How Does the DPDP Act Balance Privacy, Transparency, and State Power?
A person who wants to permanently remove old personal information from an online platform may have fewer legal options in India compared to a citizen in Europe under GDPR.
Questions and Answers
A collection of 24 issues
How to build a data inventory and mapping for an Ed-tech?
Before tracking how data moves, an organisation must first understand what personal data it has.
What challenges arise from the withdrawal of consent under the DPDP Act?
Under the DPDP Act, consent must be free, specific, informed, unconditional, and unambiguous. Just as individuals can give consent, they also have the right to withdraw it at any time. Importantly, withdrawing consent should be as easy as giving it.
Why do data protection and fraud prevention go hand in hand?
Data protection and fraud prevention are closely connected. If data is not well protected, fraud becomes easier. Strong data protection helps reduce this risk.
Why does the General Data Protection Regulation (GDPR) require breach reporting within 72 hours?
A personal data breach under the General Data Protection Regulation (GDPR) is any security incident that results in personal data being lost, altered, accessed, or disclosed without permission, whether intentionally or unintentionally.
Have You Planned Your Digital Afterlife Under the DPDP Act?
The “Right to Nominate” under the Digital Personal Data Protection Act, 2023, clearly outlines how personal data should be managed when a person passes away or cannot make decisions, guiding both individuals and organisations.
Can You Actually Read a Privacy Policy in Under 60 Seconds?
Today, data protection laws encourage companies to use clear and simple language.
How do organizations verify consent when responding to a Data Subject Access Request (DSAR)?
Consent is often collected through clear opt-in methods such as website checkboxes, account registration confirmations, or consent forms. Pre-ticked boxes are usually not considered valid.
How Does India’s DPDP Act Differ from the GDPR?
GDPR has a wider scope and covers both digital and offline data, while the DPDP Act applies only to digital personal data.
Why is protecting children’s privacy and safety important in the digital age?
Information shared during childhood can stay online for many years. Photos, videos, or posts made at a young age may appear later in life and affect education, jobs, or personal reputation. Once something is online, it is very hard to remove completely.