It has been a couple of months since the enactment of the Digital Personal Data Protection Act, 2023 (DPDPA), and the compliance deadline for business is expected to be announced very soon (along with the rules which are expected to provide better insight on the manner of compliance with the provisions of the DPDPA). This interim timeframe provides a good opportunity for businesses to make suitable changes to their data processing protocols and measures to ensure that they’re not caught off guard in the event a short timeline is announced to comply with the requirements under the statute.
All businesses should ideally start taking the following steps (after consultation with a legal counsel and information security experts):
Deploy administrative and technical mechanisms to report data breaches to the Data Protection Board of India as well as the affected Data Principals, prepare for independent data audits, etc.
It has been reported that the Data Security Council of India (DSCI) will be introducing a ‘data protection seal’ (DPS) for organizationsView More
The Reserve Bank of India (“RBI”) on January 15, 2024, released a draft framework (“Framework”) that outlines the broad responsibilities, functions, governance as well as the eligibility criteria for the purpose of setting up a self-regulatory organization in fintech companies (“SRO-FT”)View More
The Enforcement Directorate (“ED”) after registering a case under Prevention of Money Laundering Act, 2002 (“PMLA”) back in February 2022 and duly conducting the primary investigation alleged in July 2023 that INR 62,476 Crore was illegally transferred by VivoView More
Delhi (Head Office)
Plot No. 66, LGF, #TheHub, Okhla Phase III, Okhla Industrial Estate, New Delhi 110020, India.