Today's Headlines

1. India’s New Data Protection Law: Death Knell for Press Freedom? - TheWire.in

Source: Google News DPDP | Read Original →

This article from TheWire.in raises concerns that the DPDP Act 2023 could undermine press freedom, particularly in its implications for how media organizations collect, process, and store personal data for journalistic purposes. It highlights potential ambiguities in Section 17(c) (exemptions for processing personal data for journalistic purposes), arguing that the Act's broad definitions and lack of clarity could lead to self-censorship and hinder investigative reporting. For businesses, this underscores the ongoing legal debate around specific exemptions and the need for clear internal policies, even if their primary function isn't journalism.

2. The hollow heart of data protection: How the DPDP Act abandons the data breach victim - Bar and Bench

Source: Google News DPDP | Read Original → Bar and Bench critically examines the DPDP Act's provisions concerning data breach victims, asserting that the law prioritizes state enforcement over direct victim compensation. While the Act imposes significant penalties on Data Fiduciaries for failing to protect data (up to ₹250 Cr for a breach, as per Schedule 1), these fines are paid to the government, not directly to the individuals whose data was compromised. This critique suggests that the Act, in its current form, may not adequately address the direct harm and economic losses suffered by individuals post-breach, potentially shifting the focus for businesses towards penalty avoidance rather than victim redressal.

3. India's DPDP Act: Data Breach Penalties Shift from Victims to State - whalesbook.com

Source: Google News DPDP | Read Original →

Echoing the sentiments of the Bar and Bench analysis, whalesbook.com further emphasizes that the DPDP Act directs penalties for data breaches to the state rather than establishing mechanisms for direct compensation to victims. This article reiterates that while Data Fiduciaries face substantial financial repercussions (potentially up to ₹250 Cr for a significant breach of Section 8 — Data Fiduciary obligations concerning security safeguards), individual Data Principals are largely left without clear avenues for monetary relief under the Act. For Indian businesses, this means while the regulatory enforcement risk is high, the legal landscape for direct victim compensation through the DPDP Act remains ambiguous, necessitating careful consideration of broader liability frameworks.

Stay Compliant

Not sure if your business meets DPDP standards? Start with a free check:

🔍 Run Your Free DPDP Audit →

16 questions. 60 seconds. Instant risk report.

---

Published by DPDP News, a Meridian Bridge Strategy initiative. For compliance consulting, book a free call.