DPDPA Rules Enhance Data Transparency

In a significant development for digital data protection in India, The Union Ministry of Electronics and Information Technology (MeitY) is set to enhance online safety and transparency with new data protection rules under the Digital Personal Data Protection Act. 

These upcoming regulations focus on verifying children’s age for online services, introducing rigorous data breach notification protocols for tech companies, and imposing substantial penalties for #non-compliance. This move signifies a major step towards strengthening digital security and safeguarding personal data in the digital era.


  1. Child Safety Online: Implementation of Aadhaar-based systems or electronic tokens for verifying children’s ages, ensuring online platforms gather verifiable parental consent for users under 18.
  2. Data Breach Notifications: Introduction of a two-stage notification process, requiring immediate notification of data breaches, followed by detailed information within 72 hours.
  3. Hefty Penalties: Non-compliance with data protection measures could lead to penalties as high as Rs 250 crore, underlining the importance of robust data security measures.
  4. Government Transparency: Mandatory notifications by government institutions when using citizens’ personal data for welfare services and subsidies.
  5. Upcoming Consultations: MeitY to hold a consultation with industry stakeholders on December 19 to discuss the operationalization of these rules.

Navigating the New Frontier of DPDPA: Protecting Children’s Data in the Digital Age

As a data-driven company, we understand the immense value and responsibility that comes with handling personal information. This is especially true when it comes to the data of children, who are more vulnerable to online risks and require additional safeguards. The upcoming data protection rules in India, with their proposals for Aadhaar-based age verification and parental consent, offer a much-needed framework for protecting children in the digital landscape.

Age Verification: Balancing Security and Privacy

The proposed use of Aadhaar for age verification presents a potential solution to the long-standing challenge of age-gating. By obtaining a simple “yes/no” response from the Aadhaar database, platforms can ensure compliance with parental consent requirements without exposing sensitive data. This approach protects children while minimizing privacy concerns, as platforms will not receive any identifiable information about users.

However, it’s crucial to ensure that this system is secure and transparent. Robust data security measures must be implemented to prevent unauthorized access or manipulation of the Aadhaar database. Additionally, clear communication channels should be established to inform parents about how their children’s data is being used and protected.

Parental Consent: Empowering Guardians

The requirement for verifiable parental consent is another positive step towards safeguarding children’s online experiences. Parents should be given the tools and resources they need to make informed decisions about their children’s digital engagement. This includes access to educational materials on online safety, guidance on setting appropriate privacy settings, and mechanisms to easily grant or revoke consent.

Industry Collaboration: Finding the Right Balance

As stakeholders in the data ecosystem, we have a responsibility to collaborate with the government and other industry players to develop practical and effective solutions for child data protection. We support the exploration of both the DigiLocker app integration and the industry-developed electronic token system. Ultimately, the chosen method should prioritize ease of use for parents, robust security measures, and a transparent framework for platform implementation.

Moving Forward with DPDPA: A Shared Commitment

Protecting children’s data in the digital age requires a collective effort. We, as a data-driven company, are committed to playing our part. We will ensure that our platforms comply with the upcoming data protection rules and implement rigorous child data protection measures. We also urge other industry players, parents, and educators to join us in creating a safe and responsible online environment for children.

This blog post is just the beginning of the conversation. We encourage readers to share their thoughts and suggestions on how we can best protect children’s data in the evolving digital landscape. Let’s work together to build a future where children can explore the online world with curiosity and confidence, knowing their data is secure and their rights are protected.