New Delhi: The Ministry of Electronics and Information Technology (MeitY) has sought feedback from social media platforms and digital companies on speeding up the implementation of key provisions under India’s Digital Personal Data Protection (DPDP) Act and Rules, including a proposal to cut the compliance timeline for data fiduciaries from 18 months to 12 months.
According to reports, the ministry outlined the proposed changes after a 22 January meeting, inviting industry comments by 4 February. MeitY is considering three major revisions to the enforcement roadmap, including reducing the overall compliance period and fast-tracking the rollout of specific rules.
The ministry is weighing immediate enforcement of Rules 15 and 23, while planning to operationalise Rule 8(3) within three months. It has also proposed shortening the enforcement window for Rule 13, which lays down obligations for Significant Data Fiduciaries (SDFs), to 12 months.
During the meeting, officials shared proposals to compress timelines for provisions that do not require major infrastructure changes, including certain rules on cross-border data transfers. MeitY is also considering the immediate implementation of Section 17(2) of the Act.
While major technology firms are expected to be designated as SDFs, industry players are likely to resist tighter timelines, citing the scale of technical and operational changes required. Officials said no final decision has been taken and stakeholder feedback is being reviewed.
Discussion about this post