Here's what top CFOs are betting
on to avoid GST notices:
Here's what top CFOs are betting on to avoid GST notices:
Book a demo to find out!
Index

Digital Personal Data Protection Bill 2023: DPDP Act Summary, Highlights & Key Points

By Annapoorna

|

Updated on: Jun 26th, 2024

|

2 min read

With the immense growth of digitisation, how safe is your personal information? The Digital Personal Data Protection Act 2023 (DPDPA) marks a significant step in India’s journey towards securing individual privacy.

This blog simplifies the core aspects of the Act, focusing on the responsibilities it places on data managers, the rights it grants individuals, government exceptions, and the formation of a governing board to oversee compliance.

What is the Digital Personal Data Protection Act 2023?

The Digital Personal Data Protection Act 2023 deals with managing information that identifies individuals used by businesses and government bodies to offer products and services. 

This information helps tailor advertising, personalise services, and recommend items, enhancing user experience. 

However, unregulated use of personal data can infringe on privacy, a fundamental right, leading to negative outcomes such as financial loss, reputation damage, or unjust profiling.

Digital Personal Data Protection Act 2023 summary and highlights

The Digital Personal Data Protection Act (DPDPA) is designed to protect personal information by creating strong guidelines for controlling and processing it, guaranteeing privacy rights, ensuring data integrity, and governing data transfers. The legislation emphasises the responsible handling of personal data, particularly for vulnerable groups like children, and mandates compliance measures, including data audits and the appointment of Data Protection Officers. It also provides for rights such as the nomination of representatives to uphold the interests of Data Principals.

Features of the Digital Personal Data Protection Act 2023

The Digital Personal Data Protection Act 2023 simplifies how personal data is managed online, focusing on:

  • Applicability: It affects any personal information managed digitally in India or for Indian entities overseas, emphasising identifiable data and its usage, including collection, storage, and sharing.
  • Consent Requirement: Users must agree before their data is used, with clear communication about the data's purpose. Withdrawal of consent is possible, with exceptions for emergencies or governmental needs.
  • Individuals' Privileges: Users can inquire about their data usage, correct inaccuracies, or request deletion. Misuse or false identity claims can lead to fines.
  • Responsibilities of Data Managers: Those in control of data must ensure accuracy. It is also important to protect it from unauthorised access and report breaches. Finally, the data has to be deleted when it is no longer needed.
  • Sending Data Abroad: When there are exception circumstances, the state has the authority to transfer data to any other country. 
  • Exceptions: There are instances where standard procedures may not be followed; for example, during criminal investigations or legal proceedings. Additionally, government agencies may also exempt themselves from compliance or grant waivers for research purposes.
  • Data Protection Board: This board enforces these regulations, punishes offenders, assists in resolving violations and deals with complaints. Members of this board shall serve a two-year term.
  • Fines: If rules are broken, fines can be huge, up to Rs.250 crore for not protecting data properly.

Exemptions under the Digital Personal Data Protection Act 2023

The Digital Personal Data Protection Act 2023 provides several key exemptions, summarised as follows:

  • Enforcement of legal rights or claims: Data fiduciaries are exempted from certain responsibilities where processing is necessary to enforce a right or manage claims under law.
  • Judicial and Quasi-Judicial Functions: Any processing of data by any Indian court, tribunal or other judicial or quasi-judicial body so authorised, for the discharge of its functions is exempted.
  • Prevention and Investigation of Crime: Where processing is essential for the prevention, detection, investigation or prosecution of any offence under any law or regulation it shall be exempted from certain restrictions.
  • International Contracts: An agency based within India may process personal information which is necessary for the performance of a contract between itself (or any other person on behalf) situated outside India where such contractual obligations have been entered into with regard to individuals who are located overseas.
  • Corporate Changes: When processing is necessary for executing a merger, amalgamation, or similar corporate restructuring approved by a court or other competent authority, it falls under the exemptions.

