Well-equipped data protection board a must to enforce digital privacy laws, say experts
Subscribe to enjoy similar stories. New Delhi: The draft rules for the Digital Personal Data Protection (DPDP) Act, published on Friday, have ignited discussions among legal and data privacy experts regarding the effective implementation of the law. Experts emphasize that successful enforcement depends on a well-equipped and robust Data Protection Board of India (DPBI).
Legal practitioners note that the DPBI, established as a quasi-judicial body under the DPDP Act, needs skilled technical and legal professionals, as well as institutional independence, to manage complex investigations and ensure compliance effectively. They also point out significant gaps in the framework, including a lack of clarity about the board's operational structure and the absence of provisions for criminal liability and compensation in cases of data breaches. The DPDP Act, 2023, imposes fines of up to ₹250 crore for violations, but experts stress that clear guidelines and robust institutional support are essential for effective implementation.
The DPBI, established under Section 18(1) of the Act, serves as a quasi-judicial body to adjudicate disputes between individuals and data platforms accused of non-compliance. With civil court powers, the board can investigate breaches, impose penalties, and resolve disputes. Appeals from its decisions can escalate to the Telecom Disputes Settlement and Appellate Tribunal (TDSAT) and ultimately the Supreme Court.
“To strengthen the enforceability of the DPDP Act and its rules, the government must focus on institutional and operational improvements," said Akshayy S. Nanda, partner at Saraf and Partners. Also Read: Mint Explainer: The digital personal data protection Act, its rules, and roadblocks “The board
. Read more on livemint.com
