Companies may get 1-year to comply with Digital Personal Data Protection Act

NEW DELHI: The government is expected to provide a maximum of one year for entities to comply with the norms of the Digital Personal Data Protection Act 2023. The government will also establish a Data Protection Board and issue guidelines for eight rules, including consent management, within the next month or 45 days. “Once we receive submissions from industry stakeholders, we will make a decision regarding the transition period for companies.

However, one thing is certain: We will not grant two years or 18 months of time as demanded by industry representatives,” said Rajeev Chandrasekhar, Minister of State for Electronics and IT. While speaking with industry representatives from tech companies such as Meta, Lenovo, Dell, Netflix, and others, the minister said the rules would be implemented in a graded manner. He added that large technology companies such as Meta, Twitter or any others would be given less time to comply, while start-ups and MSMEs would be granted more time to adopt the law.