Union Minister of State Jitin Prasada
Government on Wednesday said that it was ensuring widespread awareness and adoption of the Digital Personal Data Protection (DPDP) Act, 2023 and also simplified compliance framework for start-ups and certain data fiduciaries under DPDP Act and Rules.
“The Act and Rules provide for government to notify jurisdictions where transfer of personal data may be restricted. The government is also ensuring widespread awareness and adoption of the DPDP Act by educating citizens on their rights and responsibilities,” Minister of State for Electronics and Information Technology Jitin Prasada informed the Lok Sabha on Wednesday.
Digital outreach
Capacity-building initiatives, including workshops, conferences, expert sessions and digital outreach campaigns are also being undertaken, he said.
The DPDP Act and the Digital Personal Data Protection Rules, 2025 have been notified on November 13, 2025. They provide timelines for implementation of relevant provisions and in terms of the provision of the Rules, Digital Data Protection Board has been notified, Prasada added.
Meanwhile, responding to other queries in Parliament, Ashwini Vaishnaw, Minister of Electronics and IT, said that the DPDP Act, and the DPDP Rules, 2025, apply uniformly to all forms of digital personal data including personal images and data.
“The Act establishes a comprehensive framework that empowers individuals with specific rights over their personal data. It also lays down obligations for organisations (data fiduciaries) that determine the purpose and means of processing digital personal data. The government actively engages social media platforms and other stakeholders to counter deepfakes, morphed images and malicious synthetic content,” he said.
Multiple advisories
He said the government has also issued multiple advisories to social media intermediaries to ensure an open, safe, trusted and accountable digital ecosystem.
Intermediaries specifically are advised to strengthen detection and removal of unlawful and false content, including malicious synthetic media and deepfakes, he said, adding that mandatory labelling, watermarking and traceability mechanisms have been also proposed to clearly identify AI-generated manipulated content and prevent misinformation.
“Further, under the IT Rules (Amendment) 2025, intermediaries are required to remove or disable access to specified unlawful content within 36 hours of receiving actual knowledge through a court order or authorised government intimation,” Vaishnaw added.
Published on December 3, 2025
