facebook twitter linkedin

Alerts & Updates 10th Jul 2023

The DPDP Bill: From responding to responsibility

Authors

Sanjay NotaniPartner | Mumbai
Vinay ButaniPartner | Mumbai
Harshvardhan NankaniSenior Associate | Mumbai
Akash ManwaniAssociate | Mumbai

Latest Thought Leadership

Alerts & Updates 4th Nov 2025

SCOMET Update: DGFT issues Trade Notice seeking inputs on Draft Amended Aayat Niryat Forms (ANF) – One Format for all kinds of Applications) for grant of SCOMET Authorisation for Export of SCOMET Items

Read More
Alerts & Updates 3rd Nov 2025

SEBI proposes to revamp its regulatory regime for mutual funds

Read More
News & Media 3rd Nov 2025

Landlord wins tenant eviction case for providing signed rent receipts, despite tenant’s son not signing them: Supreme Court order explained

Read More
News & Media 31st Oct 2025

How the CCI’s AI Push Could Reshape India’s Antitrust Bar

Read More

The Union Cabinet’s approval of the draft Digital Personal Data Protection Bill (DPDP Bill) on July 5, 2023, signifies an important milestone in India’s journey towards establishing a comprehensive data protection framework.

  • The bill is expected to be tabled before the monsoon session of the Parliament session this month, and whilst, we will follow the developments as well as assess whether the DPDP Bill will include the public recommendations which the Ministry of Electronics and Information Technology would have gathered during the November 2022 consultation stage, the DPDP Bill is undeniably a simplified version compared to its predecessors.

    Once enacted, the DPDP Bill:

    • Seeks to amend and remove key provisions of the Indian Information Technology Act, 2000 (IT Act), as well as provisions of the Right to Information Act, 2005.
    • Requires that the data principals be provided with a clear notice in English or a local Indian language, detailing the personal data to be collected and its purpose. The bill also introduces ‘deemed consent’ for situations where obtaining personal data is impracticable, such as restaurant reservations or fulfilling legal functions. Deemed consent may apply in court orders, emergencies, employment, public interest, and fair cases.
    • Proposes the establishment of a Data Protection Board of India. This board will have powers to conduct inquiries, impose penalties, and handle complaints related to data protection. The composition and selection process of the board are expected to be outlined in the bill.
    • Permits cross-border transfer of all personal data, however, to countries or territories which are only notified by the Central Government. The DPDP Bill stipulates that while notifying these territories, the Central Government may assess any factors that it may consider necessary.
    • Prescribes penalties in range from up to INR 10,000 to up to INR 250 Crores for different offences. However, the DPDP Bill also sets out the factors that needs to be considered while determining the penalty.

    As disruptive technologies like generative AI, large language models, and natural language processing continue to advance, one can only hope that the DPDP Bill, which claims to have incorporated the best practices adopted from various international personal data protection laws, upholds the underlying principles of privacy as a fundamental right and the autonomy and neutrality of the regulatory bodies involved.

    We trust you will find this an interesting read. For any queries or comments on this update, please feel free to contact us at insights@elp-in.com or write to our authors:

    Sanjay Notani, Partner – Email –SanjayNotani@elp-in.com
    Vinay Butani, Partner – EmailVinayButani@elp-in.com 
    Harshvardhan Nankani, Senior Associate – Email – HarshvardhanNankani@elp-in.com
    Akash Manwani, Associate – Email – AkashManwani@elp.in.com

Disclaimer: The information contained in this document is intended for informational purposes only and does not constitute legal opinion or advice. This document is not intended to address the circumstances of any individual or corporate body. Readers should not act on the information provided herein without appropriate professional advice after a thorough examination of the facts and circumstances of a situation. There can be no assurance that the judicial/quasi-judicial authorities may not take a position contrary to the views mentioned herein

Privacy Policy

As per the rules of the Bar Council of India, lawyers and law firms are not permitted to solicit work or advertise. By clicking on the "I Agree" button, you acknowledge and confirm that you are seeking information relating to Economic Laws Practice (ELP) of your own accord and there has been no advertisement, personal communication, solicitation, invitation or any other inducement of any sort whatsoever by or on behalf of ELP or any of its members to solicit any work through this website.

I AGREE EXIT SITE