Scribd
Upload
6 views5 pages

Evolution of Digital Personal Data Protection Law in India

India's evolution of personal data protection law highlights its efforts to balance privacy, technology, and economic growth, culminating in the Digital Personal Data Protection Act, 2023 (DPDPA) and the Draft Rules of 2025. Key milestones include the Srikrishna Committee's recommendations, the withdrawal of the PDP Bill, and the introduction of the DPDPA, which emphasizes individual rights and lawful data processing. The draft DPDP Rules aim to operationalize the DPDPA, ensuring robust protection of digital personal data in line with global standards.

Uploaded by

Saba firdose
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views5 pages

Evolution of Digital Personal Data Protection Law in India

India's evolution of personal data protection law highlights its efforts to balance privacy, technology, and economic growth, culminating in the Digital Personal Data Protection Act, 2023 (DPDPA) and the Draft Rules of 2025. Key milestones include the Srikrishna Committee's recommendations, the withdrawal of the PDP Bill, and the introduction of the DPDPA, which emphasizes individual rights and lawful data processing. The draft DPDP Rules aim to operationalize the DPDPA, ensuring robust protection of digital personal data in line with global standards.

Uploaded by

Saba firdose
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Evolution of

Digital Personal
Data Protection
Law in India

www.manupatra.com
India's journey toward personal data protection legislation
showcases its endeavor to balance individual privacy,
technological advancement, and economic growth. As a
digital leader with a vast and diverse population, the country
has encountered unique challenges in developing a data
protection framework that aligns with global standards while
addressing local needs. The Digital Personal Data Protection
Act, 2023 (DPDPA) and the Draft Rules of 2025 are pivotal
milestones, marking a significant step forward in the
evolution of India's data governance framework.
Key Milestones in India's Data Protection Evolution

Srikrishna Committee and the Conceptual Framework (2017-2018)


The foundation for India’s modern data protection framework was laid by the
Justice B.N. Srikrishna Committee, formed in 2017. The committee released its
"A Free and Fair Digital Economy" report in 2018, identifying:
1. The need for a rights-based framework balancing individual privacy with the
interests of innovation and national security.
2. Recommendations for data localization, consent mechanisms, and
accountability of data fiduciaries.

The Information Technology (IT) Act, 2000 and Transition to


Comprehensive Data Governance
Initially introduced to provide legal recognition for electronic transactions, the IT
Act became insufficient to handle modern data privacy issues. The DPDPA
complements and updates this framework, paving the way for broader
governance of the digital economy through the forthcoming Digital India Act.
Personal Data Protection (PDP) Bill, 2019
This was the first draft legislation introduced in Parliament that aimed to provide
a comprehensive attempt to address data privacy concerns. It included provisions
for a Data Protection Authority (DPA) to oversee compliance. Introduced key
individual rights such as data portability, the right to be forgotten, and
mechanisms for grievance redressal.

Withdrawal of the PDP Bill and Introduction of the DPDPA, 2023


In 2022, the government withdrew the PDP Bill, citing the need for a simpler, more
focused framework. The DPDPA, 2023, was enacted to provide for the processing
of digital personal data in a manner that recognizes both the right of individuals to
protect their data and the need to process such personal data for lawful purposes.

Draft Digital Personal Data Protection Rules (DPDP), 2025


The draft Digital Personal Data Protection Rules aim to safeguard citizens’ rights
to protect their personal data. These rules seek to operationalize the DPDPA,
2023, in line with India’s commitment to creating a robust framework for
protecting digital personal data.
Key Features of DPDP Rules, 2025

Registration and Intimation of Verifiable consent for Exemptions from


obligations of a Personal Data processing personal obligations in
Consent Manager Breach data of children and processing personal
persons with disabilities data of children

Global Data Protection and Privacy Laws


As more social and economic activities move online, the importance of privacy and data
protection is becoming increasingly acknowledged. To address these concerns, 137 out of 194
countries have established laws to ensure the protection of data and privacy.
Here are some countries that have laws in place to safeguard data and privacy:
European Union - General Data Protection Regulation
China - China Personal Information Protection Law
South Africa - Protection of Personal Information Act
Japan - Act on the Protection of Personal Information
Australia - Privacy Act 1988
New Zealand - Privacy Act 2020

You might also like