The Women and Child Development Ministry and the IT Ministry are expected to evaluate a platform’s privacy requirements for minors before granting exceptions. The central government may notify businesses of such exemptions.
According to The Indian Express, if certain businesses can process children’s data in a “verifiably safe” manner, they will not be required to comply with additional requirements for protecting children’s privacy under the upcoming data protection Bill.
This is a significant change from the proposed Digital Data Protection Bill, 2022, introduced last November, when the age of consent was hardcoded at 18 years old, requiring businesses to obtain parental consent before processing data of individuals under 18. The future Bill will likely use a graduated method to determine the age of consent on a case-by-case basis.
This was a crucial request from the sector, mainly social media businesses, as a hardcoded age of consent would have caused them to experience business disruptions due to the need to build up new processes for gaining parental consent for users under the age of 18—a crucial market segment for such services. However, it is consistent with data privacy laws in the West, where nations like the United States and the European Union specify a younger age for permission.
