top of page

Behind The Veil: State Powers And The Disguised Surveillance Regime In DPDPA 2023




Amit Kumar Padhy, Research Scholar at National Law University, Nagpur


ABSTRACT


The Digital Personal Data Protection Act, 2023 (DPDPA) is an important milestone in India’s data governance strategy, instituting an extensive framework for the regulation of personal data processing. The Act fundamentally acknowledges conflicting priorities - individual privacy rights in relation to legitimate state functions. Section 17(2)(a) of the DPDPA authorises the Central Government to exclude State instrumentalities from fundamental compliance requirements when data processing is considered vital for maintaining national sovereignty, integrity, security, amicable international relations, or public order. This exemption, supported by supplementary delegated authorities, enables the government to circumvent obligations such as notification, consent, and specific transparency responsibilities, ostensibly to avert disruption of essential state functions. Nonetheless, these exemptions provoke significant enquiries: Do they compromise the Act’s declared dedication to personal autonomy and informational self-determination? Are the powers proportionality adequately protected by substantive and procedural safeguards? The exemptions are contingent upon the restrictions outlined in the Draft Rules of the Act, which restrict the data processed to what is necessary and require appropriate security measures; however, the breadth and discretionary authority remain extensive. Moreover, the Act exempts State bodies from obligatory deletion and retention constraints, diverging from international privacy standards. This article examines whether these exclusions create a potentially imbalanced framework that favours state interests over citizen rights, and evaluates the adequacy of the integrated legal, policy, and operational safeguards. It eventually examines how India’s developing data protection framework reconciles the conflicts between strong governmental authority and an efficient, rights-oriented data privacy structure, referencing international norms and constitutional principles. The analysis aims to enhance the understanding of governmental authority under DPDPA, assessing its validity, need, and accountability within India’s democratic framework.


Keywords: DPDPA, State Exemption, Surveillance, Public Order, Safeguards



Indian Journal of Law and Legal Research

Abbreviation: IJLLR

ISSN: 2582-8878

Website: www.ijllr.com

Accessibility: Open Access

License: Creative Commons 4.0

Submit Manuscript: Click here

Licensing: 

 

All research articles published in The Indian Journal of Law and Legal Research are fully open access. i.e. immediately freely available to read, download and share. Articles are published under the terms of a Creative Commons license which permits use, distribution and reproduction in any medium, provided the original work is properly cited.

 

Disclaimer:

The opinions expressed in this publication are those of the authors. They do not purport to reflect the opinions or views of the IJLLR or its members. The designations employed in this publication and the presentation of material therein do not imply the expression of any opinion whatsoever on the part of the IJLLR.

bottom of page