Digital Personal Data Protection Act: Social media users under 18 to require parental consent
Digital Personal Data Protection Act of 2023 (DPDP). Any user below the age of 18 has been defined as a child under the Act, which was passed by Parliament in August 2023.
ET Year-end Special Reads
Stocks to buy in 2025: 66 ideas from top brokerages for your new year portfolio
What does 2025 hold for India's IT services sector?
2025 may be the year of EVs in India, dominated by SUV launches
The much-awaited rules were released by the government on Friday with stakeholder comments sought until February 18. The executive rules have also left the door ajar for the return of the data localisation provision of certain kinds of personal data. It has, for the first time, proposed to place data fiduciaries under three broad categories of ecommerce companies, gaming intermediaries, and social media firms.
Data Deletion Norms
The rules mandate that they must delete the personal data of inactive users on their platforms after three years. In case of a data breach, data fiduciaries will have to inform the Data Protection Board within 72 hours.
«DPDP Rules have been much awaited and a draft gives broad direction to the industry to start thinking about implementation,» said Aparajita Bharti, founding partner, The Quantum Hub Consulting. «One key concern, however, is a potential room for bringing data localisation requirements for significant data fiduciaries as the rules mention that a committee formed for this purpose may do so in the future.»
Artificial Intelligence(AI)
Java Programming with ChatGPT: Learn using Generative
