Several social media platforms have emerged as prominent critics of the Digital Personal Data Protection (DPDP) Act, raising alarms over provisions that could impact their operations and revenues. A key concern is the restriction on behavioral tracking of children, which could affect targeted advertising practices.
Social media giant Meta recently expressed its apprehensions about the Act, particularly highlighting issues around limits on profiling minors, potential mandates for data localization, and the requirement for verifiable parental consent.
Read more: Ashwini Vaishnaw refutes claims linking DPDP Act to RTI Act dilution
“There’s a provision that prohibits profiling and behavioural tracking of people under 18. There are some good reasons for that kind of a prohibition to exist, but there are other situations where it’s important to be able to personalize experiences for people under 18,” said Rob Sherman, Meta’s VP- Policy and Deputy Chief Privacy Officer, according to an ET report.
The report quoted him saying, “You don’t see the same Facebook news feed that I see. We each get a personalised experience that’s based on what we’re interested in. And I think that’s an important part of using a service like Facebook or Instagram.”
Raising concerns regarding the cross-border data transfers clause, he said, “A core part of just being a part of global society is transferring, communicating and doing business across borders, which requires information sharing. In contrast to where we might have been a decade ago, at least the signals that we’re getting from the government are reasonable and that we’re not expecting to see the kinds of cross-border data transfer provisions that would really put in peril the ability of Indian businesses and people to communicate in that way.”
Read more: DPDP’s final rules likely in 8 weeks; govt weighing local storage of AI model
He added that adopting prohibitions on data transfer that are widescale, that affect people’s ability to communicate and do business would be problematic. It’s just not aligned with the way that people do business today and the way that people communicate in today’s economy.
Recently, S Krishnan, Ministry of Electronics and IT Secretary shared that the rules are likely to be out within the next six to eight weeks. The rules, according to him, will play a key role in the prevention of personal data leaks. The government is already exploring local storage of AI models to mitigate any risk associated with them and prevent the flow of data outside the country.
“We have received the comments, detailed comments on the rules. We are examining them rule by rule. We are examining what the comments are and if any changes are required. We may have to complete another process of internal consultation after that is completed. I would estimate it will take about six to eight weeks,” the Minister said during an event. MeitY released DPDP rules for public consultation from January 3 till March 5.
He also mentioned that the personal data leaks will be checked once the DPDP Act is brought into force.