Sign In
Learn bits
Polity & Governance
Mahesh

17/01/25 09:13 AM IST

Draft data protection rules

In News
  • The Ministry of Electronics and Information Technology released the the draft rules for implementing the Digital Personal Data Protection (DPDP) Act, 2023.
Data Localisation
  • The draft rules introduce a data localisation mandate that extends beyond the original scope of the legislation.
  • Data localisation refers to measures that restrict the flow of data within a jurisdiction’s borders.
  • While the DPDP Act permits the government to limit personal data transfers, it confines such restrictions to specific notified countries.
  • In contrast, the rules propose the creation of a government-appointed committee to define which classes of data cannot be exported from India.
  • This mandate will apply to significant data fiduciaries (SDFs), as designated by the government based on the volume and sensitivity of the personal data they process.
  • Major tech companies, such as Meta, Google, Apple, Microsoft, and Amazon, are expected to fall within this classification.
  • The localisation provision likely stems from the challenges law enforcement agencies face in accessing cross-border data during investigations.
  • In 2018, the Reserve Bank of India implemented a similar mandate, requiring payment data operators to localise their data within the country. Currently, financial, payment, and insurance data must be stored domestically, with copies of payment data allowed overseas solely to facilitate international transactions.
Section 36 of the DPDP act
  • Section 36 of the DPDP Act, read in conjunction with Rule 22, empowers the Union government, through the designated authorised person, to demand “any” information from a data fiduciary or intermediary (entities processing personal data) in the interest of India’s sovereignty, integrity, or national security.
  • Experts have cautioned that such sweeping discretionary powers are susceptible to misuse, potentially enabling surveillance or the suppression of dissent.
  • Additionally, these provisions could compel social media intermediaries to compromise end-to-end encryption of messages—a concern raised by Meta-owned WhatsApp last year in its challenge to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.
  • Rule 22 further prohibits companies from disclosing information about such government demands if doing so could “prejudicially affect the sovereignty and integrity of India or the security of the State.”
Source- The Hindu

More Related Current Affairs View All

18 Aug

Impact of Ethanol Blending

'E20 petrol, which contains 20% ethanol and is being sold by Indian oil refiners, has been much in the news lately. ' India has achieved its target to blend 20% ethanol per litr

Read More

18 Aug

Uttar Pradesh govt want to take over the 150-year old Krishna shrine

'The Banke Bihari Temple Trust Bill, 2025 was introduced in the Uttar Pradesh Assembly recently.' The Bill allows the formation of a board of government-appointed trustees, incl

Read More

18 Aug

Uttarakhand’s Bill against forced religious conversion

'The Uttarakhand Cabinet approved making the legal provisions against forced religious conversion more stringent in the state, including by raising the duration of jail sentences a

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps