(Government of India – MeitY / PIB Notification)
🌟 Highlights
- Notification Date: 14 November 2025
- Foundation: DPDP Act, 2023
- Essence: Citizen-centric, simple, and innovation-friendly framework for data protection
📌 Why It Matters
India’s digital economy is booming. These rules ensure:
- Citizens’ personal data stays secure
- Companies remain accountable and transparent
- Trust and innovation thrive in the digital ecosystem
🛡️ Rights for Citizens
- ✅ Right to Consent – clear permission before data use
- ✅ Right to Information – know why and how data is used
- ✅ Right to Correction – fix wrong or outdated data
- ✅ Right to Erasure – delete data when needed
- ✅ Right to Nominate – assign rights to someone else
- ✅ Response within 90 days – companies must act on requests promptly
🏢 Duties of Companies
- 🔐 Implement robust security safeguards
- 📢 Report data breaches quickly
- 📊 Conduct audits & impact assessments (especially large fiduciaries)
- 👨💻 Appoint a Data Protection Officer or contact person
⚖️ Penalties
- ❌ Weak safeguards: up to ₹250 crore fine
- ❌ Breach of children’s data or failure to report: up to ₹200 crore fine
- ❌ Other violations: up to ₹50 crore fine
🌐 Digital-First Board
- 📱 Data Protection Board of India will function digitally
- Citizens can file complaints online and track cases via mobile app
- Appeals will be heard by TDSAT (Appellate Tribunal)
🖼️ Suggested Icons/Logos
- 🔒 Lock/Shield – security
- 👥 User icon – citizen rights
- ⚖️ Scales – justice & accountability
- 📊 Chart/Audit icon – compliance
📖 Reference: PIB Notification – DPDP Rules, 2025