How insurers can comply with IRDAI’s policy signing rules
Register
Close Icon
Home
>
Blog
>
DPDP Penalties

Penalties for non-compliance under DPDP Act 2023

March 12, 2024
Anahad Narain - Founder's Office at Leegality

Anahad Narain

Founder's Office

Penalties under the DPDP Act

Summary

  • Non-compliance with the DPDP Act can result in penalties ranging from ₹50 Crore to ₹250 Crore per violation
  • The Data Protection Board (DPB) serves as the primary authority for enforcing the DPDP Act, equipped with powers akin to a civil court
  • The DPB will operate digitally allowing for online complaint filing and adjudication
  • Penalties will be assessed based on several factors including the nature, duration and recurrence of violations.
  • To avoid hefty penalties, businesses must implement comprehensive compliance strategies particularly on managing user consents effectively

₹50 Crore to ₹250 Crore: that’s the cost of a misstep in complying with India’s new Digital Personal Data Protection Act (DPDP Act). These fines are applicable per instance of violation.

What are the Penalties under the DPDP Act?

Penalties for non-compliance under DPDP Act 2023 - illustration

Your business could be liable to pay ₹50 Crore for EACH violation including not collecting free explicit consent, not maintaining verifiable consent records, sharing data without consent, or failure to let users exercise DPDP rights.

Who will adjudicate DPDP violations?

Penalties for non-compliance under DPDP Act 2023 - illustration
The Data Protection Board has the authority to investigate, adjudicate, and impose sanctions including fines up to ₹250 crores.

The Data Protection Board (DPB) is the linchpin in the enforcement of the DPDP Act, handling disputes and grievances through a digital office model.

How will the Data Protection Board impose Penalties?

Penalties for non-compliance under DPDP Act 2023 - illustration
The immense powers of the DPB are established in the text of the DPDP law

Before filing a complaint with the board, users must first seek grievance redressal from the data fiduciary or its consent manager.

Penalties for non-compliance under DPDP Act 2023 - illustration

The most important step is to onboard a Consent Manager to effectively manage all your consent obligations.

Download Blog as PDF
Content

Related articles

Legal Explainer
February 19, 2024
Digital Personal Data Protection Act Applicability
Anahad Narain - Founder's Office at Leegality

Anahad Narain

5
min read
Legal Explainer
February 8, 2024
Exemptions under the DPDP Act?
Anahad Narain - Founder's Office at Leegality

Anahad Narain

8
min read
Legal Explainer
December 5, 2023
What is DPDP Act in India?
Anahad Narain - Founder's Office at Leegality

Anahad Narain

4
min read

Sign up for a demo and early trial access

Customized Demo for every use case
Deep dive into your unique needs and compliance challenges
Free access to testing account
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.