Updated on 2022-11-21: Indian privacy regulation
The Indian government has published the long-awaited first public draft of its upcoming data privacy law—known as the Digital Personal Data Protection Bill. According to the law’s text, companies that operate in India and handle the personal data of Indian citizens must use clear and plain language to describe what data they collect and for what purpose. The new law includes many clauses similar to the EU GDPR, such as requiring companies to notify users about security breaches, and allowing users to delete their data from online services. Companies that fail to comply with this upcoming regulation risk some of the largest fines in the world for a privacy breach, fines of up to 500 crore rupees—up to $61 million. Read more: The Digital Personal Data Protection Bill, 2022
Overview
The Indian government published a draft version of the Digital Personal Protection Bill 2022 that aims to secure personal information and seek user consent for the various kinds of information collected. Read more: Digital Personal Data Protection Bill: New draft privacy law eases cross-border flow of data, hikes penalties for breach
