DPDP Rules: Shaping the Future of Data Privacy
The Digital Personal Data Protection (DPDP) rules impose rigorous timelines and security measures on companies managing personal data. The rules demand prompt breach notifications, mandatory data retention periods, and periodic impact assessments. It also outlines procedures for obtaining consent and mandates audits to ensure data privacy.
- Country:
- India
The newly introduced Digital Personal Data Protection (DPDP) rules have set stringent guidelines for companies managing personal data. These rules establish clear timelines for actions like breach notifications and data erasures, alongside requiring significant entities to conduct impact assessments and audits annually.
E-commerce platforms, online gaming firms, and social media giants must adhere to a three-year data retention policy post-user inactivity, while data protection inquiries by the Data Protection Board must be concluded within six months unless an extension is deemed necessary.
For data breaches, companies are required to inform both users and the Data Protection Board promptly. Furthermore, verifiable parental consent is essential before processing children's data, ensuring robust privacy protection in today's digital age.
(With inputs from agencies.)
ALSO READ
Indore traffic cop 'dances' his way down to constable's post for social media 'indiscipline'
Modi ally proposes social media ban for India's teens as global debate grows
SRCC rejects 'caste discrimination' claims made on social media, money exchange between students
Karnataka: Two arrested over hate-inducing social media posts
Delhi riots case: Court grants interim bail to Khalid Saifi, bars him from using social media
Google News