Privacy for minors in DPDPA- Restricted processing of data for the well-being of the minors (not permitted to process data for tracking, behavioural monitoring, or targeted advertising)
The Digital Personal Data Protection Bill, 2023 (DPDP Bill) was granted presidential approval on August 11, 2023, marking the inception of novel regulations governing the handling of digital personal data. At its heart, the DPDP Act aims to formally recognize specific facets of informational privacy. This recognition is accompanied by a deliberate effort to strike a balanced and harmonious interplay between the necessity to process personal data within legal parameters and the paramount need to uphold individual rights and safeguards.
The foundation of the Act rests on the concept of consent. In the contemporary digital landscape, children engage with diverse online services, spanning from gaming and education to entertainment. Often, in their pursuit of accessing these services, they grant consent without fully grasping its potential consequences. Hence, the Act incorporates specific provisions addressing the consent process when it comes to children.
In this article, we will delve into a discussion regarding the rights of children and the measures that data fiduciaries should adhere to when dealing with children.
Safeguarding Children’s Well-being and Online Experience:
Section-2(f) of the Digital Personal Data Protection Act, 2023, defines a ‘child’ as an individual who has not yet reached the age of eighteen years. Section-9(1) of the Act establishes a specific set of obligations that Data Fiduciaries, entities responsible for managing personal data, must adhere to when processing the personal data of a child. This provision mandates that, before any processing of personal data occurs for children, obtain clear and verifiable consent.
Read more: https://tsaaro.com/blogs/the-data-protection-board-of-india-its-powers-and-functions/
This consent, which serves as a fundamental element in ensuring lawful data processing, is acquired from either the parent of the child or a lawful guardian, where applicable. These guidelines or regulations ensure a consistent and reliable process for obtaining consent, reinforcing the integrity of the data processing activities. By incorporating this inclusivity, the provision safeguards children in terms of their personal data privacy.
The Act further places a distinct prohibition on Data Fiduciaries from engaging in any form of personal data processing that could potentially result in negative impacts on the well-being of a child. This provision emphasizes the paramount importance of safeguarding the emotional, psychological, and overall well-being of children, especially in the context of data processing activities. Additionally, Section-9(3) of the Act establishes another pivotal restriction by preventing Data Fiduciaries from conducting tracking or behavioural monitoring of children, as well as prohibiting the practice of targeted advertising specifically aimed at children. This measure seeks to protect children from potentially invasive and manipulative practices, ensuring that their online experiences remain free from undue influence and undue tracking.
Recognition of Responsible Data Handling
Section 9(5) introduces a mechanism that rewards Data Fiduciaries who take substantial measures to ensure secure data processing for children.This notification exempts the Data Fiduciary from certain obligations outlined in Sections 9(1) and 9(3). This recognition aims to incentivize responsible data handling and privacy protection practices, thereby fostering a culture of accountability among organizations.
Read More: https://tsaaro.com/blogs/duties-of-data-fiduciary-under-dpdpa-2023/
Conclusion:
The Digital Personal Data Protection Act’s provisions underscore India’s commitment to safeguarding children’s data privacy. By prioritizing verifiable consent, well-being protection, and responsible data handling, the Act aims to create a secure digital space for children. This legislation not only reflects evolving societal needs but also highlights the government’s proactive efforts in balancing data processing with privacy rights, especially for those most vulnerable.
Stay updated on the latest laws of data privacy with Tsaaro
Recent Comments