MeitY organises meeting on Draft Digital Personal Data Protection Rules, 2025
Trust and Principle based approach central to Digital Personal Data Protection
framework and let the law and rules evolve: Ashwini Vaishnaw
Union Minister emphasises that it is essential to consider the Digital Personal
Data Protection Act, 2023, and the Draft Rules, 2025, in conjunction
The Ministry
of Electronics and Information Technology organised a consultation meeting with
government officials and industry on the Draft Digital Personal Data Protection
(DPDP) Rules, 2025, offering a unique opportunity to contribute to India's data
protection framework ahead of the public feedback deadline of February 18,
2025. The consultation was chaired by Ashwini Vaishnaw, Hon’ble Minister of
Electronics and Information Technology, Railways, and Information &
Broadcasting.
Industry leaders and policymakers deliberate on rules
The session brought together over 200 participants,
including key government officials from various ministries, industry leaders,
legal experts, and policymakers, to deliberate on the rules designed to support
the implementation of the Digital Personal Data Protection Act, 2023. The
consultation attracted representatives from various sectors such as technology,
consulting, MSMEs, banking, and finance. Some notable organizations in
attendance included DSCI, NPCI, PwC, Apple, Microsoft, Snapchat, Accenture,
Zomato, Deloitte, KPMG, PhonePe, OpenAI, and others.
Trust-Based, Evolving Data Protection framework
Speaking at the event, Ashwini Vaishnaw, Hon’ble Minister
for Electronics and Information Technology, Railways and Information &
Broadcasting underlined the government’s approach to the Digital Personal Data
Protection framework and said “ The
objective that we had set for ourselves is to keep it simple, be
principle-based rather than prescriptive, and let the law and rules evolve
rather than casting everything in stone, trust-based approach rather than a
cynical one”. Hon’ble MEIT, Ashwini Vaishnaw also highlighted the
importance of understanding the full scope of the framework, stressing that to
gain a clear understanding of the framework for safeguarding personal data, it
is essential to consider the Digital Personal Data Protection Act, 2023, and
the Draft Rules, 2025, in conjunction.
The consultation session commenced with a presentation
given by Bhuvnesh Kumar, Additional Secretary, Ministry of Electronics and
Information Technology, outlining the key elements of the Draft Digital Personal
Data Protection (DPDP) Rules, 2025.
Striking a balance between innovation and regulation
S Krishnan, Secretary, MeitY, emphasised upon the
importance of fostering open and candid discussions. He highlighted the
provision for submitting feedback through the MyGov portal, enabling
participants to share their views anonymously, ensuring a broad spectrum of
inputs. "We are here to listen and
fine-tune any aspects that require further attention. Data protection is an
issue that affects all of us, and it must be addressed inclusively and
thoughtfully. More such sessions would be held soon." he stated
This Act and rules framework aim to strike the right
balance between innovation and regulation, fostering a strong innovation
culture while protecting the rights of citizens. He also mentioned that the
digital infrastructure required for implementing the framework is being
finalized.
Comprehensive feedback to shape final DPDP Rules
The consultation session invited feedback, comments, and
inputs from various sectors covering key topics, including consent management,
data principal rights, compliance frameworks, and mechanisms for cross-border
data transfers, along with topics related to notices, consent, reasonable
security safeguards, children's data, and breach reporting. The feedback
gathered during the session will be incorporated into the final rules.
This consultation reaffirms the government’s commitment
to fostering public-private collaboration for the effective implementation of
the Digital Personal Data Protection Act, 2023, and ensuring seamless
adaptation of India’s digital economy to global standards of data protection.
Such industry contributions are expected to play a vital
role in refining the rules, ensuring they meet the evolving needs of India’s digital
economy while safeguarding the rights of data principals.