Companies that won’t be able to keep data safe from breachers will have to pay a fine upto Rs 500 crore
Draft Digital Personal Data Protection Bill (DPDP), 2022 recently got released. The Ministry of Electronics and Information and Technology (MeitY) may set it up to even Rs10,000 crore. Earlier the penalty amount was chosen as Rs 15 crore or 4 percent of the global turnover of the equity but the finalized amount came out to be Rs 500 crore.
The draft has proposed this amount of graded fine for data fiduciaries that will store and process data of its users as per the provisions of the Act. If the data processor fails at any place to protect data under its possession from breaches, the processor will have to pay a fine of Rs 250 crore. If processors won’t abide by rules and won’t inform the ministry about the breach they will have to face a Rs 200 crore, the draft noted.
The number of users affected by a breach of data will also play a crucial deciding factor in deciding the fine amount and it’s likely to go high as per their number.