Hot
Video
Sports
Cricket
Entertainment
Technology
Health
Lifestyle
Auto
Business
Education
National
World
Politics
Travel
Food
Now you have full rights over your data! The rules of the digital world changed as soon as the DPDP Act came into force.
Samira Vishwas November 16, 2025 04:24 AM

Digital Data Protection India: Digital Personal Data Protection in India (DPDP) The rules of Act 2023 have now formally come into force. The Central Government has issued notification of the final rules under this law, after which a comprehensive Federal Digital Privacy Law has become effective for the first time in the country. The objective of this law is to strengthen the standards to data handling, storage and security, so that users can have complete control over their data. The new rules also impose strict responsibilities on digital platforms, government institutions and private companies.

Strictness on companies regarding personal data

Under the DPDP Act, any company will now have to obtain clear, simple and transparent consent before collecting personal data from the user.

  • Users will be able to withdraw their consent at any time and the Company must immediately acknowledge it.
  • Verifiable parental consent has been made mandatory for processing children’s data.

This is considered a major change to prevent misuse of data.

Strict security protocol: If data is leaked, report within 72 hours

It will now be mandatory for companies to implement advanced security measures such as data encryption, masking, security logs and monitoring.

  • In case of any data breach, companies will have to send a report to the users and the Data Protection Board within 72 hours.
  • Companies will be required to keep their security logs and traffic data safe for at least one year.

Users get big rights: facility to access, delete and track

Under the new rules, users will be able to access, correct, transfer, delete and track their data. If a user remains inactive for three years,

  • The company will give him 48 hours notice in advance and then it will be mandatory to delete his data.
  • This rule has been implemented to prevent unnecessary data storage.

Additional compliance burden on big tech companies

Platforms with more than 5 million users will now come under the category of Significant Data Fiduciary. They are required to conduct annual audits, impact assessments, and security reviews of their algorithms to ensure that their systems do not harm user rights. It will have the biggest impact on e-commerce, social media and gaming platforms. In case of sensitive data, restrictions may also be imposed on cross-border data transfer.

Phased implementation of rules

The government has given companies 12 to 18 months to comply with all the provisions.

  • Rules like consent, grievance redressal and purpose-limited data use have come into effect immediately.
  • Provisions to technical changes will be implemented gradually, so that companies can update their systems.

New policy on cross-border data transfer

As per the rules, data can be sent abroad, provided the government has not restricted that country. If the data is going to a foreign government or its controlled entity, companies will have to follow additional security guidelines.

New rule for deleting inactive user data

E-commerce, social media and online gaming platforms, which have 20 million and more than 5 million users respectively, will have to delete data of customers who have been inactive for three years. It is mandatory to send a notice to the user 48 hours before removal.

You might like
Does continuous dyeing cause Breast Cancer? What is the truth? Read on
DPDP Rules Mark Significant Milestone In India’s Ongoing Data Protection Journey Technology News
An invitation for cybercriminals or negligence on the part of companies? Satellite links are vulnerable, easily leaking government and personal data
Curry Matches Jordan’s Record, Drops 49 on Spurs
Who Is Carlos Alcaraz’s Girlfriend? Tennis Star Breaks Silence at ATP Finals
© Copyright @2025 LIDEA. All Rights Reserved.