How insurers can comply with IRDAI’s policy signing rules
Register
Close Icon
Home
>
Blog
>
Data Regulation Journey

Why is DPDP Act 2023 needed

November 17, 2023
Anahad Narain - Founder's Office at Leegality

Anahad Narain

Founder's Office

Why is DPDP Act 2023 needed

Summary

  • In this article we trace the history of data protection regulation leading up to the Digital Personal Data Protection Act.
  • The previous regulatory approach was ineffective compared to the extensive obligations under the new law.
  • Now individuals are owners of their data and are highly empowered.
  • Businesses must obtain user consent for processing personal data.
  • This is a never seen before regulatory approach with penalties and obligations higher than ever.

The new age of data protection in India

For more than two decades of the internet, India has moved at breakneck speed to go digital without the compass of a data protection law. With the Digital Personal Data Protection (DPDP) Act, a lot is about to change.

Data Protection under the old regime

Until now, there was no law or authority to regulate personal data and privacy in India. User data has been available at little cost and no liability.

Why is DPDP Act 2023 needed - illustration
Personal Data has been a low hanging fruit for Indian businesses

Aadhar and the first echoes of Data Protection

Aadhar and personal data of Indian citizens has been leaked repeatedly. These concerns led to the Supreme Court's privacy judgement and ultimately to the Digital Personal Data Protection Act becoming law on 11 August 2023.

Why is DPDP Act 2023 needed - illustration
DPDP Timeline

Putting the onus of Data Protection on businesses

The DPDP Act puts compliance obligations entirely on businesses (Data Fiduciaries), not data processors.

Why is DPDP Act 2023 needed - illustration
All obligations and liability for breaching the DPDP Act are on Businesses (Data Fiduciaries)

Under the DPDP landscape, data fiduciaries cannot simply pass the buck to data processors through indemnity clauses. Consent Managers emerge as the custodians of consent, easing the task of managing user preferences for Data Fiduciaries.

Download Blog as PDF
Content

Related articles

Sector Reckoner
November 6, 2023
DPDP Act impact on Banking, Financial Services & Insurance
Anahad Narain - Founder's Office at Leegality

Anahad Narain

4
min read
Sector Reckoner
November 3, 2023
How will the DPDP Act impact Telemarketing?
Pushkal Dubey - Head of Consent Infrastructure at Leegality

Pushkal Dubey

10
min read
Legal Explainer
December 5, 2023
What is DPDP Act in India?
Anahad Narain - Founder's Office at Leegality

Anahad Narain

4
min read

Sign up for a demo and early trial access

Customized Demo for every use case
Deep dive into your unique needs and compliance challenges
Free access to testing account
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.