Digital Personal Data Protection Law, a senior government official said.
Under the graded plan, while bigger companies such as Meta, Google and others may be given a shorter time for the implementation of the rules, the time for other entities including startups, micro, small, and medium enterprises, central government departments and state governments may be more, the official said.
«The transition period will have to be notified first that the rules will be effective from that day. We have had a broad conversation with consumer groups, state, and central governments. Now we have to have a conversation with the big tech companies and startups,» the official said.
Startups and MSMEs have sought time as they are not equipped to handle the changes needed to be implemented under the DPDP Law, the official said, adding that graded timelines will be the first thing to be notified under the new law as it will set the tone for notification of other rules.
«Once we are clear that we have a time of say 6 months for the implementation of DPDP Law for big tech companies, we can start working on other aspects such as the setting up of Data Protection Board, members for it, or what other rules should be,» the official said.
The government has completed work on nearly 21 rules under DPDP Law and will begin consultation with stakeholders in days to come. All these rules will then be notified by the