An Act to provide for the processing of digital personal data in a manner that recognises both the right of individuals to protect their personal data and the need to process such personal data for lawful purposes and for matters connected therewith or incidental thereto.
Name in original language
The Digital Personal Data Protection Act
Initiative overview
Objectives:Protection of Personal Data: To safeguard the personal data of individuals from unauthorized access, use, disclosure, disruption, modification, or destruction.Privacy Rights: To grant individuals certain rights over their personal data, such as the right to access, correct, and delete their data.Regulating Data Processing: To set guidelines and standards for how personal data can be collected, processed, and stored by entities, including consent requirements.Data Localization: Such laws often include provisions about data localization, which mandate storing certain types of data within the country.Compliance and Penalties: To establish compliance requirements for businesses and organizations handling personal data, and to set penalties for violations of the law.Cross-Border Data Transfer: To regulate the conditions under which personal data can be transferred outside the country.Data Protection Authority: To establish a regulatory authority responsible for the enforcement of the law.Promote Trust in Digital Services: By ensuring data privacy and security, such laws aim to increase public trust in digital services.
Name of responsible organisation (in English)
Ministry of Electronics and Information Technology (MeitY)
