FB pixel

Draft Indian data protection rules set vague age assurance, consent requirements

Draft Indian data protection rules set vague age assurance, consent requirements
 

India’s Ministry of Electronics and Information Technology (MeitY) wants to require consent for personal data processing and age assurance for social media with draft rules to operationalize its data protection law. The exact tools and methods allowed for authenticating consent or performing age checks are not set out in the published draft.

The “Digital Personal Data Protection Rules, 2025” is subordinate legislation to the Digital Personal Data Protection Act, 2023 (DPDP Act), which passed nearly 17 months ago.

Platforms that hold data, like social media, ecommerce and gaming platforms, are considered “data fiduciaries” (DF), and will need to collect verifiable consent to store user data.

Children below 18 years old will have to obtain parental consent to open social media accounts, with the age and identity of the parent authenticated by reference to a government-issued or approved source, which could include the parent’s DigiLocker.

The four examples provided in the draft text all involve either the child or their parent informing the DF that the user is a child. Age verification methods are not specified, and no mention is made of biometric facial age estimation.

“For a child, the Data Fiduciary must verify that the parent is an adult by using reliable identity details or a virtual token mapped to such details,” an explanatory note from MeitY says.

The rules also include new data breach notification responsibilities and conditions under which personal data must be deleted, such as after a period of account dormancy.

The whole will be overseen by a Data Protection Board which can levy penalties of up to 2.5 billion rupees (approximately US$29.2 million).

The Internet Freedom Foundation criticized the draft rules in a series of nine posts to social media platform X, emphasizing that the public consultation is not transparent. The draft has not been published in most of the country’s official languages and the group says MeitY can choose not to publish all comments.

The Ministry says submissions “shall not be disclosed to any one at any stage, enabling persons to submit feedback/comments freely without any hesitation. A consolidated summary of the feedback/comment received, without attribution to stakeholder, shall be published after the finalization of the Rules.”

MeitY is accepting feedback on the draft rules until February 18, 2025.

Related Posts

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

ACCS announces participants in Australia’s Age Assurance Technology Trial

In keeping with its philosophy of transparency by default in running Australia’s Age Assurance Technology Trial, the Age Check Certification…

 

DPI-as-a-Packaged Solution marks major milestone with Trinidad and Tobago rollout

The first ever implementation of DaaS — DPI-as-a-Packaged Solution — is going live in Trinidad and Tobago in a test…

 

AI agents spark musings on identity, payments and wallets

AI agents continue to attract attention, including in the digital identity industry, which sees an opportunity for innovation. Their importance…

 

Trump deregulation is re-shaping the future of biometric surveillance in policing

The advent of AI has exponentially increased the capabilities of biometric tools such as facial recognition, fingerprint analysis, and voice…

 

World expands Android support for World ID credentials

World’s positive relationship with Malaysia continues, with the launch of Android support for World ID Credentials in the country, following…

 

Sri Lanka national data exchange to connect digital ID and public services

A fully developed foundational ID system, including citizen registration, may take 18 to 24 months for Sri Lanka to implement,…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events