Sign In
Learn bits
Polity & Governance
Mahesh

17/01/25 09:13 AM IST

Draft data protection rules

In News
  • The Ministry of Electronics and Information Technology released the the draft rules for implementing the Digital Personal Data Protection (DPDP) Act, 2023.
Data Localisation
  • The draft rules introduce a data localisation mandate that extends beyond the original scope of the legislation.
  • Data localisation refers to measures that restrict the flow of data within a jurisdiction’s borders.
  • While the DPDP Act permits the government to limit personal data transfers, it confines such restrictions to specific notified countries.
  • In contrast, the rules propose the creation of a government-appointed committee to define which classes of data cannot be exported from India.
  • This mandate will apply to significant data fiduciaries (SDFs), as designated by the government based on the volume and sensitivity of the personal data they process.
  • Major tech companies, such as Meta, Google, Apple, Microsoft, and Amazon, are expected to fall within this classification.
  • The localisation provision likely stems from the challenges law enforcement agencies face in accessing cross-border data during investigations.
  • In 2018, the Reserve Bank of India implemented a similar mandate, requiring payment data operators to localise their data within the country. Currently, financial, payment, and insurance data must be stored domestically, with copies of payment data allowed overseas solely to facilitate international transactions.
Section 36 of the DPDP act
  • Section 36 of the DPDP Act, read in conjunction with Rule 22, empowers the Union government, through the designated authorised person, to demand “any” information from a data fiduciary or intermediary (entities processing personal data) in the interest of India’s sovereignty, integrity, or national security.
  • Experts have cautioned that such sweeping discretionary powers are susceptible to misuse, potentially enabling surveillance or the suppression of dissent.
  • Additionally, these provisions could compel social media intermediaries to compromise end-to-end encryption of messages—a concern raised by Meta-owned WhatsApp last year in its challenge to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.
  • Rule 22 further prohibits companies from disclosing information about such government demands if doing so could “prejudicially affect the sovereignty and integrity of India or the security of the State.”
Source- The Hindu

More Related Current Affairs View All

17 Jan

Groundwater contamination in India

'Of the 15,239 groundwater samples collected from across the country for testing, 19.8% samples had nitrates — nitrogenous compounds — above safe limits though it must

Read More

16 Jan

INS Surat, INS Nilgiri and INS Vaghsheer commissioned

'PM Modi dedicated three frontline naval combatants to the nation on their commissioning.' The naval combatants – INS Surat, INS Nilgiri and INS Vaghsheer --were commissio

Read More

15 Jan

Meta shutting down fact-checkers

'Meta CEO Mark Zuckerberg said the company will get rid of fact-checkers and simplify content policies by removing restrictions on topics as it is “out of touch with mainstre

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps