Child Safe Digital Access: India's Digital Personal Data Protection Act

My working life started with the sound of a TCP-IP dial-up connection as we built an early-dotcom at the turn of the century, negotiated with an ad-serving start-up called DoubleClick and devoured stories of coming disruption. Google was yet to be born.

25 years later - the ubiquity of digital content is like the air we breathe. As a dad to a nine-year-old, I am constantly plagued by concerns about the detrimental effects of both poor air quality and excessive exposure to digital content. The romance of clear blue skies and well-meaning acquaintances once encountered online years back has faded. Yet, we have barely woken up to address the issue of digital dependency and the dangers it poses, particularly to children. The problem is difficult to acknowledge if the only one in the family who probably isn't looking at a digital device is the family dog (or cat).

Parental controls are available on various devices, platforms, and applications; however, not everyone utilises them, and children have discovered ways to bypass them when adults are preoccupied (or distracted on their devices).

India's new Digital Personal Data Protection Act effectively requires online age verification for personal data processing and parental consent for all below 18 years of age. If violations are detected, a regulatory fine of up to US$ 30 million per breach may be imposed within a 10-month compliance period. The reputational damage of a regulatory fine for even inadvertently targeting children may be even greater than the actual quantum of fines.

Stringent or not, the regulatory and reputational risks for anybody processing personal data of children, now defined as under 18 years of age under the new Act, are significant. For many in the industry, the pendulum of regulatory activism may have swung wildly but responding to it is now a strategic business imperative.

By leveraging the insights provided in our official submission to the government, made prior to the Act's implementation, the Act could undergo further strengthening and provide heightened clarity.

As businesses navigate through this recent policy change, parents and guardians face a significant responsibility of fostering discussions about digital content suitable for their children. It will be interesting to observe how it will unfold, as this is a crucial conversation that cannot be ignored.

The views expressed herein are those of the author(s) and not necessarily the views of FTI Consulting, Inc., its management, its subsidiaries, its affiliates, or its other professionals.

FTI Consulting, Inc., including its subsidiaries and affiliates, is a consulting firm and is not a certified public accounting firm or a law firm.