In a landmark event, Union Minister of State for Skill Development & Entrepreneurship and Electronics & IT, Shri Rajeev Chandrasekhar, spearheaded discussions during the inaugural Digital India Dialogue on the recently passed Digital Personal Data Protection Act in New Delhi on Wednesday.
This groundbreaking dialogue brought together key industry stakeholders to deliberate on the transition period required for specific clauses within the law and to gather valuable insights for its effective implementation.
Charting the Journey of DPDP Act 2023
During the session, Minister Rajeev Chandrasekhar provided a comprehensive overview of the DPDP Act 2023, shedding light on its evolution from inception to its current status as an enacted law. He emphasized how this legislation aligns with Prime Minister Shri Narendra Modi’s vision to establish contemporary and pertinent laws tailored to Indian needs, while also addressing platform obligations.
Setting the Path Forward
Minister Chandrasekhar revealed that within the next 30 days, essential rules would be formulated for the Act, with plans to establish the Data Protection Board in the following month. Notably, he mentioned that certain entities such as startups, MSMEs, and hospitals, which handle individuals’ data, might receive additional time to comply with the DPDP Act. This extension is intended to accommodate their potential lack of experience in managing data, compared to larger data fiduciaries. The Data Protection Board will take charge of enforcing these rules once it is fully prepared for adjudication.
Consultation with Industry Stakeholders
The session witnessed participation from a diverse range of stakeholders within the technology ecosystem, including industry associations, startups, IT professionals, think tanks, and legal experts. Over 100 stakeholders attended the consultation, emphasizing the importance of this legislation to various sectors.
Prioritizing Trust and Safety
Minister Rajeev Chandrasekhar reaffirmed the primary objective of the DPDP Act, which is to ensure the trust and safety of all digital citizens. He emphasized that all data fiduciaries must adhere to the law and expressed the government’s openness to considering valid arguments for extending compliance periods, provided they are accompanied by compelling justifications.
Implementing Change Responsibly
Addressing concerns about the implementation process, Minister Chandrasekhar stressed that companies already following rules similar to the GDPR (EU’s General Data Protection Regulation) should not request extended compliance timelines. He emphasized that the goal is to foster a culture of trust and encourage responsible behavior among all parties dealing with personal data. The DPDP Act serves as a deterrent, designed to promote ethical conduct.
These consultations align with Prime Minister Narendra Modi’s consultative approach to policy making and law formulation. Notably, this marks the first instance of consultations being held on the implementation and rule structures of the Digital Personal Data Protection Act 2023, highlighting the government’s commitment to inclusive governance and industry engagement.