The Information Technology Industry Council (ITI), which represents leading global technology firms including Apple, Google, Amazon, Meta, and OpenAI, has urged the government to delay the implementation of provisions surrounding restrictions on processing on children's data under the Digital Personal Data Protection (DPDP) Rules, 2025.
The industry group warned that the current age verification and parental consent requirements in the rules could present significant operational and compliance challenges. As ITI’s member companies operate some of the world’s most widely used digital platforms, their concerns carry significant weight.
Their other members include Anthropic, Nvidia, HP, IBM, Intel, Lenovo and so on.
In its submission, ITI highlighted that ensuring accurate and secure age verification remains a complex challenge worldwide.
“ITI urges the government to postpone the implementation of Rule 10, along with Section 9(1) of the DPDP Act, until the industry ecosystem is adequately prepared to comply in a cost-efficient and non-disruptive manner,” the group stated.
The group emphasised that India’s age verification framework should align with international best practices, pointing out that many countries set the age of consent for online services between 13-16 years old.
If postponement is not possible, ITI recommended that verifiable parental consent (VPC) apply only to users under 13, while for teenagers aged 13-17, the requirement should be limited to services that involve higher-risk processing activities.
Beyond children’s data, ITI raised concerns over other aspects of the DPDP Rules, including data breach reporting, government access to information, and cross-border data flows.
It called for a risk-based approach to Rule 7, arguing that requiring all breaches to be reported could overwhelm regulators and businesses.
On government access to data, ITI urged India to adopt globally recognised standards to ensure transparency and due process.
“The rule, as currently drafted, provides an excessively broad scope of government access without ensuring a robust, proportionate, and transparent process,” ITI stated in its submission.
ITI also expressed concerns that Rules 12 and 14 could introduce uncertainty in cross-border data transfers, potentially conflicting with the DPDP Act’s commitment to unrestricted data flows.
ITI Country Director for India Kumar Deep said, “The global tech industry has long been supportive of an approach to privacy policy and data protection that advances the interests of all stakeholders, including consumers, businesses, individuals, and governments. As MEITY officials continue to fine tune India’s privacy agenda, we urge them to consider issues ITI has highlighted, such as clear personal data breach reporting standards, removing potential restrictions on cross border data flows, and ensuring flexible and workable rules for processing children’s data."
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
