Fri Jul 25 18:09:09 UTC 2025: **Summary:**

The Indian Ministry of Electronics and Information Technology has received nearly 7,000 comments on the draft Digital Personal Data Protection Rules, 2025. The Rules are meant to implement the Digital Personal Data Protection Act, 2023. Despite the Act being passed over two years ago, the Rules are not yet in effect, exceeding the initially estimated timeline for notification. The delay is partly attributed to ongoing trade negotiations between India and the U.S., with a focus on ease of business for tech companies. The Rules aim to safeguard personal data and introduce mechanisms for individual data control. While privacy advocates await the law’s implementation to address data breaches, concerns have been raised regarding its lack of protection for journalistic work and its impact on the Right to Information Act.

**News Article:**

**India’s Data Protection Rules Delayed Amid U.S. Trade Talks, Sparking Debate**

**New Delhi, July 25, 2025** – The implementation of India’s crucial Digital Personal Data Protection (DPDP) Rules, 2025, remains delayed, stirring concerns among privacy advocates and raising questions about the government’s priorities. The Ministry of Electronics and Information Technology (MeitY) revealed today that it has received a substantial 6,915 comments from various stakeholders on the draft Rules, designed to operationalize the Digital Personal Data Protection Act, 2023.

The Act, passed over two years ago, aims to safeguard personal data, impose penalties for data breaches, and empower individuals to manage their data through consent managers. However, the Rules necessary to bring the Act into force are significantly overdue, exceeding the government’s initial weeks-long timeline for notification.

Sources within MeitY indicate that ongoing bilateral trade negotiations between India and the United States, focusing on easing business operations for technology firms in India, are contributing to the delay. A senior IT Ministry official declined to comment on a specific timeline during a recent informal briefing with reporters.

The delay has sparked debate, with privacy advocates eager to see the law implemented to hold organizations accountable for frequent data breaches. Simultaneously, concerns have been raised by journalism bodies and transparency activists regarding the Act’s limitations. The legislation currently lacks specific protections for journalistic work and amends the Right to Information Act, potentially hindering the disclosure of certain personal information.

The Rules are expected to introduce key provisions such as consent managers, allowing individuals to monitor and control their data held by various companies. They will also outline exclusions from penalties and specify the role of government agencies. As India navigates the complexities of trade agreements and domestic data protection, the finalization and enforcement of the DPDP Rules remain a critical issue for the country’s digital landscape.

Read More