlessly and expeditiously”, said Chandrasekhar
“The aim is to instil a culture of trust and behavioural change among all entities handling personal data, encouraging responsible practices aligned with the trust that data principals have agreed upon. This is a deterrent act, intended to promote ethical conduct," Chandrasekhar emphasised during the discussion.
These consultations align with Prime Minister Modi's consultative approach to law and policy formulation.
They mark the first time discussions have taken place on the implementation and rule structures of the Digital Personal Data Protection Act 2023, reflecting the government's commitment to responsible data management and citizen privacy.