IT Ministry Receives Nearly 7,000 Comments on Draft Data Protection Rules

Public Consultations in Full Swing

The Ministry explained that the large number of responses reflects the government’s wide-ranging discussions on the draft. These included written submissions, as well as meetings with state governments, private companies, and other stakeholders. The Ministry decided not to make these comments public so contributors can share their views freely and honestly.

Rules Still Await Notification

The government cannot enforce the Digital Personal Data Protection Act, 2023, until it officially notifies the related rule. The government had earlier indicated a quick timeline, but it has now been over seven months with no final rules in place. A senior official had earlier mentioned that the draft is unlikely to undergo major changes.

Trade Talks May Be Causing Delay

Ongoing trade discussions between India and the United States, focused on improving the business environment for tech companies, may have caused the delay in finalising the rules. Earlier this month, a senior IT Ministry official refused to explain the delay or say when the rules would be finalised.

What the Rules Cover

The new rules are part of a law that aims to protect people’s personal data. They introduce measures like consent managers, who will help individuals control which companies have access to their data. The law also includes penalties for companies that fail to keep data safe. However, government departments are given certain exceptions under the law.

Mixed Reactions

Privacy advocates are hopeful that the new rules will bring more accountability, especially after frequent data breaches in recent years. On the other hand, media groups and transparency activists have raised concerns. They point out that the law makes changes to the Right to Information Act, 2005, and doesn’t offer protections for journalists or news reporting.

Also read: DAU Unveils Executive Programme on Data Privacy and AI