Children’s Data Privacy Under The Digital Personal Data Protection Act, 2023 - Are Indian Children Adequately Protected?

K. Anu Priyanka, PhD Scholar, Tamil Nadu Dr. Ambedkar Law University Chennai

ABSTRACT

When a child in Chennai opens DIKSHA to study or a teenager in Mumbai scrolls through Instagram before bed neither of them knows that every click, every pause and every search is being recorded, stored and in many cases sold. India’s lawmakers saw this problem and tried to address it through Section 9 of the Digital Personal Data Protection Act 2023.1 But the provision they produced leaves too much unsaid. Platforms are told to get parental consent but not how to check it is real. They are told not to harm children’s well-being but not what harm looks like. They are told not to track children but there is no way to enforce this against platforms sitting outside India. Certain platforms are exempted from these rules through a schedule that nobody has yet published. Others may process children’s data without consent if their processing is safe a concept the Rules have not defined. This paper goes through each of these failures, shows through the DIKSHA breach what they cost in practice and sets out the specific changes that would make Section 92 worth the paper it is written on.

Keywords: Children’s Data Privacy, DPDP Act 2023, Section 9, DIKSHA, Parental Consent, Right to Privacy.