DPDP regulations: The prohibition on processing children's data may not apply to educational and medical facilities

 DPDP regulations: The prohibition on processing children's data may not apply to educational and medical facilities

DPDP regulations: The prohibition on processing children's data may not apply to educational and medical facilities

A child is defined under the DPDP Act as an individual who is younger than eighteen, and processing a child's data requires parental agreement.

August 2023 marks the official implementation of the Digital Personal Data Protection Act, which was approved by both chambers of Parliament.

The government's potential exemption of healthcare facilities, educational institutions, and other government agencies from the limitations on processing kid data as required by the Digital Personal Data Protection (DPDP) Act might be a comfort to a number of economic sectors.

The DPDP Act's draft regulations, which are anticipated to be issued shortly, provide an overview of these exclusions. Even though the DPDP Act was enacted in August 2023, several of its provisions still need further laws to specify the specifics of the framework. By January 2024, the government intends to announce the regulations.

Government agencies that perform tasks pertaining to the "interests of the child," medical practitioners, daycare centers, and government bodies that provide subsidies, licenses, etc. are among the organizations that qualify for this exemption.

Educational institutions will be permitted to carry out actual monitoring and tracking of academic activities; health care institutions' exemption may be restricted to the provision of healthcare services to a kid.

Additionally, on December 20, the government notified the industry of its intention to exclude these kinds of organizations. The government had previously said that these exclusions would probably be included in a timetable that the ministry will provide together with the data protection guidelines.

A child is defined under the DPDP Act as an individual who is under the age of eighteen, and processing a child's data requires parental agreement. It is also illegal to track advertisements aimed at minors or to observe how they behave.

Both representatives of the sector and civic society have expressed worry about these restrictions. He has previously said that placing such limitations on how children's data is processed might inhibit creativity.

Reducing the definition of a child's age from under 18 to under 14 was one of the industry's major initiatives, which included Big Tech businesses.