The central government is planning a “graded” transition regarding compliance with rules under the Digital Personal Data Protection (DPDP) Act, an official of the plans said. Under this approach, micro, small and medium enterprises (MSMEs) will get longer time frames to comply, while larger corporations will get less.
“We may do this at graded levels, where the vast majority of Big Tech, as well as companies, can transition quicker. MSMEs, government bodies and smaller companies can take a little bit more time,” the official at the Ministry of Electronics and Information Technology (Meity) said on condition of anonymity. The transition timeline will also indicate the final date from which rules under the DPDP Act will be notified. However, the official added that the government has not decided on the time frames yet.
Meity has received varying feedback on the matter, with large companies seeking more time to transition than smaller ones. However, the Centre feels MSMEs and smaller firms need more time for compliance, as larger companies have more resources and are hence better equipped for the change. Livemint