The government of India has put out draft rules under the Digital Personal Data Protection Act, 2023, of which includes some drastic steps to safeguard the child’s data in the online platform. One of those expected provisions limits children’s access to social media, stating that in order to make an account, those under 18 will require a parental permission, in the form of consent, that is verifiable online – this is some of the most stringent protection for children online that the site proposals.
An Alternative Overview of the Draft DPDP Rules
In the public discussion, the draft rules lay out the expectations on how new obligations should be met: data fiduciaries, the entities that processes the personal data, must implement reliable procedures to confirm that the consents received are indeed from the parents.The proposed guidelines require that parents using the site be easily identifiable by members that are using the site through proper identification.
Such may consist of identity measures such as age and other personal details that the user might be willing to reveal or a virtual token provided by a reliable government agency.
The rules apply to the e-commerce platforms dealing with child-disclosed information, social media, and game applications. Moreover, the DPDP Act permits the respective regulatory authorities to prescribe penalties totalling up to ₹250 crore for such noncompliance in data management and processing from data fiduciaries, while the current draft is silent on the penal consequences of failure to adhere to the provisions touching on parental consent.
Additional Provisions
Within the framework of the adopted Al and the draft, more attention is paid to actions that would ensure the work’s transparency encased on best practices.Data fiduciaries should assess, and be in a position to validate, the veracity of each parental claim to both identity and adulthood. The government has gone further to explain that these provisions are consistent with the government’s overall philosophy of wanting to protect children when they are using computers online.
Furthermore, the draft contains guidelines of data acquisition, consent processing, and the functions of authorities under the DPDP Act, 2023. That aligns with the government’s objectives of equilibrating industrial adulation across the platforms so that regulatory oversight and operating compliance are not disjointed.
Key Implementation Details
The guidelines are public and were until February 18, 2025, meant to maintain a good balance between data protection and the operations of digital markets.It has been suggested that public consultations will stem from such issues regarding the logistical issues that people faced in such measures. After consulting with the public on the rules for the Implementation of Public Finance Management Acts, more strict rules will be adopted and implemented.
The notification also mentions that these provisions have been made under the provisions of section of DPDP Act, 2023 for short. The Act seeks to provide direct on how the data will be collected, processed, and stored to protect the privacy of people.
Context and Significance
The idea to make parental consent compulsory is in tandem with the global standards regarding kids’ data. For example, GDPR in European Union has matching requirements for children as well. However, additional measures, especially those concerning the identification of the subject, are provided within the Indian draft.
Opponents believe that such rules’ implementation can pose administrative challenges for the platform and might be seen as disadvantageous for children with low SES backgrounds. However, its supporters continue to argue that the guidelines will provide protection against cyber bullying, unauthorized use of data and other form of danger facing the minors.
Next Steps and Public Impact
It is in this light that players in the industry, child rights advocacy groups and civil society will be in a position to comment on the following measures in the run up to February. Once formally adopted, they possibly have the potential of changing how children’s data is handled through digital platforms in India and by extension other jurisdictions.
This has however not stopped the government from being quite proactive in ensuring children are protected in what is now a very digital world. As the penalties for the breaches and the defined system of obtaining the parental consent, DPDP rules are designed to improve the Indian digital regulation.
