India Seeks Public Feedback for Finalizing Digital Personal Data Protection

Published Date : 7/29/2025 

The Indian government has received thousands of comments from the public and stakeholders to refine the Digital Personal Data Protection Rules 2025, aimed at ensuring a safe and accountable cyberspace. 

The Indian government has announced that it received 6,915 comments from members of the public and stakeholders as it works to finalize the country’s Digital Personal Data Protection Rules 2025. These draft rules, once approved, will make the Digital Personal Data Protection Act (DPDPA) operational. India put in place the legislation through presidential assent in 2023, but it has not been fully operationalized. A webinar in 2021 had proposed how the legislation should be operationalized.

In total, the government says it received the inputs after the proposed rules were published for consultation early this year. Efforts to put in place rules that will activate the country’s data protection legislation are aimed at “ensuring a safe, trusted, and accountable cyberspace for all users.”

The government also outlines activities and actions which it has carried out in line with its IT strategy. These include trainings on digital security, including 3,637 workshops, public awareness campaigns, and the dissemination of relevant educational resources. Other measures, as explained by the government, include the putting in place of various structures and institutional coordination personnel to effectively handle issues related to national cybersecurity.

The government states that the data protection Act is a “comprehensive data privacy law to regulate the processing of digital personal data,” and it “balances the rights of individuals to protect their personal data with the need for lawful data processing.” As explained in January, the government said the draft data protection rules, which were drafted following an inclusive and consultative process, “are designed to empower citizens in a rapidly growing digital economy” and they “seek to protect citizens’ rights in accordance with the DPDP Act, while achieving the right balance between regulation and innovation, so that the benefits of India’s growing innovation ecosystem are available to all citizens and India’s digital economy.”

The rules’ key provisions address issues around informed consent, user rights, and parental controls. The government has promised to carry out a series of awareness campaigns in order to educate citizens on their rights and responsibilities under the new legal framework. Some experts have found flaws in the Act on issues related to parental control and age verification. 

Frequently Asked Questions (FAQS): 

Q: What is the Digital Personal Data Protection Act (DPDPA)?

A: The Digital Personal Data Protection Act (DPDPA) is a comprehensive data privacy law in India designed to regulate the processing of digital personal data. It aims to balance the rights of individuals to protect their personal data with the need for lawful data processing.

Q: Why is public feedback important for the DPDPA rules?

A: Public feedback is crucial for refining the Digital Personal Data Protection Rules to ensure they are effective and address the concerns of all stakeholders. It helps in creating a more inclusive and robust legal framework.

Q: What are the key provisions of the draft rules?

A: The key provisions of the draft rules address issues around informed consent, user rights, and parental controls. They aim to protect citizens' rights and promote a safe and trusted digital environment.

Q: How is the government raising awareness about the DPDPA?

A: The government is conducting a series of awareness campaigns to educate citizens on their rights and responsibilities under the new legal framework. This includes public awareness campaigns, workshops, and the dissemination of educational resources.

Q: What are some of the criticisms of the DPDPA?

A: Some experts have found flaws in the Act, particularly on issues related to parental control and age verification. These criticisms highlight areas where the Act may need further refinement to ensure it effectively protects all users. 

More Related Topics :