Corporate Data Protection Responsibilities: Legal Perspectives Under India's Digital Personal Data Protection Act, 2023

Yuvraj Singh, Law College Dehradun, Uttaranchal University

Ms. Purnima Tyagi, Law College Dehradun, Uttaranchal University

ABSTRACT

The explosive growth of the digital technologies and data-driven business model has turned personal data into a lucrative economic resource, which is of great concern in terms of privacy, cybersecurity, and corporate responsibility. In India, the adoption of the Digital Personal Data Protection Act, 2023 (DPDP Act) is one of the significant legislative initiatives that focus on safeguarding the personal data of individuals and controlling the duties of organizations that process personal data. The Act provides a full- fledged framework of consent, legal process, data fiduciary obligations, data principal rights, cross-border transfer of data, and penalties in case of non- conformance. The paper will critically examine how the DPDP Act, 2023 addresses data privacy and corporate responsibility. It explores the legal requirements on corporations, the enforcement provisions brought about by the law and the feasibility issues that companies encounter when seeking to comply with the law. The paper also analyzes how the Act will impact digital governance, consumer trust and corporate transparency in the emerging digital economy in India. With the help of doctrinal and analytical study, the research reveals the advantages and disadvantages of the legislation and suggests reformation of the legislation to ensure better privacy protection and corporate responsibility.

Keywords: Data Privacy, Corporate responsibilities, Digital Personal data protection Act, 2023, Data fiduciary, Consent, Cybersecurity, Digital governance.