Why Not?..a series of questions on Rules to DPDPA?

(Continued from Previous Article)

The MeitY is now trying to finalize the rules under DPDPA 2023. From the indications now available, the ministry is trying to release a complete set of 25/26 rules rolled into one notification.

In the last couple of days we have discussed Why Not the Consent Manager under DPDPA be different from Consent Manager under DEPA.

Similar Why Not? questions will be raised in this series of articles so that some thoughts can be implanted in the minds of the rule makers so that they may consider them in the draft rules to be released for public comments or enable a discussion on the same.

It is noted that the MeitY is under closed door discussion with industry so that there is a prior approval of the rules from them.

It is noted that the “Data Sovereignty” principle of Cross Border restriction on data transfer which was present in the earlier drafts has been diluted. Similarly Section 9(5) was perhaps introduced at the behest of FaceBook that the restrictions on parental consent should be relaxed for children below the age of 18 upto the age of 12/13.

Now the delay in the issue of rules is perhaps influeced by the fact that there is no consensus on some of the aspects of the rules..

Hence we are trying to put up some suggestions in the “Why Not Series” so that a record is created that these issues were raised whether they are accepted or not.

The discussion on “Why Not the Consent Manager under DPDPA be different from the Consent Manager under Account aggregator/DEPA scheme was also in this direction.

We shall raise more such “Why Not” questions in the next days till the rules are finally notified after public debate.

I invite professionals to actively participate in this debate. Some of the good practices that come forth here would be also incorporated in the DGPSI implementation recommendations so that the DGPSI framework becomes “A Voice of the Data Protection Professionals”.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.