Aurelia on DPDP Act rules: Companies race to fix fragmented data, consent gaps
In a recent Business Standard article, Aurelia Menezes highlighted the pressing challenges businesses face in implementing India’s Digital Personal Data Protection (DPDP) Act.
Aurelia stated: “The implementation of India’s Digital Personal Data Protection (DPDP) Act poses several legal and operational challenges, particularly for organisations handling large volumes of personal data. Key concerns include ambiguity around certain consent and legitimate use provisions, readiness of legacy IT systems, and the absence of detailed subordinate rules and enforcement guidelines. Cross-border data transfers, compliance costs for MSMEs, and the requirement to establish robust grievance redressal and breach reporting mechanisms further add to the complexity. Until regulatory clarity emerges through rules, FAQs and early enforcement actions, companies are likely to face interpretational risks and increased compliance uncertainty.”
Her remarks highlight the urgent need for clarity and preparedness as companies navigate fragmented data systems and evolving compliance requirements. The DPDP Act represents a landmark step in India’s data governance framework, but its successful implementation hinges on detailed rules, enforcement guidelines, and industry readiness.
By entering the email address you agree to our Privacy Policy.