Brands
Discover
Events
Newsletter
More

Follow Us

twitterfacebookinstagramyoutube
Youtstory

Brands

Resources

Stories

General

In-Depth

Announcement

Reports

News

Funding

Startup Sectors

Women in tech

Sportstech

Agritech

E-Commerce

Education

Lifestyle

Entertainment

Art & Culture

Travel & Leisure

Curtain Raiser

Wine and Food

YSTV

ADVERTISEMENT
Advertise with us
News

IT Ministry extends deadline for data protection rule feedback to March 5

The Digital Personal Data Protection Act 2023 aims to safeguard privacy of an individuals data, prevents their misuse by various measures including unauthorised access to personal details, explicit consent before processing their data, using it only for the purpose required etc.

Press Trust of India10188 Stories
IT Ministry extends deadline for data protection rule feedback to March 5

Saturday February 15, 2025 , 3 min Read

The IT Ministry has extended the deadline for submitting views on draft rules for data protection by 15 days to March 5, an official notice said on Friday.

The draft rules were made available on the Ministry of Electronics and IT (Meity) website on January 3 for public comments and the deadline for the same was set for February 18.

"In response to the representations received from several stakeholders, the Ministry has decided to extend the last date for receipt of feedback/comments till March 5, 2025," the notice said.

The Digital Personal Data Protection Act 2023 aims to safeguard privacy of an individuals data, prevents their misuse by various measures including unauthorised access to personal details, explicit consent before processing their data, using it only for the purpose required etc.

Also Read
DeepSeek to be hosted on Indian servers soon to address data privacy concerns: Vaishnaw

While digitisation using the personal data of individuals has transformed the delivery of services enhancing ease of living, it is also increasingly at risk of misuse. Therefore, it has become imperative that digitised personal data be protected.

The draft rules, which are key to operationalisation of the data protection Act, seek to make parental nod essential for processing of personal data of children.

Further, parents' identity and age will also have to be validated and verified through voluntarily provided identity proof "issued by an entity entrusted by law or the government", say the draft rules.

The DPDP Act 2023, obligates data fiduciaries to protect personal data and makes them accountable. Digital platforms cannot collect only those data that are required for their functioning and providing services which users have opted for.

For example, a user will not have to give a microphone or contact access to use a torch app on their mobile phone.

The draft rules do not elaborate on the penalty but spell out a mechanism to set up a Data Protection Board (DPB) that will levy penalties based on the nature of the breach as listed in the DPDP Act 2023.

The DPDP Act 2023 has provisions to impose penalties of up to Rs 250 crore on data fiduciaries. The Act provides for graded financial penalties in case of violation of the Act and the rules.

The quantum of penalty will depend on the nature, gravity, duration, type, repetitiveness, efforts made to prevent a breach, etc. Further, significant data fiduciaries have higher obligations under the Act and rules, while a lower compliance burden is envisaged for startups.

Moreover, the data fiduciary may at any stage in the proceedings voluntarily give an undertaking to the Data Protection Board, which, if accepted, would result in the dropping of proceedings.

Edited by Megha Reddy