CIOInsider India Magazine
The Government Announces Data Protection Regulations
The Ministry of Electronics and IT (MeitY) announced the long-anticipated data protection regulations, setting the stage for India to establish an operative privacy law, eight years after the Supreme Court declared it a fundamental right.
The announcement of the regulations arrives more than two years after the Digital Personal Data Protection Act was approved by the President in August 2023.
Though the law is now in effect, only certain sections are currently active, since some key protections for citizens will require a longer period – spanning twelve to eighteen months – for implementation.
For example, the obligation for organizations to obtain informed consent from users prior to handling their personal data, to utilize their personal data solely for designated legitimate purposes, and to inform users about data breaches will only be implemented after a period of eighteen months.
Also Read: The Quantum Computing Age is Upon US Sooner than Expected
The government has announced that the data protection board will consist of four members and that its headquarters will be situated in New Delhi
Also Read: WAVES Summit 2025: Paving Way for Tech Pluralism
The government has announced that the data protection board will consist of four members and that its headquarters will be situated in New Delhi. A draft of the data protection regulations was released in January of this year.
Also Read: AI Appreciation Day: From Innovation to Transformation
The Digital Personal Data Protection Rules, 2025, state that the Central Government will identify the categories of personal data that “significant data fiduciaries” are allowed to process, with the condition that such personal data and related traffic data must not be exported outside India. A committee established by the government will assess this information.
