The Central Government released the much-awaited draft of the Digital Personal Data Protection Rules on Friday. This draft of the Digital Personal Data Protection Act, first presented in Parliament in August 2023, was made public by the Ministry of Electronics and Information Technology. Currently the government is soliciting public input on the draft on MyGov.in. Until February 18, 2025. The government intends to discuss the responses after obtaining the opinions.
The Digital Personal Data Protection Act’s proposal to tighten rules governing social media accounts for minors under eighteen is one important reform. According to the draft, a youngster must have parental consent before creating a social media page. Stronger protections for personal information are intended to be put in place under this rule, especially for children and people with disabilities.
Confidentiality of Feedback
The framework of the Data Protection Board, including its terms of service and the roles of the Board Chairperson and other members, is anticipated to be clarified by the Digital Personal Draft Rules. The Ministry of Electronics and Information Technology recently announced that any comments on the draft will be kept private.
According to the laws, a kid’s consent to create a social media account must be “verifiable.” Only then can personal data belonging to a child or person with a handicap be processed.
“A data fiduciary shall adopt appropriate technical and organizational measures to ensure that verifiable consent of the parent is obtained before the processing of any personal data of a child and shall observe due diligence, for checking that the individual identifying herself as the parent is an adult who is identifiable if required in connection with compliance with any law for the time being in force in India…,” the draft rules say.
The draft rules’ key features include increased consumer control over data, the ability for users to request that their data be deleted, the need for companies to be more open about their personal information, the right of consumers to enquire as to why their data is being collected, and a hefty fine of up to Rs 250 crore for breaches of data.
A seller offering goods or services for sale on a marketplace e-commerce entity as defined by the Consumer Protection Act, 2019 is not considered an “e-commerce entity,” according to the rules, which define an “e-commerce entity” as any individual who owns, operates, or manages a digital facility or platform for e-commerce.
“Online gaming intermediary” means any intermediary that enables the users of its computer resource to access one or more online games, and “social media intermediary” means an intermediary as defined in the Information Technology Act, 2000 (21 of 2000) who primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using her services.