An Analysis Of The Digital Personal Data Protection Act, 2023 And Its Impact On Companies And Organisations

Sarthak Chugh, Vivekanand Education Society's College of Law, Mumbai

Aditi Gattupalli, Vivekanand Education Society’s College of Law, Mumbai

ABSTRACT

After years of legislative deliberations, India recently passed the Digital Personal Data Protection Act, 2023. This is touted to be a landmark legislation with wide ranging scope from management and protection of digital personal data to regulating the powers and enlisting the duties of the companies and fiduciaries who process and store an individual's personal data.

This paper aims to simplify the nuances of the many provisions contained in this Act by discussing the scope, defining the meanings and extent and deliberating future probables of the two most important players in this Act- the Data Principals and Data Fiduciaries. The former are individual people of the nation whilst the latter are those organisations, or even the Government itself.

Consequently, the effects of such provisions on the the companies registered or carrying their trade in India are predicted by comparing previous Bills, other International Acts and the motive of the Government in enacting this Act. As all companies grapple with their corporate social responsibility charters, the essentials of this Act will add on their duties to maintain the privacy and fundamental rights of all individuals.

Keywords: Personal Data, Protection, Regulating, Duties, Companies, Data Principals, Data Fiduciaries, Corporate Social Responsibility