- By Ashish Singh
- Wed, 20 Sep 2023 06:07 PM (IST)
- Source:JND
Rajeev Chandrasekhar, Minister of State for Electronics and IT, announced on Wednesday that certain entities including Google, Meta and more may be granted a one-year transition period to fine-tune their systems in order to comply with India's Digital Personal Data Protection Act, 2023.
Chandrasekhar emphasised the importance of accommodating enterprises like as startups, MSMEs, and hospitals that handle sensitive personal data during the inaugural 'Digital India Dialogue' discussions with key industry players on the recently implemented Data Protection Act. He stated that these organisations, which may lack the experience of larger data advisors, may need more time to grasp and comply with the new standards.
READ: Digital Personal Data Protection Bill 2023 Passed In Lok Sabha; All You Need To Know
"The primary goal of this law is to ensure the trust and safety of all digital citizens," said Minister Chandrasekhar. He also stated that the administration is willing to hear valid justifications for extending the compliance period if they are supported by compelling reasons.
The minister also stated that the Act's required rules would be specified within the following 30 days. In addition, preparations to establish the Data Protection Board, a critical entity for safeguarding data privacy, will begin within the next month.
A varied range of stakeholders from the technology ecosystem participated in the discussions, including industry associations, startups, IT professionals, think tanks, and legal experts. Industry executives have praised the Digital Personal Data Protection Act, underlining its importance in protecting individuals' digital privacy rights as India rapidly digitises.
READ: Data Protection Bill 2023: Entities Can Be Fined Upto Rs 250 Crore For Breaching Privacy
The Act includes provisions for severe penalties ranging from Rs 50 crore to Rs 250 crore for social media platforms found to be in violation of the guidelines. It strives to promote responsible expansion of digital markets while protecting citizens' data. The Act would govern the handling of digital personal data in India, whether obtained online or offline and then digitised. It will also apply to such processing that takes place outside the country if it includes the provision of goods or services to Indian people.
After fulfilling that objective, the holders of data will be required to ensure data accuracy, security, and erasure. Furthermore, the Act offers individuals specific rights, such as the ability to access information, seek data correction and erasure, and seek redress of grievances. Companies are required to hire a Data Protection Officer and provide their contact information to users.