CCI, Ministry of Electronics & IT take stock of challenges in data protection

New Delhi, Aug 28 (IANS) The Chairperson, Competition Commission of India (CCI) held a meeting with the Secretary, Ministry of Electronics and Information Technology (MeitY) on Thursday, to deliberate on issues relating to the Digital Personal Data Protection Act, 2023 (DPDP Act), and other matters such as the interface with competition law, according to an official statement.

The meeting concluded with the resolve to maintain regular interaction and consultation to address evolving issues and support India’s vision of a secure, competitive, and digitally empowered economy, according to the statement. Senior officials from the CCI and MeitY participated in the discussion, it said.

In digital economies, data serves as the foundational resource driving innovation, efficiency, and value creation across sectors. However, the centrality of data also gives rise to competition and privacy concerns. During the meeting, the rapid growth of the digital sector and the emerging challenges around data protection, competition, and consumer welfare were discussed. Presentations on provisions of the DPDP Act, the Competition Act, 2002, and the CCI’s work in digital markets were made.

The deliberations highlighted the shared commitment of the CCI and the MeitY towards ensuring a transparent, competitive, and innovation-friendly digital ecosystem, while safeguarding the interests of consumers and businesses alike. The meeting underscored the importance of a consultative regulatory approach between the CCI and the MeitY to ensure harmony between data governance and competition principles in light of emerging technological trends.

The CCI Chairperson reaffirmed the organisation's readiness to work closely with the MeitY on areas of mutual interest, noting that constructive dialogue and regulatory coordination will help in fostering trust, innovation, and resilience in India’s digital economy.

The DPDP Act provides a comprehensive framework for the protection of the digital personal data of individuals while making data fiduciaries accountable for personal data breaches.

Data fiduciaries are required to implement appropriate technical & organisational measures to prevent personal data breaches by taking reasonable security safeguards.

The 2023 Act is a comprehensive data privacy law to regulate the processing of digital personal data. It balances the rights of individuals to protect their personal data with the need for lawful data processing.

The draft Digital Personal Data Protection Rules, 2025, which aim to operationalise the act, were published for public consultation. A total of 6,915 feedback/inputs have been received from citizens and stakeholders.

--IANS

sps/vd