Prime Minister Narendra Modi said on Tuesday that the Draft Digital Personal Data Protection Rules, 2025, align with India’s objective of citizen-focused governance by aiming to protect personal data while supporting economic growth and inclusivity.

In a post on X, the Prime Minister referred to Union Electronics and IT Minister Ashwini Vaishnaw’s explanation of the draft rules, which are designed to safeguard personal data and empower individuals.

Union Minister Vaishnaw said that the proposed rules position India as a leader in defining global data governance frameworks.

“Our approach is pragmatic and growth-focused. This ensures that citizens’ data is protected without hindering the innovation driving startups and businesses. Compliance requirements for small businesses and startups will also be reduced,” the Minister remarked.

He further referenced India’s vision of a “human-centric” future, an idea shared by Prime Minister Modi at the recent United Nations Summit of the Future.

“This vision is at the core of the Draft Digital Personal Data Protection Rules. Once finalised, these rules will implement the Digital Personal Data Protection Act, 2023, affirming our commitment to ensuring citizens’ right to data protection,” Vaishnaw added.

The rules aim to simplify processes and make it easier for all citizens to understand their rights, regardless of technical expertise.

The Ministry of Electronics and Information Technology published the draft rules for feedback on Friday, with input being accepted via the MyGov portal until February 18, 2025.

The Digital Personal Data Protection Act, passed in August 2023, mandates that data fiduciaries secure parental consent before processing children’s personal data. The rules specify that data fiduciaries must confirm parental identity through government-issued IDs or digital identity services like Digital Lockers.

This requirement seeks to enhance privacy protection for children using social media platforms, including Google, Facebook, WhatsApp, and X.

In case of a data breach, fiduciaries are required to promptly inform affected individuals in clear and straightforward terms.

The draft rules also outline restrictions for processing personal data outside India. Any transfer of such data must adhere to conditions specified by the government, particularly in cases involving foreign states or entities under their jurisdiction.

–IANS