On 3rd January, 2025 the Ministry of Electronics and Information Technology (MeitY) released the Draft Digital Personal Data Protection Rules (Rules) to facilitate the implementation of the Digital Personal Data Protection Act, 2023 (Act), which aims to strengthen the legal framework for the protection of digital personal data by providing necessary details and an actionable framework.
The Act was introduced to provide for the processing of digital personal data in a manner that recognizes (i) right of individuals (Data Principals) to protect their personal data and (ii) obligations on the persons in charge of personal data (Data Fiduciary) towards data security.
The Act along with the Rules marks a key step towards privacy of personal data.
Key Points: