MeitY Hosts Consultation on Draft Digital Personal Data Protection Rules, 2025, Ahead of Feedback Deadline

The Ministry of Electronics and Information Technology (MeitY) convened a high-level consultation with government officials, industry leaders, and policymakers to discuss the Draft Digital Personal Data Protection (DPDP) Rules, 2025, ahead of the public feedback deadline on February 18.
The event, chaired by Union Minister Ashwini Vaishnaw, saw participation from over 200 attendees, including key representatives from government ministries, industry stalwarts, and legal experts. Prominent organizations such as DSCI, NPCI, PwC, Apple, Microsoft, Snapchat, Accenture, Zomato, Deloitte, KPMG, PhonePe, and OpenAI contributed to the discussions.
Minister Vaishnaw underscored the government’s commitment to a principle-based and trust-oriented approach to data protection. “Our objective is to keep it simple, let it evolve, and ensure it is principle-driven rather than overly prescriptive,” he said, emphasizing the holistic understanding of the DPDP framework through both the 2023 Act and the 2025 Draft Rules.
The session opened with a presentation by Bhuvnesh Kumar, Additional Secretary, MeitY, who outlined the draft rules’ key features. S Krishnan, Secretary, MeitY, highlighted the inclusive and thoughtful approach to data protection, urging stakeholders to submit anonymous feedback via the MyGov portal to ensure diverse inputs.
Key topics addressed included consent management, data principal rights, compliance frameworks, cross-border data transfers, security safeguards, children’s data protection, and breach reporting mechanisms.
The consultation reinforced the government’s focus on fostering innovation while ensuring robust citizen data protection. Vaishnaw emphasized the importance of public-private collaboration to effectively implement the DPDP Act, 2023.
The feedback collected during the session will be instrumental in refining the rules to meet the needs of India’s rapidly growing digital economy and align with global data protection standards.