Major tech players, including Apple, Google, Meta, and Microsoft, are urging India’s IT Ministry to grant an extended compliance period to organisations as they bid to meet provisions of new data protection standards in India.
The request, made by the Asia Internet Coalition, was articulated in a letter to India’s IT Minister Ashwini Vaishnaw and Deputy IT Minister Rajeev Chandrasekhar. Central to the note was a call for companies to have between 12 and 18 months to restructure so that they can satisfy the demands of new provisions concerning data processing.
The provisions require data fiduciaries to cease processing and delete user data, necessitating tech firms to renegotiate contracts with data processors. The industry group argues that requirements will force businesses of all sizes to make fundamental and substantial changes to their technology architectures, unlike other data protection laws such as GDPR.
India’s Digital Personal Data Protection Act stands out as one of the most stringent regulations worldwide, impacting technology companies by restricting international data transfers and imposing steep fines for violations. The legislation has far-reaching implications, considering India’s position as a significant user base for tech giants like Meta and Google.
But the requested extension is crucial for businesses handling data in India. The intricate new regulations feature concepts such as consent managers and expanded user rights, and will demand careful adaptation.
The industry’s plea for more time underscores the significant adjustments needed as India’s digital economy grows. These issues are central to debate at PrivSec Global this November, where experts will go through the fallout of the nation’s evolving data protection landscape.
Know the risks
Since its initiation in 2021, the EU’s work on the AI Act has reached critical junctures, with significant issues arising, including biometric surveillance, facial recognition, and AI application rules. These current proposals aim to classify AI tools based on their risk levels, imposing varying obligations on governments and companies accordingly.
The EU now faces a complex challenge in balancing technological advancement with regulatory safeguards, shaping the future landscape of AI within its borders.
These issues fall into focus at PrivSec Global on 29 and 30 November, where experts will address AI laws, principles and ethics in the following exclusive sessions:
→ India introduces new Digital Personal Data Protection Bill
- Day 1: Wednesday 29th November 2023
- 09:00 - 09:45am GMT
India’s Digital Personal Data Protection Bill (DPDP) 2023 is highly relevant to India’s rich and vibrant community of privacy pros and highly relevant to the global privacy community whose organisations process data “in connection with any activity related to offering or goods or services” in India, the DPDP Bill, 2023.
Privacy leaders at PrivSec Global will examine this, the fifth iteration of India’s much-awaited data protection law, and debate what the implications are for business.
→ Like the GDPR but not the same: Asia’s Data Protection journey
- Day 1: Wednesday 29th November 2023
- 10:00am - 10:45am GMT
Privacy laws in Asia are being transformed: in the past 12 months, several key jurisdictions have either introduced their first-ever comprehensive data protection framework or are updating and reforming their existing privacy laws. This includes:
- Australia, which has amended its Privacy Act 1988 and introduced the Telecommunications Regulations 2021 and the Security of Critical Infrastructure Act 2018
- The PRC, which has enacted the Personal Information Protection Law (“PIPL”)
- Indonesia, which has passed its long-awaited Data Protection Law
- Japan, which has updated the Act on Protection of Personal Information
- Thailand, which has introduced the Personal Data Protection Act B.E. 2562 (2019)
- Vietnam, which has very recently passed Decree No. 13/2023/ND-CP
Join experts at PrivSec Global for an update on your jurisdiction Data Protection Law, and have your questions answered.
Discover more at PrivSec Global
As regulation gets stricter – and data and tech become more crucial – it’s increasingly clear that the skills required in each of these areas are not only connected, but inseparable.
Exclusively at PrivSec Global on 29 & 30 November 2023, industry leaders, academics and subject-matter experts unite to explore these skills and the central role they play within privacy, security and GRC.