India’s government has published draft rules for the Digital Personal Data Protection (DPDP) Act, empowering citizens with greater control over their data. The rules require companies to provide clear information on data processing, enabling informed consent. Citizens can demand data erasure, appoint digital nominees, and access user-friendly data management mechanisms.
Organizations face monetary penalties of up to ₹250 crore for misusing or failing to safeguard digital data. The draft rules propose safeguards for citizens’ data processed by government agencies, requiring lawful and transparent processing. The Ministry of Electronics and Information Technology is seeking public feedback on the draft regulations until February, 2025.
