Journey of the Personal Data Protection Bill in India 2023

Table of Contents
Journey of the Personal Data Protection Bill in India 2023
Reading Time: 4 minutes

The term data protection refers to the protection of user data safely and securely. It is a protocol that defines the numerous policies on how to restrict the user’s personal data usage and save it from data breaches.


Personal Data Management defines the compliance regulations for companies taking responsibility for using users’ personal data.


Personal data protection is built based on technologies like Data Loss Prevention (DLP) which ensures end-to-end encryption, built-in data protection, firewalls, and more. It is essential in business operations such as research and development, finance business, etc.


The Union Cabinet cleared the Digital Personal Data Protection Bill (DPDP) in July 2023, to ensure the security and privacy of Indian citizens. As per the Bill, organizations will have to pay a maximum of ₹250 Crores to the Government authorities for violating norms present in the Bill.


In this blog, we are sharing the details of the data protection bill and the key points of induction and maintenance of the DPDP policy at the workplace.


What is Personal Data Protection (PDP)?


Personal Data Protection (PDP) refers to a set of tools and policies for practicing, regulating, and measuring the privacy and security of an individual’s personal information. It includes the collection, use, storage, and sharing of personal data by organizations and governments while ensuring that individuals have control over their personal data.


The main function of PDP is safeguarding individuals’ privacy and taking steps against misuse or unauthorized access to their personal information.


Personal data can include various types of information, such as names, addresses, phone numbers, email addresses, financial details, medical records, and other identifiers that can be used to identify an individual.


PDP Rules and Policies


The Personal Data Protection Bill was first introduced in 2019 by the Parliament in December. The main objective of the public draft was to analyze the user’s personnel data and protect it securely from theft.


The Personal Rule and Policy actions are bifurcated into 16 chapters thoroughly, for a comprehensive outlook.


➔ The Personal Data Protection (PDP) Bill, 2023

The parliament cleared the 16-chapter PDP Bill in July 2023. While the previous draft remains the same, the Bill outlines the practices of collecting personal data, storing them securely without any breaches, choosing the parties with whom data is being shared, and more.


If any violation is taken place, the penalty will be borne by the individuals or companies using the personal data. These organizations will have to pay a maximum of ₹250 crores with the upward revision of ₹500 crores to larger entities. In the case of individuals, they must pay a minimum ₹10,000 as a penalty in case of breaches.


A quick recap of the Journey of the Personal Data Protection Bill

We are presenting a chronological sequence from the introduction to the clearance of the Digital Data Protection bill. Let’s start with the introduction phase of PDP;


➔ August 2017

Retired lawyer K. S. Puttaswamy was instrumental in reframing data privacy law by petitioning against the Union of India. The Supreme Court recognized it constitutionally and took the step of protecting data privacy for Indians under Article 21, considering it a basic need for the life and liberty of every citizen.


In the next few months, the government formed a committee for data protection to address data privacy concerns, chaired by Justice B.N. Srikrishna and other experts.


➔ July 2018

In July 2018, recommending enhancing privacy laws in India, the committee submitted a report with the draft of the Data Protection Bill.


➔ December 2019

In 2019, The committee introduced the Personal Data Protection Bill in Lok Sabha for the first time.


➔ December 2021

In December 2021, the joint parliamentary committee submitted the report on the data protection bill.


➔ August 2022

In August 2022, The Personal Data Protection Bill was withdrawn from the parliament.


➔ November 2022

In 2022, The committee released a draft of the Digital Data Protection bill in November again.


➔ July 2023

The parliament cleared the Data protection bill in July 2023.


Key points of the Personal Data Protection Bill

What are the key points of the Personal Data Protection bill and how will it impact protecting data, and maintaining data management? For getting more details please visit on:


End Note

The Personal Data Protection Bill aimed to regulate the processing and protection of personal data in India and empower individuals with greater control over their personal information. The bill proposed several key provisions, including data protection principles, data localization requirements, rights of individuals over their data, the establishment of a Data Protection Authority of India (DPA), and provisions for cross-border data transfers.


However, due to the dynamic nature of legislative processes, the bill might have undergone revisions or amendments during its deliberation in the Parliament. The final version of the Data Protection Bill and its ultimate enactment into law would depend on the outcomes of the Parliamentary discussions and approvals.


For the most current and accurate information regarding the status and provisions of the Data Protection Bill in India, you can check on the latest updates from official government sources or reputable news outlets.


Data protection laws and regulations, like the Personal Data Protection Authority Bill of 2022, are established to enforce and regulate personal data protection at the country level. These laws set out obligations for individuals, organizations, and governments regarding collecting, using, storing, and sharing of personal data.

Found this article interesting? Share it on

Contact Us

Contact Us

We use cookies on our website to provide you with the best experience.
Take a look at our ‘privacy policy’