The Asia Internet Coalition (AIC), an industry group representing big tech companies such as Google, Apple, Meta and Microsoft, has approached the Ministry of Electronics and Information Technology (MeitY) to provide a 12-18 month long transition period to comply with certain key provisions of the data protection Act.
In a letter to IT Minister Ashwini Vaishnaw and Minister of State for Electronics and IT Rajeev Chandrasekhar, the Asia Internet Coalition recommended a yearlong compliance period for companies to prepare their systems for issuing consent notices to users.
“Since implementing these provisions would require structural changes in organisations and businesses, they are likely to face significant challenges during the course of such transition,” the grouping wrote in the letter.
The letter further added, “Since this is a novel concept where a data fiduciary has to ensure erasure of data principal’s personal data, data fiduciaries would not be possessing such technical requirements for implementing it. This exercise will be fairly new to domestic and international business entities alike, since compliance with data laws of other jurisdictions like GDPR do not have such provisions.”
Last month, the government had said that some entities like startups and MSMEs may be given a year’s time to fine tune their system with the DGDP Act, 2023.
The Digital Data Protection Bill is said to be India’s second attempt at framing a privacy legislation, and comes after at least three previous iterations of a data protection law have been considered, and shelved, by the government. During the time of announcement, MoS Rajeev Chandrasekhar has said, “The Centre will follow a graded approach in the way the Data Protection Bill– which is on the verge of becoming law – will be implemented for different entities. The government will implement the law first for big tech companies such as Google, Microsoft, Amazon and Apple, and offer a longer transition timeline for smaller entities and startups.”