Pros and cons of the Digital Personal Data Protection Act 2023

Here are the advantages and disadvantages of this act for a better understanding: 

Pros:

  • Enhanced Privacy Protection: This law ensures people agree before their data is used and gives them control over their information.
  • Clarity for Businesses: It gives businesses clear rules on how to use personal data, helping them avoid confusion and encouraging them to follow the law.
  • Global Alignment: This law matches worldwide data protection rules, making it easier for India to do business globally.
  • Rights for Individuals: People get more power over their data, like being able to fix mistakes or delete them, giving them more control.

Cons:

  • Costs of Compliance: The financial and administrative requirements brought by the new rules may hamper small businesses’ day-to-day activities.
  • Concerns about independence: When the government appoints members of the Data Protection Board, it may be seen as interfering with its impartiality in decision-making.
  • Efficiency of enforcement: No one has seen how effective fines are according to this act brought into play practically, also, whether penalties are imposed evenly or not, they have not yet been shown.

Frequently Asked Questions

What is the Digital Personal Data Protection Act 2023?

The law aims to protect the­ privacy of people in India by giving rules for how pe­rsonal information should be used. The act says how companie­s and others must handle data.

Is the Digital Personal Data Protection Bill 2023 passed?

Yes, it was adopted in 2023.

What is the summary of the Digital Personal Data Protection Act 2023?

This act establishes a system for dealing with personal data that is securely applicable to commercial organisations and government bodies.

What are the salient features of the Digital Personal Data Protection Act 2023?

Some important aspects are that data usage requires permission, individuals have rights over their own data and certain allowances are given on government use, among others.

What are the key highlights of the Digital Personal Data Protection Act 2023?

Prominent parts include stronger privacy measures, rules on sending out data from India and creating a Data Protection Board, among others.

What are the benefits of enacting Digital Personal Data Protection Act, 2023?

It ensures private life for people and gives companies clear instructions on how they can use information while also conforming with international standards about safeguarding data.

What are the effects of the Digital Personal Data Protection Act 2023?

The legislation sets out to make data more secure, improve faith in internet services, and demand that those handling data follow stricter rules on its use.

About the Author

I preach the words, “Learning never exhausts the mind.” An aspiring CA and a passionate content writer having 4+ years of hands-on experience in deciphering jargon in Indian GST, Income Tax, off late also into the much larger Indian finance ecosystem, I love curating content in various forms to the interest of tax professionals, and enterprises, both big and small. While not writing, you can catch me singing Shāstriya Sangeetha and tuning my violin ;). Read more

Clear offers taxation & financial solutions to individuals, businesses, organizations & chartered accountants in India. Clear serves 1.5+ Million happy customers, 20000+ CAs & tax experts & 10000+ businesses across India.

Efiling Income Tax Returns(ITR) is made easy with Clear platform. Just upload your form 16, claim your deductions and get your acknowledgment number online. You can efile income tax return on your income from salary, house property, capital gains, business & profession and income from other sources. Further you can also file TDS returns, generate Form-16, use our Tax Calculator software, claim HRA, check refund status and generate rent receipts for Income Tax Filing.

CAs, experts and businesses can get GST ready with Clear GST software & certification course. Our GST Software helps CAs, tax experts & business to manage returns & invoices in an easy manner. Our Goods & Services Tax course includes tutorial videos, guides and expert assistance to help you in mastering Goods and Services Tax. Clear can also help you in getting your business registered for Goods & Services Tax Law.

Save taxes with Clear by investing in tax saving mutual funds (ELSS) online. Our experts suggest the best funds and you can get high returns by investing directly or through SIP. Download Black by ClearTax App to file returns from your mobile phone.

Cleartax is a product by Defmacro Software Pvt. Ltd.

Company PolicyTerms of use

ISO

ISO 27001

Data Center

SSL

SSL Certified Site

128-bit encryption