Excerpt from English Jagran Article – Published on Sep20, 2023
India’s Minister of State for Electronics and IT, Rajeev Chandrasekhar, has announced a potential one-year transition period for major tech corporations like Google and Meta to adapt to India’s recently enacted Digital Personal Data Protection Bill , 2023. During discussions at the ‘Digital India Dialogue’ with key industry stakeholders, Chandrasekhar stressed the importance of supporting smaller entities such as startups, MSMEs, and hospitals in complying with the new data protection law. He acknowledged that these organizations, which may lack the resources and expertise of larger companies, may need extra time to fully grasp and adhere to the law’s stringent standards.
The primary aim of the Digital Personal Data Protection Act is to ensure the trust and safety of all digital citizens, Minister Chandrasekhar noted. He also indicated that the government is open to considering valid justifications for extending the compliance period, provided they are substantiated by compelling reasons.
Chandrasekhar further disclosed that the detailed regulations required by the Act will be delineated within the next 30 days. Additionally, preparations to establish the Data Protection Board, a critical entity responsible for safeguarding data privacy, will commence within the next month.
The Act introduces significant penalties, ranging from Rs 50 crore to Rs 250 crore, for social media platforms found in violation of its provisions. It aims to foster the responsible growth of digital markets while safeguarding individuals’ digital privacy rights. The Act governs the handling of digital personal data in India, whether acquired online or offline and subsequently digitized. It also has extraterritorial reach, applying to data processing conducted outside the country if it involves the provision of goods or services to Indian residents. Companies will be obligated to ensure data accuracy, security, and erasure, while individuals will have specific rights, including access to their data, correction and erasure requests, and avenues for grievance redress. Additionally, companies will be required to appoint a Data Protection Officer and share their contact details with users.
To delve deeper into this topic, please read the full article on English Jagran.