Episode 136 — India's Newly Adopted Digital Personal Data Protection

The world’s most populous country adopted a comprehensive data privacy code in August 2023 – the Digital Personal Data Protection Act. Join this episode for a tour of the law’s main features. A departure from the EU’s GDPR approach and from prior draft bills of the Government, India took a unique approach to protecting digital personal information of its residents. Instead of data localization, it chose to encourage global data flows under relatively flexible standards while requiring reasonable safeguards to prevent data breach. The law will come into force on a rolling basis in coming months. Stephen Mathias, Bangalore office partner-in-charge and Co-Chair of the Technology Law practice of Kochhar & Co., one of India’s premier large law firms, explains the Act’s main features. Learn the basic approach taken, not only to comply if your organization may be subject to its reach but also to consider how a vast country with highly skilled tech professionals chose to regulate personal data privacy, enable government use of personal data for security and public order, and embrace India’s strengths in the data economy. Time stamps: 01:00 — Evolution of the Digital Personal Data Protection Act 03:45 — How is the law similar to and different from GDPR 08:00 — The government's right to obtain data 13:32 — Data localization 15:02 — Significant data fiduciary