DPDP Consultants Privacyium Tech Pvt. Ltd. 4th floor, GM IT Park, Plot no 32-33, Sector 142, Noida, Uttar Pradesh 201305
Our Locations
Copyright 2024 © DPDP Consultants, A Privacyium Tech Pvt. Ltd. Company
Starting from August 11, 2023, companies gathering data on Indian citizens will be required to adhere to rigorous regulations aimed at safeguarding customer data.
The Digital Personal Data Protection Act (DPDPA) is poised to establish a fresh benchmark for upholding consumer data rights. This change will urge companies to establish and implement the necessary systems and processes for compliance.
Compliance will bring about certain challenges and set new security expectations for teams. The DPDPA adopts an expansive perspective on what qualifies as personal identification information. This means that companies must provide an equivalent level of protection for items such as an individual's IP address or cookie data, just as they do for more traditional personal details like name, address, and Aadhar/PAN number.
For instance, the DPDPA takes a comprehensive approach to defining personal identification information, necessitating the same level of protection for details like an individual's IP address or cookie data as traditionally required for name, address, and Aadhar/PAN numbers.
However, The DPDPA leaves much to interpretation. It requires companies to provide a level of personal data protection that's considered "reasonable." However, it doesn't lay out a specific definition for what qualifies as "reasonable." This leaves the DPDP Act governing board with a fair amount of flexibility when assessing fines for data breaches and non-compliance.