In August this year, India replaced its set of data security rules with a new Digital Personal Data Protection Act, 2023 ("DPDP"). The regulatory framework governing data protection in India was archaic, with laws primarily outlining basic data security requirements.
In a rapidly changing digital economy, the DPDP has been positioned to fill a vital gap in the data protection regime in India. The DPDP calls for compliance in the collection and processing of personal data, towards specific lawful purposes. Data Fiduciaries, who determine 'the purpose and means of processing of personal data', have been tasked with several obligations towards protecting individuals' personal data, failing which would risk steep penalties. The obligations also extend towards the protection of processing of children's data and the prevention of behavioural tracking and targeted advertising. The Act also has extra-territorial application, and allows the Government the power to restrict cross-border transfers by way of notification.
Although much is left to be seen with the eventual introduction of rules and regulations, the Act in its present state could lead to some interesting repercussions for Indian and foreign businesses.
In this Webinar, BTG Advaya will aim to present:
1. A Primer on the new DPDP Act, 2023: What's in it and what to expect?
2. Sector spotlight: What is the impact on your business:
- Outsourcing
- Industrials and Chemicals
- Financial Services and Insurance
- Consumer Products
- Electronics Systems
- Automotives
3. How does this law compare to GDPR? Benchmarking the DPDP against GDPR
4. Round-up: Identifying key steps to comply with the DPDP
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
